Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
0patch fixes a Local Privilege Escalation 0-day in Sysinternals PsExec
[German]ACROS Security has released a micropatch for a Local Privilege Escalation 0-day vulnerability in the SysInternals tool PsExec for its 0patch agent. PsExec is used by administrators to perform tasks with system privileges.
FortiGuard: Vulnerabilities in FortiWeb (Jan. 2021)
[German]FortiGuard Labhas released a security alert covering several vulnerabilities, ranging from SQL injection to buffer ofverflow bugs. The vulnerabilities are found in FortiWeb Web Application Firewalls and are of medium severity.
Chrome 87.0.4280.141 with security fixes
[German]Google has updated the Google Chrome browser for Windows, macOS and Linux to version 87.0.4280.141 as of January 6, 20201. This update fixes 16 vulnerabilities.
Firefox 84.0.2 and 78.6.1 ESR released
[German]Mozilla developers have released version 84.0.2 and 78.6.1 ESR of the Firefox browser on January 6, 2021. These are security updates for the browser. Here is an overview of the updates.
File Read Vulnerability in VMware vCenter Prior to Version 6.5u1
Small note for users of VMware vCenter before version 6.5u1. If you are using older versions, you should update to 6.5u1. This is because there is a vulnerability that allows files to be read without authentication.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Zyxel backdoor (CVE-2020-29583) is actively exploited
In late December 2020, I had blogged about an undocumented user in Zyxel products (CVE-2020-29583), see my the blog post Undocumented User in Zyxel Products (CVE-2020-29583). The vendor has provided an update to remove this undocumented user that's a backdoor. … Continue reading
SolarWinds hack: Hacker goals; outsourcing are under investigation?
[German]More and more details about the SolarWinds hack are coming to light, and more and more questions are surfacing. There are a large number of people affected, raising the question of the attackers' targets. In addition, questions are growing louder … Continue reading
Cyber security trends 2021
[German]To kick off 2021, I'd like to take a quick look at cybersecurity trends. What can we expect in the next 12 months in this regard, especially after many tasks were moved to the home office in 2020 as part … Continue reading
Retired: Enhanced Security Admin Environment (ESAE) Approach
[German]A brief note for admins responsible for security in Active Directory structures and 'secure workstations'. Microsoft has retired the Enhanced Security Admin Environment (ESAE) architectural approach to securing AD computer structures.
Good news: Most messaging apps are secure
With the Covid-19 pandemic forcing many countries to go into lockdown, people are having to talk to their friends and family or customers online rather than in person. The good news: Most messenger apps are secure, but be careful with … Continue reading