Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Kaseya allegedly demands NDA against decryption tool
U.S. manufacturer Kaseya was the victim of a supply chain attack, and as a result, systems belonging to about 1,500 customers were encrypted with ransomware. Kaseya said this week that it has a universal decryptor to decrypt customer files. Affected … Continue reading
Security Updates for Cisco Intersight Virtual Appliance
[German]Several vulnerabilities (CVE-2021-1600, CVE-2021-1601) exist in IPv4 and IPv6 forwarding in the Cisco Intersight Virtual Appliance. These vulnerabilities could allow an unauthenticated, adjacent attacker to access sensitive internal services through an external interface. However, Cisco has since provided security updates … Continue reading
Microsoft's mitigations of Windows PetitPotam NTLM relay attacks
[German]Yesterday, July 24, 2021, I had reported about a new attack vector called PetitPotam that can be used to take over Windows domain controllers by means of an NTLM relay attack (see my post PetitPotam attack allows Windows domain takeover). … Continue reading
Warning: Fake Windows 11 installer ships malware
[German]The curiosity about Windows 11 tempts some users to install pre-release versions on their computers. This is not a problem, as there are corresponding installation images directly from Microsoft for Windows Insiders as regular updates for Windows 10 machines. However, … Continue reading
LemonDuck and LemonCat malware boost activity
[German]LemonDuck and LemonCat is malware that both acts as a bot and mines crypto-money. LemonDuck can run on different platforms (Linux, Windows), threatening machines on corporate networks. According to Microsoft, this malware has been poorly documented so far, which is … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Discord is becoming more and more of a malware dump
[German]A report from security vendor Sophos indicates that cyber criminals are increasingly abusing the successful chat service Discord to host, spread and control malware. Most notably, the malware aims to grab data from Discord users. During the investigation period, it … Continue reading
PetitPotam attack allows Windows domain takeover
[German]There is a new attack vector called PetitPotam. This enables a threat actor to launch an NTLM relay attack on domain controllers. Ultimately, this can be used to take over entire domains. Since many organizations run domain controllers with Microsoft … Continue reading
News about Windows 10 vulnerability HiveNightmare
[German]Microsoft has revised the security advisory for the HiveNightmare vulnerability in Windows 10 (from version 1809) this week. I also have an analysis of the vulnerability from Sophos. And security researcher Kevin Beaumont had posted a proof-of-concept including description on … Continue reading
Microsoft Edge 92.0.902.55: Fixes vulnerabilities, causes freezes in PDFs
[German]Following the Chrome update, Microsoft has also updated the Edge browser and raised it to version 92.0.902.55 on July 22, 2021. The update fixes various vulnerabilities that have already been fixed in Google Chrome. Addendum: This Edge version causes a … Continue reading
Kaseya received universal decryption tool after ransomware attack
[German]Hope for victims of the supply chain attack on the US software manufacturer Kaseya, as a result of which the systems of around 1,500 customers worldwide were infected with ransomware and the stored data was encrypted. The manufacturer Kaseya has … Continue reading