Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Windows: 0patch for 0-day URL File NTLM Hash Disclosure Vulnerability
[German]ACROS Security has discovered a vulnerability in Windows that has not yet been closed by an update and allows the disclosure of NTLM hash values via URL. ACROS Security has released an opatch micropatch to fix this vulnerability. Until Microsoft … Continue reading
30 Million protected links exposed by 'safe' link-sharing provider
Cybernews research found out, that a safe linking service accidentally leaked millions of links that were meant to be private and exposed who created them. Researchers discovered that Safelinking.net, a platform designed to protect and manage links, had publicly leaked … Continue reading
Retailer Medion victim of a cyber attack
[German]It seems that Medion, a German Lenovo subsidary, who offers electronic devices – for discounter like Aldi -has becom victim of a cyber attack. There are customers complaining about "delivery problems" with orders. And I have found information from Medion, … Continue reading
STIGA data leak (garden and sport tools)
[German]The company STIGA, active as a supplier in the field of robotic lawnmowers, gardening equipment and sporting goods, has suffered a data protection incident. A reader had made enquiries and received confirmation from the provider. Customer data has been leaked … Continue reading
Bootkitty: First Linux UEFI Bootkit
[German]ESET Research has discovered the first Linux UEFI boot kit and named it Bootkitty. This Linux UEFI boot kit was uploaded to Virustotal in early November 2024 and came to the attention of the security researchers.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Windows Server 2012: Unofficial 0patch fix for MoW 0-day vulnerability
[German]ACROS Security has developed a fix for a previously unknown 0-day vulnerability in the Mark of the Web security feature of Windows Server 2012 and Server 2012 R2. The fix is available to customers via a 0patch micro-patch and enables … Continue reading
Email bombing: A new spam campaign? Or a cover-up for a (black basta) attack?
[German]A German blog reader recently shared an observation from his IT department with me. An employee was bombed by a veritable wave of spam mail (more than 1,000/hour). All the emails had some kind of confirmation for a registration, which … Continue reading
Microsoft Exchange Server Nov. Updates Re-Release (27. Nov. 2024)
[German]Microsoft has re-released the pulled security updates for Microsoft Exchange Server 2016 and 2019 on November 27. With the first release, it turned out that the transport rules no longer worked after the update installation. Microsoft now believes it has … Continue reading
Deye deactivates solar inverters in USA, UK and Pakistan
[German]This is a critical issue that I have come across recently and illustrates the risk of IT shutdowns by vendors/manufacturers or countries. The Chinese manufacturer Deye, also represented in German balcony power plants and solar system installations with inverters, has … Continue reading
ChatGPT: Scam crypto API in source code proposal damages victims by $2,500
[German]Today, another incredible story that was passed on to me by a security expert. Someone tried to use ChatGPT to create code for an application that was supposed to be able to transfer cryptocurrency. Malicious code was built into it, … Continue reading