Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Banking Trojan Mekotio Returns to Latin America
[German]Banking Trojan Mekotio returns in Latin AmericaCheck Point reports that the sophisticated banking Trojan Mekotio has returned in Latin America. In July this year, Spanish police had caught 16 suspects for money laundering related to the malware. Now the malware … Continue reading
Windows 10: Elevation of Privilege Vulnerabilities in Update Assistant; and CVE Revisions
[German]Short addendum from this week. Microsoft has issued a security warning for November 16, 2021. It states that the Windows 10 Update Assistant Elevation of Privilege has security vulnerabilities. Specifically, it is about two vulnerabilities CVE-2021-42297 and CVE-2021-43211. In addition, … Continue reading
Facebook's outage and identity management dependencies
[German]On October 4, 2021, there was a worldwide, six-hour IT outage at the U.S. company Facebook. What many users didn't have on their radar: The outage showed the dependencies many users and businesses have on Facebook identity management. Here's some … Continue reading
Edge 96.0.1054.29
[German]Microsoft has released a security advisory for the Edge browser as of November 19, 2021, updating the browser to version 96.0.1054.29. The update also addressed security vulnerabilities reported to the Chromium team.
Serious BIOS errors affect Intel CPUs
[German]Another addendum from this week. Intel has released a security advisory saying that its processors are affected by BIOS flaws. Potential vulnerabilities in the BIOS for some Intel processors could allow privilege escalation. Intel issues firmware updates via the board … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
ProxyNoShell: Mandiant warns of new attack methods on Exchange servers (Nov. 2021)
[German]Cyber attackers have been using three known vulnerabilities in Microsoft's Exchange Servers for months, for which updates have been available for months. Despite this, there are around 30,000 Microsoft Exchange Servers accessible via the Internet that are vulnerable to attack … Continue reading
Microsoft revealed Vulnerability CVE-2021-42306 in Microsoft Azure AD
[German]Microsoft has issued a security alert as of November 17, 2021, disclosing a vulnerability in Microsoft Azure AD. This allows information to be retrieved from the Microsoft Azure Actice Directory (AD).
Structures of Conti ransomware group exposed – payment infrastructure offline
[German]The PRODAFT Threat Intelligence (PTI) team has published a new report on the internal structures and inner workings of the Conti ransomware group. They are currently among the most dangerous ransomware criminals. Now, the infrastructure through which the ransomware group … Continue reading
WordPress: Sites hacked via plugin, shows fake ransomware claim (Nov. 2021)
[German]Currently, some operators of WordPress sites are caught on the wrong foot. The affected WordPress instances show a warning that the site is encrypted. A ransom of 0.1 Bitcoin is demanded for decryption. However, the WordPress instance is not encrypted, … Continue reading
CERT-Federation, USA, GB warns about attacks on Exchange and Fortinet
[German]German CERT-Bund currently warns against outdated Microsoft Exchange servers. In Germany, thousands of Exchange Servers 2010 with open OWA are still in operation. Security organizations in the United States and the United Kingdom are also sounding the alarm because Iranian … Continue reading