Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Using Ubiquiti Router with standard passwords? Reset your device after a spy network was unfold
[German]International law enforcement agencies (FBI, BKA etc.) have broken up a suspected Russian espionage network that was infecting routers from the manufacturer Ubiquiti. The spy network has been shut down last week. However, users of Ubiquiti routers should now reset … Continue reading
More than 28,500 Exchange servers vulnerable via CVE-2024-21410; more software affected?
[German]Since February 13, 2024, a vulnerability CVE-2024-21410 has been known, through which attackers can access NTLM hashes via Microsoft Exchange Server and then misuse them for NTLM relay or pass-the-hash attacks. I have now read that more than 28,500 Exchange … Continue reading
Google Chrome 122.0.6261.57/.58
[German]Google has released updates to the Google Chrome browser (branch 122) in the stable channel on February 20, 2024. The Extended Stable Channel has also received an update. The Android and iOS app of the Chrome browser have also been … Continue reading
Thunderbird 115.8.0
[German]The developers of Thunderbird have released another update of the email client to version 115.8.0 on February 20, 2024. It is an update that is intended to fix some bugs and vulnerabilities.
Zyxel ZLD5.37 Patch2; install immediately to fix vulnerabilities
Zyxel has released a security patch "ZLD5.37 Patch2" for its ZyWALL ATP, ZyWALL USG FLEX and ZyWALL VPN solutions on February 20, 2024, which closes the vulnerabilities CVE-2023-6397, CVE-2023-6398, CVE-2023-6399, CVE-2023-676 in the products. Details can be found in the … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
AnyDesk hack: Newly signed clients available; what are your experiences? – Part 12
[English]At the begin of February 2024, it became known that the provider of remote maintenance software, AnyDesk, was the victim of a hack of its production environment. I pointed out early on that the hack had already taken place in … Continue reading
Local Privilege Escalation vulnerability CVE-2024-035 in ESET products fixed
[German]On February 8, 2024, ESET updated some of its antivirus products at short notice. The information about a vulnerability was "on hold" until February 14, 2024. ESET has now published a security advisory confirming a Local Privilege Escalation vulnerability in … Continue reading
Security incident: 13,000 Wyze camera users see images of other users
[German]Security camera vendor, Wyze, recently experienced technical problems. Users reported that they were suddenly shown other people's camera images. The provider has now confirmed the security incident. Around 13,000 users were affected and were shown the camera data of other … Continue reading
Operation Cronos: FBI & Co. seized infrastructure of the Lockbit ransomware gang
[German]It has been known for a few hours that law enforcement officers have seized some of the Lockbit ransomware gang's infrastructure servers in an internationally coordinated operation (FBI, Europool, etc.) and taken control of them. Official information on "Operation Cronos" … Continue reading
New Teams 2.0 client doesn't ask for password for re-login
[German]A reader has pointed out to me that there is a behavior that should make it possible to bypass authentication with the user account on the client. Specifically, a third party can log in to the account again without entering … Continue reading