Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
App 'Life360 Locator' is selling GPS location data since 2016
[German]This is probably a solid scandal – there is an app Life360 – Familie suchen, which is also available on Android in Germany has millions of users. The app allows family members to be tracked via their smartphone. Now it … Continue reading
Cyber attack on SPAR grocery stores in Yorkshire/England
[German]There was a successful cyber attack on SPAR stores in Yorkshire, England. Some of the stores had to close because payment systems could no longer be used and card payments were no longer possible. Here is some information about what … Continue reading
Android App Barcod Scanner with Trojan – opens random websites
[German]I became aware of this security case via a Facebook post. It's about the Android app Barcod Scanner. It seems the app have been infected with an adware Trojan during one of the latest updates. Smartphones of affected users, opens … Continue reading
Phishing attacks by state hackers via new RTF template injection technique
[German]Security vendor Proof Point observed three APT actors from India, Russia and China using a novel RTF template injection technique for phishing attachments to retrieve malicious content from a remote URL in 2021. The security researcher fear, that this technique … Continue reading
0patch fixes InstallerTakeOver LPE 0-day vulnerability in Windows
[German]The ACROS Security team around founder Mitja Kolsek has now developed and released the third micro-patch within two weeks for a vulnerability discovered by security researchers. The current micro-patch is about a 0-day InstallerTakeOver Local Privilege Escalation (LPE) vulnerability in … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Examples of virus mails from a compromised Exchange server
[German]I had warned here in the blog several times that unpatched Exchange servers are attacked by thread actors, and that they are abused to send spam after a takeover. A blog reader has now sent me a short info (thanks) … Continue reading
Windows 10/11: The risky "trusted" Apps-Installer – abused by Emotot gang
[German]Hoh hoh, folks, today we can open the second door in the Advent calendar and see what Microsoft has put in as a surprise for us. Today we find the AppX installer, which is used in Windows 10 and Windows … Continue reading
Europol arrests 1,803 money mules of Internet fraudsters
[German]Investigations by Europol and other law enforcement agencies uncovered a network of money mules that have been identified. The money mules laundered profits from online scams such as compromising business emails and forex fraud. In a joint operation with various … Continue reading
German CERT-Bund warns about vulnerable Exchange Server with OWA reachable from Internet
[German]It seems, that many vulnerable Microsoft Exchange servers are been used to play Russian roulette. German CERT-Bund has alerted a warning. They found about 12,000 Exchange Servers 2013/2016/2019, whose OWA is accessible via the Internet and which have at least … Continue reading
Microsoft Defender Version 1.353.1874.0 version 1.353.1874.0 incorrectly reports Emotet
[German]A brief note for administrators. Microsoft Defender reportes a PowEmotoet.SB infection has been blocked and quarantined and possibly triggers Microsoft Office? This is a false alarm, which was triggered by an update of the signature files to version 1.353.1874.0. Here … Continue reading