Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
News about Windows 10 vulnerability HiveNightmare
[German]Microsoft has revised the security advisory for the HiveNightmare vulnerability in Windows 10 (from version 1809) this week. I also have an analysis of the vulnerability from Sophos. And security researcher Kevin Beaumont had posted a proof-of-concept including description on … Continue reading
Microsoft Edge 92.0.902.55: Fixes vulnerabilities, causes freezes in PDFs
[German]Following the Chrome update, Microsoft has also updated the Edge browser and raised it to version 92.0.902.55 on July 22, 2021. The update fixes various vulnerabilities that have already been fixed in Google Chrome. Addendum: This Edge version causes a … Continue reading
Kaseya received universal decryption tool after ransomware attack
[German]Hope for victims of the supply chain attack on the US software manufacturer Kaseya, as a result of which the systems of around 1,500 customers worldwide were infected with ransomware and the stored data was encrypted. The manufacturer Kaseya has … Continue reading
Sequoia: LPE Vulnerability CVE-2021-33909 in Linux
[German]Security researchers from Qualsys have discovered a Local Privilege Escalation (LPE) vulnerability CVE-2021-33909 in the filesystem layer of the Linux kernel. In addition, a second vulnerability CVE-2021-33910 has been discovered. Linux distributions such as Debian, Fedora and Ubuntu are vulnerable … Continue reading
Google Chrome 92.0.4515.107
[German]Google has released Google Chrome 92.0.4515.107 for Windows, Mac and Linux on July 20, 2021. It is an update to version 92 that brings new features, but also fixes 35 vulnerabilities in older browser versions at once.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
HiveNightmare: New details about Windows vulnerability CVE-2021-36934
[German]Windows 10 has a serious vulnerability CVE-2021-36934 as of version 1809, which allows the Security Accounts Manager (SAM) database to be read via VSS shadow copies. This opens the door for local attackers to gain privileges from administrators and potentially … Continue reading
Serious vulnerability in printer drivers from HP, Xerox and Samsung
[German]There has been a severe vulnerability CVE-2021-3438 in the printer drivers of the manufacturers HP, Xerox and Samsung (presumably only laser printers) for 16 years, which affects millions of devices. The vulnerability was reported to HP on February 18, 2021, … Continue reading
Windows 10 upgrade breaks SAM access rights from 1809 upward, user access possible
[German]It seems that Windows 10 feature updates from version 1809 up to the current version 21H1 change the access rights to the SAM database so that non-administrative users can access it. The cause could be the volume shadow copies (Shadow … Continue reading
USA, EU, NATO, Microsoft & Co. Blame China for Hafnium Exchange Hack
[German]At the end of February, beginning of March 2021, there was a massive attack on Microsoft Exchange Server (see Exchange server 0-day exploits are actively exploited), in which many thousands of instances were hacked worldwide. Even then, the attacks were … Continue reading
Windows Hello login bypassed via infrared photo
[German]Security researchers from CyberArk have managed to trick Windows 10's Hello login (also included in Windows 11) in terms of logging in via facial recognition. All they needed was an infrared photo of the face in question, used on a … Continue reading