Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Is SimpleWall Firewall tool compromised?
[German]A short warning to the readers of this blog who use SimpleWall as a firewall or tool for configuring the Windows Filtering Platform. A reader has informed me that the software has probably been hacked. I didn't found a proof, … Continue reading
FAQ and script for secure boot protection against CVE-2023-24932 (Black Lotus)
[German]Microsoft has been trying for some time to secure the Secure Boot in Windows against the Black Lotus Boot Kit vulnerability CVE-2023-24932. Below is a short summary or FAQ, including the certificate to be exchanged in the boot media. And … Continue reading
Vulnerabilities in DigiEver DVRs are being exploited, no patch available
[German]DigiEver from Taiwan offers IP video surveillance based on Linux. Security researchers from TXOne discovered RCE vulnerabilities in DigiEver products back in July 2023. The provider does not provide updates because the devices have reached the end of support. Since … Continue reading
Fraud scam for WhatsApp contact requests
[German]Brief information for WhatsApp users among our readership (or to pass on to these users). The Lower Saxony Criminal Police Office (LKA) is warning of a new scam targeting WhatsApp users in Dec. 2024 and asking them to check their … Continue reading
Vulnerability CVE-2025-0514 in LibreOffice – Fix with LibreOffice 24.8.5
[German]The LibreOffice developers have released LibreOffice 24.8.5 to close a link vulnerability CVE-2025-0514. The vulnerability could allow links to be abused.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
IIS Crypto 4.0 released
[German]Nartac Software has already released version 4.0 of its small tool IIS Crypto on February 13, 2025. Support for Windows Server 2025 has been added, as well as support for the TLS_CHACHA20_POLY1305_SHA256 Cipher Suite.
Windows 10/11 and Server hardening: Timeline for 2025 and beyond
[German]A quick reminder that Microsoft is getting serious about hardening Windows clients and servers for the Kerberos protocol as early as February 2025. Microsoft has also introduced a string length limit to the Kerberos policy for host names. Here is … Continue reading
Multiple vulnerabilities in OpenSSH (Feb. 2025)
[German]Security experts from Qualys TRU have discovered two vulnerabilities in the OpenSSH software. In addition, an advisory on another vulnerability was published on February 11, 2024. OpenSSL 3.4, 3.3 and 3.2 are affected by this vulnerability, although upgrades to newer … Continue reading
Firefox 115 ESR: Windows 7/8.1 Support till September 2025
[German]Mozilla Firefox 115 ESR still runs on Windows 7 / 8.1 and has been in extended support for some time. It was previously known that the developers wanted to support this browser version until March 2025. The Mozilla developers have … Continue reading
Patchday: Microsoft Office Updates (February 4 and 11, 2025)
[German]On February 11, 2025 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for Microsoft Office 2016, as well as the C2R variants (Office 2016-2021 and 365) and other products. Updates were also released for February 4, … Continue reading