Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Edge 87.0.664.75 released
[German]Microsoft has published a security advisory on January 7, 2021, regarding another security update for the Edge browser. Microsoft had to close three vulnerabilities that were unpatched in Edge 86.0.664.57. Here is some brief information about it.
NSA security advisory on obsolete TLS configurations
[German]Information for administrators in server environments. Communication with (web) servers should be performed with current TLS 1.2 or TLS 1.3 encryption. Fallback to older TLS 1.0/1.1 or SSL standards should be removed. The US National Security Agency (NSA) has issued … Continue reading
News from the SolarWinds hack; JetBrains software as a gateway?
[German]It is currently being investigated whether the SolarWinds hack could have been carried out via the TeamCity software of the Eastern European company JetBrains. In addition, it became known that the SOLARBURST hackers had access to e-mail accounts of the … Continue reading
0patch fixes a Local Privilege Escalation 0-day in Sysinternals PsExec
[German]ACROS Security has released a micropatch for a Local Privilege Escalation 0-day vulnerability in the SysInternals tool PsExec for its 0patch agent. PsExec is used by administrators to perform tasks with system privileges.
FortiGuard: Vulnerabilities in FortiWeb (Jan. 2021)
[German]FortiGuard Labhas released a security alert covering several vulnerabilities, ranging from SQL injection to buffer ofverflow bugs. The vulnerabilities are found in FortiWeb Web Application Firewalls and are of medium severity.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Chrome 87.0.4280.141 with security fixes
[German]Google has updated the Google Chrome browser for Windows, macOS and Linux to version 87.0.4280.141 as of January 6, 20201. This update fixes 16 vulnerabilities.
Firefox 84.0.2 and 78.6.1 ESR released
[German]Mozilla developers have released version 84.0.2 and 78.6.1 ESR of the Firefox browser on January 6, 2021. These are security updates for the browser. Here is an overview of the updates.
File Read Vulnerability in VMware vCenter Prior to Version 6.5u1
Small note for users of VMware vCenter before version 6.5u1. If you are using older versions, you should update to 6.5u1. This is because there is a vulnerability that allows files to be read without authentication.
Zyxel backdoor (CVE-2020-29583) is actively exploited
In late December 2020, I had blogged about an undocumented user in Zyxel products (CVE-2020-29583), see my the blog post Undocumented User in Zyxel Products (CVE-2020-29583). The vendor has provided an update to remove this undocumented user that's a backdoor. … Continue reading
SolarWinds hack: Hacker goals; outsourcing are under investigation?
[German]More and more details about the SolarWinds hack are coming to light, and more and more questions are surfacing. There are a large number of people affected, raising the question of the attackers' targets. In addition, questions are growing louder … Continue reading