Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Stolen AAD key allowed (Storm-0558) wide-ranging access to Microsoft cloud services
[German]Microsoft had to admit on begin of July 2023 that suspected Chinese hackers from the Storm-0558 group were able to forge security tokens using a stolen private MSA key. Then then gain broad access to Microsoft cloud services, as Wiz … Continue reading
Thunderbird 115.0.1
[German]The developers of Thunderbird have already released another update of the email client to version 115.0.1 on July 20, 2023. It is a bug fix update, which should eliminate errors and a vulnerability.
CISA warns: Citrix NetScaler ADC is under attack via CVE-2023-3519
[German]The U.S. cybersecurity agency CISA is warning administrators of Citrix NetScaler ADC installations. Threat actors have begun exploiting the NetScaler ADC vulnerability CVE-2023-3519, disclosed a few days ago, to implant webshells. Administrators should look for signs of compromise. Kompromittierung suchen.
Security updates: Foxit PDF Reader and PDF Editor 12.1.3
Brief information for people who use Foxit PDF Reader and/or PDF Editor. There are vulnerabilities in older versions which will be fixed by a security update to version 12.1.3.15356 (thanks to the reader for reminding me). Details can be found … Continue reading
TP-LINK TL-WR840N: Vulnerability allows stack buffer overflow DOS
There is a vulnerability in the firmware of the TP-Link router TP-LINK TL-WR840N that allows a remote attacker to perform a stack buffer overflow DOS attack. TP-Link does not want to publish a security advisory for this, but has made … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
After CISA report on Storm-0558 hack, Microsoft provides customers with enhanced cloud logging
[German]At the suggestion of the U.S. National Security Agency (CISA), Microsoft will provide its customers with enhanced cloud logging capabilities at no additional cost. This is intended to improve cyber defenses and incident response and is in response to the … Continue reading
Outlook 2016: Links broken after update from July 11, 2023 (KB5002427) – Security warning appears when clicking links
[German]The security update KB5002427 for Outlook 2016 from July 11, 2023 (as well as the Click-2-Run updates of Office from the same date) cause an unpleasant bug. If the user wants to open links in Outlook 2016, the program displays … Continue reading
Google Chrome 115.0.5790.98/99 security updates
[German]Google has released updates to the Google Chrome browser 115 in the stable channel for Mac, Linux and Windows on July 18, 2023. They are security updates that will be rolled out in the coming weeks and should fix 20 … Continue reading
Critical RCE Vulnerability in Citrix NetScaler ADC and Citrix Gateway
[German]Brief warning to administrators of Citrix NetScaler ADC and Citrix Gateway. The vendor has issued a security advisory warning of a critical remote code execution vulnerability in the products. The vendor has released updates for the affected products, which administrators … Continue reading
Follow-up to the Storm-0558 cloud hack: Microsoft is still in the dark
[German]A suspected China-based hacking group, dubbed Storm-0558 by Microsoft, was able to gain access to email accounts of about 25 organizations in the Microsoft cloud. In a follow-up late last week, Microsoft followed up with a "comprehensive" text with some … Continue reading