Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Google Chrome 92.0.4515.131 with security fixes
[German]Google has released Google Chrome 92.0.4515.131 for Windows, Mac and Linux on August 2, 2021. It is an update to version 92 that brings new features, but also fixes 10 vulnerabilities in older browser versions at once.
Windows 10 blocks unwanted applications (PUA) by default
[German]Starting in August 2021, Microsoft will block potentially unwanted apps (PUA) by default in Windows 10 21H1 (also Windows 11). The feature was already included in Defender, but will now be set to On by default, according to this post. … Continue reading
PetitPotam attacks on Windows blocked by RPC filters
[German]Security researchers recently disclosed a new attack vector called PetitPotam. By means of an NTLM relay attack, any Windows domain controller can be taken over. In the meantime, Microsoft has responded and published a security advisory about this security issue. … Continue reading
Google disables devices up to Android 2.3.7 for sign-in with a Google Account
[German]Owners of older Android devices with Android versions up to 2.3.7 will soon have to say goodbye. From September 27, 2021, Google will refuse to allow these devices to sign-in to their Google accounts. This has been announced last week … Continue reading
Spyware-like features found in China app Bejing One Pass
[German]Foreign companies operating in China need the Beijing One Pass app, to access a digital platform for managing government employee benefits. Now security specialists have found spyware-like features in this app and made that known.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Authentication Vulnerability CVE-2021-20090 in Arcadyan-based Routers and Modems
[German]Routers and modems from the Taiwan-based manufacturer Arcadyan have a CVE-2021-20090 vulnerability that can be used to bypass authentication. The routers and modems are sold under many trade names by other manufacturers.
27 U.S. Attorney's Offices Affected by SolarWinds Hack
[German]New information on SolarWinds supply chain attack on Orion software. Tens of thousands of companies and organizations around the world were compromised via the attack, which was suspected to be attributed to Russian state-related hackers. The U.S. Department of Justice … Continue reading
Microsoft Security Update Revisions (July 29, 2021)
[German]Brief information for Windows admins in the corporate environment. Microsoft has released the night of 7/29/2021 revised security updates to mitigate NTLM Relay attacks on Active Directory certificates and vulnerability CVE-2021-36934 (Windows Elevation of Privilege Vulnerability, HiveNightmare). I'll post it … Continue reading
Microsoft Edge 92: Security Baseline available
[German]Quick announcement for administrators in the corporate environment. As of July 26, 2021, Microsoft has announced the availability of the Security Baseline for Microsoft Edge version 92 (see the Techcommunity post Security baseline for Microsoft Edge v92). In the new … Continue reading
RemotePotato0: Privilege Escalation Vulnerability in Windows RPC Protocol
[German]Every Windows system is vulnerable to a specific NTLM relay attack that could allow attackers to escalate privileges from user to domain admin. This vulnerability has a status of "not being fixed" and was the subject of the PetitPotam approach … Continue reading