Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Has the Qualys blog been hacked? (July 2, 2024)
[German]Brief information about Qualys, a technology company offering cloud security and compliance services. The question arises as to whether their blog may have been hacked. Because there is currently an entry in Cyrillic advertising "Banknotes in the online casino". I … Continue reading
regreSSHion: Critical OpenSSH server vulnerability CVE-2024-6387
[German]A critical vulnerability CVE-2024-6387 has been disclosed in OpenSSH servers. The vulnerability, known as regreSSHion, allows remote unauthenticated code execution – and security firms have found over 14 million potentially vulnerable OpenSSH servers on the internet. However, the risk should … Continue reading
GrimResource: Windows XSS vulnerability exploited with .msc files
[German]There is a vulnerability in Windows that allows attackers to infect a system and search a network. Security researchers from Elastic uncovered this new infection technique in mid-June 2024 and dubbed it GrimResource. I was aware of this at the … Continue reading
Windows 10: 0patch provides 5 years of additional support
[German]Microsoft is planning to end support for Windows 10 in October 2025. After that, there will only be updates for paying customers of the ESU program. However, ACROS Security will use its 0patch agent to ensure that vulnerabilities in Windows … Continue reading
Microsoft: News from the Midnight Blizzard hack – customers may also be affected
[German]Microsoft's e-mail system (Exchange Online, Outlook.com) was compromised by hackers from the state group Midnight Blizzard Hackers. The hackers were able to read emails and also steal source code. Microsoft has now informed various customers that their e-mails could also … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
TeamViewer hacked (June 2024)
[German]The remote software vendor TeamViewer has fallen victim to a successful cyber attack. Unknown perpetrators (some says APT29) were able to infiltrate the internal IT environment and gain access to the network. However, the provider states that its product environment … Continue reading
Progress MOVEit Transfer: Attacks on vulnerability CVE-2024-5806
[German]The vulnerability CVE-2024-5806 was recently discovered in the Progress MOVEit Transfer software. Attacks on the CVE-2024-5806 vulnerability were observed shortly after this information was published. This brings back bad memories of a MOVEit Transfer vulnerability through which hundreds of companies … Continue reading
CosmicSting: Vulnerability CVE-2024-34102 put Adobe Commerce and Magento stores at risk
[German]Small addendum from last week. It has been known since the middle of the month that the vulnerability CVE-2024-34102 exists in Adobe Commerce and Magento online stores. Together with a Linux vulnerability, thousands of stores can be taken over by … Continue reading
Spoofing vulnerability allows emails to be sent under Microsoft's name
[German]An unpleasant story: There is a vulnerability in Microsoft's email services that allows third parties to send emails on behalf of Microsoft. As far as I know, Microsoft has confirmed this bug, but has not yet patched it. This means … Continue reading
Windows 11 24H2 may break some SMB NAS connections
[German]There are still a few days to go before Windows 11 24H2 is generally rolled out. However, the Windows Insider release preview builds show where there may be problems. One problem area is the SMB service or protocol, to which … Continue reading