Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
FOSS LinuxBoot replaces UEFI on servers
[German]Vendors using Linux-Servers intends to move away from proprietary hardware with UEFI, Intel ME & Co. The free LinuxBoot is the answer to the UEFI glue of the commercial manufacturers, but is limited to the server area. Here is some … Continue reading
Windows: CVE-2018-8423; CVE-2018-8453, CVE-2018-8495
[German]In October 2018, Microsoft patched some vulnerabilities in Windows with updates. The vulnerability CVE-2018-8495 is now being actively exploited. For the (probably incompletely patched) vulnerability CVE-2018-8495 a Proof-of-Concept (PoC) is now available. And the vulnerability CVE-2018-8423 was probably patched. Here … Continue reading
DOM-XSS bug putsTinder, Shopify, Yelp & Co. at risk
Users of Tinder, Shopify, Yelp and others are threatened in their security. Security researchers at vpnMentor have discovered a DOM-XSS bug that allows them to extract information about other users via apps or websites concerned. Potentially 685 million users are … Continue reading
Apple: Ups, forgot to lock Intel ME on it’s notebooks
[German]It seems, that Apple has forgotten to lock the Intel Management Engine (Intel ME) against manipulation on some notebooks and left a maintenance mode open. This is the latest finding in Intel Management Engine research.
Trend Micro Business Endpoint: Windows 10 V1809 support
[German]A brief information for administrators in a business environment who use Trend Micro Business Endpoint (TMBE) and also use systems with Windows 10. Even though the rollout is currently stopped, the question is whether TMBE will be compatible with Windows … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Skype enables complete machine takeover in Debian
[German]It's a very unpleasant story: Skype enables the complete takeover of the system by Microsoft under Debian. If a private key is known, the system could be manipulated or malware included. You should not install Skype or install it in … Continue reading
Enigmail sends crypted e-mails in clear text
A fatal bug within the popular Thunderbird extension Enigmail can cause mails that shall be encrypted will be send in plain text. Anyone who relies on privacy and sends confidential or even secret information will risks that the mails can … Continue reading
Tor Browser 8.0.2
Tor developers released version 8.0.2 of the browser on October 2, 2018. Firefox is updated to 60.2.1esr and two bugs (Backport fix for Mozilla bug) are fixed.
Visual Studio 2015 Update 3: Security Advice
Microsoft has replaced the old update KB4456688 with the new security update KB4463110 for Visual Studio 2015 Update 3. Users of VS 2015 should install the new update.
Warning against Intel Extreme Tuning Utility (XTU) V6.4.1.23
[German]Intel offers the free Intel Extreme Tuning Utility (XTU) for tuning its CPUs. However, the tool is as night mare in terms of security and you should keep your hands off it. Here's a quick look under the hood to … Continue reading