Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Edge 116.0.1938.54 released, problems with ignored policies when logging in to user account?
[German]Microsoft has updated the Edge browser to version 116.0.1938.54 as of August 21, 2023. It is a new development branch that also brings new features and fixes vulnerabilities. In the meantime, however, I have a reader's report about problems with … Continue reading
New 0-day vulnerability CVE-2023-38035 in Ivanti Sentry
[German]I don't know if administrators of Ivanti Mobileron solutions can still hear it: The vendor is currently warning about a new 0-day vulnerability CVE-2023-38035 in Ivanti Sentry (formerly MobileIron Sentry). Versions 9.18, 9.17 and 9.16 are affected. Older editions are … Continue reading
Chrome warns about malicious applications in the future; extensions as top security risk
[German]Extensions for Google Chrome such as adblockers, price tracking extensions or spell checkers are convenient and quick to install. However, for security reasons, you should keep your hands off them, as the extensions can compromise online security. Google's developers have … Continue reading
Windows kernel fix for CVE-2023-32019 enabled for all (August 2023)
[German]Small addendum to the vulnerability CVE-2023-32019 in the Windows kernel. Microsoft had patched the relevant vulnerability on patchday (June 13, 2023), but had not armed it. The vulnerability CVE-2023-32019 can be used to obtain information. To enable the fix against … Continue reading
WinRAR Code Execution Vulnerability CVE-2023-40477
[German]I don't know how common WinRAR is among the blog readers. WiNRAR developers have fixed a critical code execution vulnerability (CVE-2023-40477) in the software. It is enough to open a compromised archive file to allow attackers to execute arbitrary code … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Data leak at NXP Semiconductors
[German]There has been a data leak at NXP Semiconductors, a manufacturer of electronic semiconductor components. The Dutch company is the 2006 spin-off of the semiconductor division of Royal Philips. Following the acquisition of Freescale, NXP is Europe's largest semiconductor manufacturer … Continue reading
PowerHell: Attention, unfixed vulnerabilities in the PowerShell gallery
[German]Security researchers from Aqua Security came across several vulnerabilities in Microsoft's PowerShell gallery some time ago. The vulnerabilities were then reported to Redmond, where unsuccessful attempts were made to fix the bugs with patches. Now the security researchers have gone … Continue reading
CISA warns of Citrix ShareFile RCE vulnerability CVE-2023-24489
The US security agency CISA warns about the Citrix ShareFile RCE vulnerability CVE-2023-24489 (CVSS score 9.1) and has added it to its vulnerability list. Citrix ShareFile is a widely used cloud-based file sharing application. The vulnerability being attacked in the … Continue reading
Defender for Endpoint: URL filtering broken?
[German]Quick question to my blog readers. I have received a report that URL filtering.in Defender for Endpoint is broken. In this context, it would be interesting to know if there are other people affected or if the reader is an … Continue reading
Microsoft's Storm-0558 cloud hack: US senator among the victims
[German]It's been a few days since it became known that members of the suspected Chinese cyber group Storm-0558 managed to break into the Exchange Online and private outlook.com accounts of 25 organizations. Now a US senator came forward with the … Continue reading