Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
RCE vulnerability in Cisco SPA112 2-port phone adapter, drop that device
[German]US provider Cisco warns in a message about a critical vulnerability in one of its phone adapters. This vulnerability allows an attacker to take control of the device. Unfortunately, affected users can only dispose of this phone adapter, since the … Continue reading
Edge 113.0.1774.35
Microsoft updated the Edge browser to version 113.0.1774.35 (security and bug fixes) on May 5, 2023 in the stable channel. According to the release notes, it fixes vulnerabilities from the Chromium project as well as two specific Edge vulnerabilities, CVE-2023-29350 … Continue reading
DNSteal: Data Exfiltration and Tunneling via DNS – Techniques and Detection
[German]A security topic that was not really on my radar: data theft through manipulation of the Domain Name System (DNS). The whole thing goes under the terms DNSteal and DNS Exfiltration. Roughly speaking, these are techniques that can be used … Continue reading
3 vulnerabilities discovered in MS Azure API management
[German]Security researchers from Israeli security vendor Ermetic have discovered three vulnerabilities in Microsoft's Azure API management. Two server-side request forgery (SSRF) vulnerabilities and an unrestricted file upload issue create risks for the Microsoft cloud environment. The vulnerabilities could be abused … Continue reading
SpecTor: Europol, FBI & Co. arrest 288 operators and customers of darknet drug marketplace
[German]In a coordinated action called SpecTor, Europol, the FBI and other law enforcement agencies arrested 288 operators and customers of a darknet platform where drugs were being transshipped. The operation covered 9 countries. Law enforcement authorities also seized the illegal … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Google Chrome 113.0.5672.63/.64 and more
[German]Google has released updates to Google Chrome Browser 113 in the stable channel for Mac and Windows on May 2, 2023. These are security updates that fix critical vulnerabilities. The Extended Channel and the app for Android have also been … Continue reading
Windows hardening: Guidances and key dates 2023
[English]Small reminder for administrators in the Windows environment. In 2023, Microsoft will continue to implement various hardening measures for Windows systems (DCOM authentication, Kerberos, Netjoin/Domain Join, etc.). These hardening measures will be rolled out in stages through monthly updates. Even … Continue reading
iOS 16.4.1(a): Rapid Security Responses Updates
[German]Apple has released an unscheduled security update (Rapid Security Response Update) for iOS to version 16.4.1 (a) on May 1, 2023. However, there are reports that there are problems with this special update on iPhones.
Google Authenticator: Backup of passcodes in Google Account; but end-to-end encryption is yet to come …
[German]It's a lesson in how things shouldn't really work. The Google Authenticator app enables two-factor authentication for online accounts. In order to be able to use a replacement device with the app if the phone is lost, Google has implemented … Continue reading
Windows 11: Defender LSA bug fixed by "removing settings", and more Defender/FASR issues …
[German]Microsoft's unconventional solution for the so-called LSA bug caused by a Defender update in Windows 11. Users got to see the message "Local Security Authority protection is disabled …", but could no longer enable this feature. After several "repair" attempts, … Continue reading