Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Critical AMI-BMC vulnerability CVE-2024-54085 allows server takeover
[German]Brief warning or information for administrators who use AMI MegaRAC BMC. The company has already published a security warning on March 11, 2025. There is a critical vulnerability CVE-2024-54085 (CVSS v4 score of 10.0), which should allow a remote server … Continue reading
CISA warns of NAKIVO Backup & Replication vulnerability
[German]Does anyone in the readership use NAKIVO Backup & Replication for data backup? The US Cybersecurity Agency CISA has published a warning regarding a vulnerability in this solution. Administrators should apply the latest security updates.
Can an AI like DeepSeek create malware and keyloggers?
[German]Security experts are wondering whether large language models (LLMs), commonly known as AI solutions (AI), can be misused to create malware or keyloggers. Security researchers have tested this with the Chinese AI solution DeepSeek and were able to circumvent the … Continue reading
Progress Kemp LoadMaster (Load-Balancer) vulnerability CVE-2025-1758 (March 2025)
[English]Short addendum and note for administrators who use the load balancer LoadMaster from Progress Kemp. As of March 10, 2025, the provider has announced that the vulnerability CVE-2025-1758 has been closed by a security update.
Windows shortcut exploit used by state hackers as a 0-day since 2017
[German]Security researchers from the Trend Micro Zero Day Initiative (ZDI) point to a 0-day vulnerability ( ZDI-CAN-25373) in Windows, which has probably been exploited by 11 state-supported hacker groups from North Korea, Iran, Russia and China since 2017. Microsoft rated … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Veeam Backup & Replication RCE vulnerability CVE-2025-23120
[German]Warning for users of Veeam Backup & Replication. Vendor Veeam has informed it's customers on March 19, 2025 about a Remote Code Execution (RCE) vulnerability CVE-2025-23120 in various versions of the mentioned product. It can be abused in domain joined … Continue reading
Amazon Echo will send everything you say to Amazon servers from March 28, 2025
[German]The Amazon Echo smart speaker can also recognize voice commands. There are now reports that the device will send everything spoken to Amazon servers from March 28, 2025. This is said to have been announced to owners in the USA … Continue reading
Data protection problems at 45% of healthcare organizations
[German]Data protection is a critical item in healthcare organizations. It's not always solved in "the best way". Back in November 2024, I came across a study dealing with data protection in the healthcare sector. The frustrating statement: "45% of healthcare … Continue reading
Microsoft Update Catalog: Security risk due to privilege escalations (CVE-2024-49147)
[English]I'm posting another security alert here on the blog that I've had since mid-December 2024 but has "stuck". There was a critical vulnerability CVE-2024-49147 in the Microsoft Update Catalog that allowed privilege escalations in the Microsoft Update Catalog. This vulnerability … Continue reading
Cybersecurity comparison Europe / USA: More incidents in Europe
[German]I still have a report from the security researchers at CyberNews from the end of 2024, which looked at cyber security at companies in Europe and the USA. The surprising finding for me was that European companies suffer more security … Continue reading