Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
WinRAR vulnerability CVE-2023-40477: Also third-party software affected?
In my blog post WinRAR Code Execution Vulnerability CVE-2023-40477 I had mentioned a vulnerability in WinRAR, which has been fixed with the update to WinRAR version 6.23. Andreas Marx from AV-Test recently pointed out that basically all software that uses … Continue reading
Palo Alto: Ivanti Endpoint Manager Mobile Vulnerabilities Readback (August 2023)
[German]Vendor Ivanti has had to warn about critical vulnerabilities in its Endpoint Manager Mobile (EPMM) several times in recent weeks and issue security updates. The starting point for this flood of security reports was that Norway's government was hacked via … Continue reading
Windows Defender Credential Guard: Root cause of Windows 11 22H2 RDP issues?
[German]Since weeks, administrators have been complaining about problems with remote desktop connections that can occur on Windows 11 22H2. Microsoft announced in July 2023 that they are investigating the problem, and there is probably a workaround. Coincidentally, however, a blog … Continue reading
Duolingo: Leak with 2.6 million user records, check for 'Have I been Pwned' possible
[German]Vulnerabilities in the language learning app/platform API from Duolingo allows to scape user data. Now Troy Hunt has integrated a data set with information on 2.6 million Duolingo users into his platform 'Have I been Pwned'. And if I've noticed … Continue reading
CloudNordic: Ransomware, and suddenly the Danish cloud was knocked out
[German]Customers of Danish cloud provider CloudNordic have successfully learned what it means to share responsibility. The provider had a ransomware infection when moving to a new data center, so the cloud offering was completely knocked out for the clientele. The … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Google Chrome 116.0.5845.110/.111
[German]Google has released updates to the Google Chrome browser 116 in the stable channel for Mac, Linux and Windows on August 22, 2023. These are security updates that will be rolled out in the coming weeks and should eliminate 5 … Continue reading
Edge 116.0.1938.54 released, problems with ignored policies when logging in to user account?
[German]Microsoft has updated the Edge browser to version 116.0.1938.54 as of August 21, 2023. It is a new development branch that also brings new features and fixes vulnerabilities. In the meantime, however, I have a reader's report about problems with … Continue reading
New 0-day vulnerability CVE-2023-38035 in Ivanti Sentry
[German]I don't know if administrators of Ivanti Mobileron solutions can still hear it: The vendor is currently warning about a new 0-day vulnerability CVE-2023-38035 in Ivanti Sentry (formerly MobileIron Sentry). Versions 9.18, 9.17 and 9.16 are affected. Older editions are … Continue reading
Chrome warns about malicious applications in the future; extensions as top security risk
[German]Extensions for Google Chrome such as adblockers, price tracking extensions or spell checkers are convenient and quick to install. However, for security reasons, you should keep your hands off them, as the extensions can compromise online security. Google's developers have … Continue reading
Windows kernel fix for CVE-2023-32019 enabled for all (August 2023)
[German]Small addendum to the vulnerability CVE-2023-32019 in the Windows kernel. Microsoft had patched the relevant vulnerability on patchday (June 13, 2023), but had not armed it. The vulnerability CVE-2023-32019 can be used to obtain information. To enable the fix against … Continue reading