Category Archives: Security

Vendor Ubiquiti hacked, users should change passwords

[German]A note to users, the products of the US manufacturer Ubiquiti Networks. The latter has fallen victim to a cyberattack, although the scope is still unclear. Over the weekend, their cloud offering was briefly disrupted and Ubiquiti enforces a cloud … Continue reading

Posted in Security | Tagged | 1 Comment

Advertising

Kaspersky: SolarWinds Sunburst backdoor resembles Russian ATP malware

[German]A code analysis of the SolarWinds Sunburst backdoor by security researchers from Kaspersky fuels the suspicion that the originators are to be found in Russia. The code resembles malware attributed to Russian ATP groups in some parts. Advertising

Posted in Security | Tagged | Leave a comment

Email-based TA551 attack campaign

[German]Security researchers from Palo Alto Networks warn of a current email-based attack campaign TA551, which now also targets German-, Italian- and Japanese-speaking victims. Malware-infested email attachments are old hat – but I’m posting the warning here. Advertising

Posted in Security | Tagged | Leave a comment

Edge 87.0.664.75 released

[German]Microsoft has published a security advisory on January 7, 2021, regarding another security update for the Edge browser. Microsoft had to close three vulnerabilities that were unpatched in Edge 86.0.664.57. Here is some brief information about it. Advertising

Posted in browser, Security, Software, Update | Tagged , , | Leave a comment

NSA security advisory on obsolete TLS configurations

[German]Information for administrators in server environments. Communication with (web) servers should be performed with current TLS 1.2 or TLS 1.3 encryption. Fallback to older TLS 1.0/1.1 or SSL standards should be removed. The US National Security Agency (NSA) has issued … Continue reading

Posted in Security | Tagged | Leave a comment

Advertising

News from the SolarWinds hack; JetBrains software as a gateway?

[German]It is currently being investigated whether the SolarWinds hack could have been carried out via the TeamCity software of the Eastern European company JetBrains. In addition, it became known that the SOLARBURST hackers had access to e-mail accounts of the … Continue reading

Posted in Security | Tagged | Leave a comment

0patch fixes a Local Privilege Escalation 0-day in Sysinternals PsExec

[German]ACROS Security has released a micropatch for a Local Privilege Escalation 0-day vulnerability in the SysInternals tool PsExec for its 0patch agent. PsExec is used by administrators to perform tasks with system privileges. Advertising

Posted in Security, Software, Windows | Tagged , , | Leave a comment

FortiGuard: Vulnerabilities in FortiWeb (Jan. 2021)

[German]FortiGuard Labhas released a security alert covering several vulnerabilities, ranging from SQL injection to buffer ofverflow bugs. The vulnerabilities are found in FortiWeb Web Application Firewalls and are of medium severity. Advertising

Posted in Security, Software | Tagged , | Leave a comment
Advertising

Chrome 87.0.4280.141 with security fixes

[German]Google has updated the Google Chrome browser for Windows, macOS and Linux to version 87.0.4280.141 as of January 6, 20201. This update fixes 16 vulnerabilities. Advertising

Posted in browser, Security, Software, Update | Tagged , , | Leave a comment

Firefox 84.0.2 and 78.6.1 ESR released

[German]Mozilla developers have released version 84.0.2 and 78.6.1 ESR of the Firefox browser on January 6, 2021. These are security updates for the browser. Here is an overview of the updates. Advertising

Posted in browser, Security, Software, Update | Tagged , , | Leave a comment