Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Local Privilege Escalation Vulnerability (0-day) in all Windows Versions
[German]In all Windows versions, including Windows 11 and Windows Server 2022, there is an unpatched Local Privilege Escalation vulnerability. This should have been patched since August 2021, but the security update in question did not close the vulnerability completely. Fortunately, … Continue reading
Avast released Decryptor for AtomSilo, Babuk and LockFile
[German]There may be good news for victims of AtomSilo, Babuk and LockFile ransomware. Antivirus vendor Avast has managed to decrypt files encrypted by these malware. In response, the company has released a free decryptor (decryption utility) that victims can use … Continue reading
QNAP: Vulnerability in Media Streaming Add-on
[German]Users of a QNAP NAS system should check the device's firmware for updates. Several versions of the QTS operating system and QuTS hero Edition have a vulnerability in the media streaming add-on that is rated as High. In the meantime, … Continue reading
Suspected leading member of REvil gang identified in Russia
[German]After all, the REvil ransomware gang is notorious for many cyber attacks. After its infrastructure was dismantled by law enforcement, the group disappeared, came back, and disappeared again. But who are the masterminds or backers of this group. German investigators … Continue reading
Cyber attack on Eberspächer Group – workforce on short-time work
[German]The German based automotive supplier Eberspächer has probably fallen victim to a successful cyber attack on its IT systems. This was confirmed by the company on October 26, 2021, without disclosing any further details. However, since the workforce has been … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
WordPress: Vulnerability in Ninja Forms Plugin
[German]There is a new vulnerability in the WordPress plugin Ninja Forms that affects all versions up to 3.6.3. An SQL injection is potentially possible via the vulnerability, so that database queries via input fields are conceivable. The plugin provider released … Continue reading
State sponsored hackers from North Korea target IT supply chain
[German]The state hacker group Lazarus, attributed to North Korea, seems to have changed its strategy and is trying to attack software supply chains. It is possible that many dependent systems could be infected via such supply chain attacks. Security researchers … Continue reading
Russian APT29 group Nobelium hacked at least 14 IT service providers, according to Microsoft
[German]In this blog post, Microsoft accuses state-related Russian hackers from the APT29 group Nobelium of successfully attacking and hacking at least 14 IT service providers in 2021. The attacks consisted of phishing and password spraying campaigns. In the campaigns, the … Continue reading
Mozilla blocks malicious add-ons with 455,000 users
[German]Two add-ons named Bypass and Bypass XM, which together have about 455,000 users, have been blocked by Firefox developers. The background is that the add-ons abused the Firefox proxy API to redirect websites or block updates. Here is some information … Continue reading
Attacks on cloud software supply chains exacerbate enterprise threat landscape
[German]Security vendor Palo Alto Networks presented its Unit 42 Cloud Threat Report 2H 2021 before the end of last month. The conclusion is that attacks on software supply chains in the cloud are exacerbating the threat situation for companies. To … Continue reading