Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
0-day attack via Zoho vulnerability; patching is required
[German]The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns that hackers are exploiting a critical vulnerability in Zoho's password management solution ManageEngine ADSelfService Plus. The vulnerability allows attackers to take control of the system. The vendor has provided a security … Continue reading
Data leak with 87,000 FortiGate SSL VPN credentials used for attacks
[German]Another short information for administrators of FortiGate installations, which has been dangling with me for a few days. Unknown persons have created a collection of 87,000 FortiGate SSL-VPN credentials, which they are now using specifically to attack corresponding installations. CERT-Bund … Continue reading
MSHTML vulnerability CVE-2021-40444 more critical than known
[German]A few days ago, Microsoft disclosed a security advisory for the CVE-2021-40444 vulnerability in the MSHTML component included in Windows. It said there was an attempt to exploit the vulnerability in the wild via crafted Office documents. But Office users … Continue reading
Check Point discovers WhatsApp vulnerability in image filter
[German]Another brief security information for the few remaining WhatsApp users. Security researchers from Check Point have discovered a vulnerability in the WhatsApp image filter function that hackers could exploit. In the meantime, however, this vulnerability has been fixed with an … Continue reading
Next Azure container vulnerability allowed data theft
[German]Microsoft issued a warning to its Azure customers about a security vulnerability that could have allowed hackers to access data. The punchline: It involved containers whose code had a known vulnerability that had not been patched. Microsoft has now updated … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
WordPress 5.8.1 released
[German]WordPress 5.8.1 has been released as a maintenance update on September 8, 2021. The update fixed three vulnerabilities in WordPress versions between 5.4 and 5.8. Therefore, older were all WordPress versions since 5.4 also updated. Furthermore, a number of bugs … Continue reading
GhostScript 0-day vulnerability allows server compromise
[German]An unpatched vulnerability exists in GhostScript (up to v 9.50) that allows privilege escalation. Servers running the ImageMagick program are particularly at risk. These could be taken over by attackers. The vulnerability was discovered a year ago, but allegedly not … Continue reading
Attack via Office Documents on Microsoft MSHTML (ActiveX) RCE Vulnerability (CVE-2021-40444)
[German]Microsoft has issued a warning about the remote code execution vulnerability CVE-2021-40444 as of September 7, 2021. In campaigns, this vulnerability, which targets the MSHTML component of Internet Explorer, is exploited via compromised Office documents. Microsoft provides guidance on mitigating … Continue reading
Posted in browser, Office, Security, Windows
Tagged Internet Explorer, Office, Security, Windows
Leave a comment
Thunderbird 91.1.0
[German]In addition to the update of Thunderbird 78.14.0, the developers have also released Thunderbird 91.1.0 as of September 7, 2021. This is a maintenance and security update for the 91 development branch.
ProtonMail issues IP of a French activist to police
[German]Swiss-based email service ProtonMail offers end-to-end encryption of mails before they are sent to ProtonMail's server. ProtonMail is operated by Proton Technologies AG, which is based in Plan-les-Ouates (Canton of Geneva). Its servers are located in two locations in Switzerland, … Continue reading