Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Swedish Coop Group fell victim to Cactus ransomware in December 2023
[German]The Swedish Coop supermarket group has probably fallen victim to another cyberattack. I read a few days ago that the ransomware group Cactus, which has been operating since 2023, listed Coop as a victim on its Tor leak page. In … Continue reading
Google Chrome 120.0.6099.199/200
[German]Google has released updates of the Google Chrome browser in the Stable Channel for Mac, Linux and Windows to version 120.0.6099.199/200 on January 3, 2023. Version 120.0.6099.199 for Mac and 120.0.6099.200 for Windows were released in the Extended Stable Channel. … Continue reading
Undocumented Google OAuth function misused by malware for account hijacking
[German]There is an undocumented feature in Google's OAuth implementation that is being abused by several malware strains. These use an exploit that allows them to recover expired cookies. This allows them to then log in to online accounts, steal information … Continue reading
Microsoft disables ms-appinstaller protocol again; CVE-2021-43890 misused by ransomware
[German]Microsoft has disabled the MSXI ms-appinstaller protocol because it was being abused by malware groups. I remembered, that the vulnerability CVE-2021-43890 has been patched in Dec. 2021 and the protocol has been disabled long ago. Here is an overview of … Continue reading
Denial of Service vulnerability CVE-2022-44684 in Windows Local Session Manager (LSM)
[German]A brief security information. Shortly before Christmas, a warning popped up about a Denial of Service vulnerability in the Windows Local Session Manager (LSM). However, this DoS vulnerability with the CVE identifier CVE-2022-44684 is quite "strange". The identifier indicates that … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Security: Social Engineering and VPN access
[German]I often report on cyber attacks on companies here on the blog. In general, headlines about security incidents at large companies seem to be piling up. Fortunately, when companies release details about the incident, the security community can learn about … Continue reading
Asper Biogene: genetic data stolen from 10,000 Estonians
[German]Security and data protection incident in Finland involving patient health data. The genetic testing company Asper Biogene announced that unknown persons had accessed its database and the genetic data of around 10,000 people from Estonia who had applied for genetic … Continue reading
Barracuda ESG vulnerability CVE-2023-7102 (Dec. 2023)
[German]Barracuda has discoverd during an ongoing investigation that a threat actor is exploiting the CVE-2023-7102 vulnerability in the Barracuda Email Security Gateway Appliance (ESG). The use of a third-party library led to this vulnerability, which affected the Barracuda ESG appliance … Continue reading
Google Chrome now with Background Safety Check
[German]Another short piece of information from this week that affects users of the Google Chrome browser. Google has announced that a new "Safety Check" function is being rolled out in Chrome. This security function runs automatically in the background on … Continue reading
Edge 120.0.2210.91 with security fix
[German]Microsoft has released another security update for the Edge (Chromium) browser with version 120.0.2210.91 on December 21, 2023. Thanks to the readers for the information in the blog post Edge 120.0.2210.89: Mit Fixes, Neuerungen und Problemen.