Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Windows shortcut exploit used by state hackers as a 0-day since 2017
[German]Security researchers from the Trend Micro Zero Day Initiative (ZDI) point to a 0-day vulnerability ( ZDI-CAN-25373) in Windows, which has probably been exploited by 11 state-supported hacker groups from North Korea, Iran, Russia and China since 2017. Microsoft rated … Continue reading
Veeam Backup & Replication RCE vulnerability CVE-2025-23120
[German]Warning for users of Veeam Backup & Replication. Vendor Veeam has informed it's customers on March 19, 2025 about a Remote Code Execution (RCE) vulnerability CVE-2025-23120 in various versions of the mentioned product. It can be abused in domain joined … Continue reading
Amazon Echo will send everything you say to Amazon servers from March 28, 2025
[German]The Amazon Echo smart speaker can also recognize voice commands. There are now reports that the device will send everything spoken to Amazon servers from March 28, 2025. This is said to have been announced to owners in the USA … Continue reading
Data protection problems at 45% of healthcare organizations
[German]Data protection is a critical item in healthcare organizations. It's not always solved in "the best way". Back in November 2024, I came across a study dealing with data protection in the healthcare sector. The frustrating statement: "45% of healthcare … Continue reading
Microsoft Update Catalog: Security risk due to privilege escalations (CVE-2024-49147)
[English]I'm posting another security alert here on the blog that I've had since mid-December 2024 but has "stuck". There was a critical vulnerability CVE-2024-49147 in the Microsoft Update Catalog that allowed privilege escalations in the Microsoft Update Catalog. This vulnerability … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Cybersecurity comparison Europe / USA: More incidents in Europe
[German]I still have a report from the security researchers at CyberNews from the end of 2024, which looked at cyber security at companies in Europe and the USA. The surprising finding for me was that European companies suffer more security … Continue reading
Tarlogic Security detects unknown commands in ESP32 chip (BlueTooth, WiFi)
[German]A very unpleasant story that security researchers from Tarlogic Security have just revealed. There is a set of unknown commands that could be misused as a backdoor in a popular chip that has been built into millions of devices to … Continue reading
Exchange Online and MS365 problems due to vulnerability? (March 2025)
[German]Microsoft has been struggling with disruptions to its Microsoft 365 services and Exchange Online since February 2025, but is keeping quiet about the cause. I have received information that a bug or vulnerability in Microsoft Exchange Online has led to … Continue reading
Posted in Cloud, issue, Security, Software
Tagged Cloud, Exchange Online, Microsoft 365, Security
2 Comments
Vulnerability cause of Exchange Online and MS 365 problems since March 1, 2025?
[German]Microsoft has been struggling with cloud outages in Exchange Online and Microsoft 365, including the iOS Outlook app, since March 1st, 2025. At the same time, I have just come across information about the CVE-2024-49035 vulnerability on the Microsoft Partner … Continue reading
Patchday: Microsoft Office Updates (March 11, 2025)
[German]On March 11, 2025 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for Microsoft Office 2016, as well as the C2R variants (Office 2016-2021 and 365) and other products. No updates were released as of March … Continue reading