Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Fortinet fixes critical RCE bug in Fortigate SSL VPNs (June 2023)
[German]Fortinet has released an update to the firmware for its Fortigate SSL VPNs on June 9, 2023. But they don't think they mentioned that this firmware update should be installed urgently, as it closes a critical RCE vulnerability in the … Continue reading
MOVEit Transfer: New vulnerability; patch urgently!
[German]Administrators responsible for supporting Progress Software's MOVEit managed file transfer (MFT) solution need to respond again. After the SQL injection vulnerability CVE-2023-34362, which was exploited by a ransomware group and became public at the end of May 2023, comes the … Continue reading
Varonis warns about Salesforce sites no longer in use
[German]Varonis security researchers have discovered a problem associated with Salesforce sites that are orphaned and no longer in use. Varonis Threat Labs security researchers have discovered that improperly disabled Salesforce sites, known as ghost sites, continue to retrieve current data … Continue reading
Facebook clickbait: Scammers use Google Cloud Run to trick users
[German]Online criminals are constantly thinking of ways to trap victims via social media platforms. The main goal is to get users to click on malicious links. In doing so, they often lurk in the background and use sophisticated tactics to … Continue reading
Barracuda says exchange your "Email Security Gateway Appliance (ESG)" immediately
[German]Another short topic, which has been a bit delayed due to holidays. The manufacturer Barracuda is asking administrators of its Email Security Gateway Appliance (ESG) to replace the devices immediately. The background is a vulnerability in the ESG models, which … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Gigabyte firmware update for motherboards closes vulnerability (June 2023)
[German]Owners of a computer with a motherboard from the manufacturer Gigabyte can now update the board's firmware. The update provided by the manufacturer is supposed to eliminate a serious vulnerability. The vulnerability, which is present in about 260 motherboard models, … Continue reading
Firefox 114.0 and 102.12.0 esr released
[German]Mozilla's developers have released the versions 114.0 and 102.12.0 ESR of the Firefox browser on June 6, 2023. The ESR versions are maintenance updates that are supposed to fix bugs. Firefox 114 is a new development branch. In both updates, … Continue reading
Google Chrome 114.0.5735.106/.110 closes 0-day
[German]Google has released updates to Google Chrome browser 114 in the stable channel for Mac, Linux and Windows as of June 5, 2023 (thanks to the reader for pointing this out). They are security updates that fix a critical vulnerability … Continue reading
Trend Micro: Minimum Windows Requirements for ACS (Azure Code Signing)
[German]Trend Micro released a document in late May 2023 that addresses the minimum Windows requirements for Azure Code Signing (ACS) for Worry-Free Business Security (on-premises) and Worry-Free Business Security Services (WFBS-SVC).
Lace Tempest/Clop ransomware gang exploits MOVEit vulnerability CVE-2023-34362
[German]The SQL injection vulnerability CVE-2023-34362 in the Managed File Transfer (MFT) solution MOVEit has been known for a few days. This vulnerability has been exploited by attackers for some time and security authorities are now warning about the risks of … Continue reading