Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Microsoft Defender: Download Feature removed …
[German]But that was only a very short guest performance. Microsoft had added this 'cool' download feature to its Defender. But security experts wasn't amused about that. All of a sudden the download feature is gone again …
Firefox Send has been abandoned
[German]Short information for users of the service Firefox Send. Mozilla is now finally abandoning Firefox Send and stopping this service. The reason is abuse for malware spreading and spear phishing.
0patch fixes Zerologon (CVE-2020-1472) vulnerability in Windows Server 2008 R2
[German]ACROS Security has released a micropatch for the vulnerability CVE-2020-1472 (Zerologon) for Windows Server 2008 R2. This vulnerability is only closed by Microsoft starting with Windows Server 2012 R2.
Ransomware attack in German hospital ends deadly for a women – blame Shitrix vulnerability
[German]The cyber attack on the University Hospital Düsseldorf (UKD) last week turns out to be a ransomware attack, as I suspected. The clinic was probably a random victim, but now the public prosecutor's office is investigating, since a patient died … Continue reading
Exchange Server: Remote Code Execution Vulnerability CVE-2020-16875
[German]Administrators of Microsoft Echange Server should take care of patching the remote code execution vulnerability CVE-2020-16875. The details or exploits have now been published. But patches has been available since September 8, 2020.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Microsoft 365: Multi-factor authentication bypassed
[German]That does not sound very good. Newly discovered vulnerabilities in Microsoft 365 make it possible to bypass multi-factor authentication. Security researchers from Proofpoint have just released this information.
Windows Server: Zerologon vulnerability (CVE-2020-1472) allows domain hijacking
[German]Security researchers have uncovered a vulnerability in all versions of Windows Server that allows domain transfer with a simple approach. This vulnerability, called Zerologon (CVE-2020-1472), was closed with the security updates of August 2020. Those who have not yet installed … Continue reading
0patch fixes CVE-2020-1380 in Windows 7/Server 2008 R2
[German]ACROS Security has released a micropatch for the vulnerability CVE-2020-1380 (Internet Explorer scripting engine memory corruption ) for Windows 7 and Server 2008 R2 (without ESU license). The vulnerability is now being exploited.
Data leak at online shop windeln.de
[German]German online shop windeln.de operated an insecure Elastic-Search server so that the personal data of 700,000 customers could be accessed via Internet. Here are details what I know so far (what the security researcher has told me).
Mailfire data leak reveals data from adult sites
[German]There is once again a data leak to report, but it is likely to be minor for those affected – because security researchers have discovered the data leak. The marketing company Mailfire acting on Cyprus revealed data of over 70 … Continue reading