Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Data leak exposes data of registered Virustotal customers
[German]The web service virustotal.com (founded by the Spanish company Hispasec Sistemas, taken over by Google), which has been operated by Google since 2012, is popular among security researchers and companies for checking suspicious files for malware. However, there are warnings … Continue reading
Azure Virtual Desktop: Private Link available
[German]A small addendum for administrators of Microsoft's Azure Virtual Desktop: Redmond announced last week that so-called "private links" are now generally available in Azure Virtual Desktop. This should increase the security of connections to Azure Virtual Desktop instances. This is … Continue reading
Azure Hack? Strange Azure AD IP 20.119.0.42:443 "safe-hse.com" alerted on June 13, 2023
[German]On June 13, 2023, a blog reader received a message from Defender for Endpoint (ATP). He was notified that there was an outbound connection to IP 20.119.0.42:443 associated with a hacking group "Storm-0900". Later another reader mentioned such an alert. … Continue reading
Exchange Online: Client Credential Flow for SMTP AUTH available (July 2023)
[German]Quick addendum from this week: Microsoft's Exchange team has already announced the availability of Client Credential Flow (CCF) for SMTP AUTH in Exchange Online on July 10, 2023. Client Credential Flow (CCF) for SMTP AUTH enables applications to use modern … Continue reading
WordPress plugin All-In-One Security (AIOS) 5.1.9 with severe vulnerability
[German]WordPress users who are still using the plugin All-In-One Security (AIOS) in version 5.1.9 should react immediately. UpdraftPlus, the maintainer, has issued a security alert because the plugin was storing user login passwords in plain text in the database.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Critical RCE Vulnerability CVE-2023-36664 in GhostScript affects Linux, Windows etc.
[German]A security researcher has developed a proof of concept to exploit a remote code execution vulnerability CVE-2023-36664, rated critical (CVSS score 9.8), in the widely used (for PostScript and PDF displays) GhostScript software. Both Linux and Windows systems are threatened … Continue reading
HTML RCE Vulnerability CVE-2023-36884 Allows Office and Windows System Takeover
[German]Short addendum regarding security. As of July 11, 2023 (patch day), another 0-day vulnerability (CVE-2023-36884) has become public, which allows remote code execution in Microsoft Windows and Office. The vulnerability has already been exploited by hackers from the group Storm-0978 … Continue reading
China hacker (Storm-0558) accessed Outlook accounts in Microsoft's cloud
[German]A suspected China-based hacking group, which Microsoft refers to as Storm-0558, has managed to gain access to email accounts of about 25 organizations. These include government agencies (US State Department), as well as corresponding private accounts of people who are … Continue reading
Microsoft Office Updates (July 11, 2023)
[German]On July 11, 2023 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for still-supported Microsoft Office versions and other products. With the April 2023 patchday, support for Office 2013 ended – but vulnerabilities were still closed … Continue reading
Windows: Malware still loadable in kernel drivers (RedDriver attack)
[German]Microsoft's measures to prevent the loading of malicious kernel drivers don't seem to be working at all. I've had the issue on my radar for weeks, because the driver block list doesn't really seem to work. Now security researchers at … Continue reading