Category Archives: Security

SolarWinds hack in 2020: US Department of Justice knew 6 months in advance

Posted on 2023-04-29 by guenni

[German]Does anyone remember the supply chain attack on SolarWinds' Orion software in 2020? That sent shockwaves through the IT landscape as masses of IT systems were hacked. Now it comes out that the US Department of Justice noticed the incident … Continue reading →

Posted in Security, Software | Tagged Hack, Security, Software, SolarWinds | Leave a comment

Microsoft receives the German Big Brother Award 2023 for its "life's work"

Posted on 2023-04-29 by guenni

[German]Microsoft received the German Big Brother Award 2023 for its "life's work" yesterday, April 28, 2023, because it uses its market power to force people, companies and public authorities to constantly transmit data during their digital activities, thereby making themselves … Continue reading →

Posted in Office, Security, Software, Windows | Tagged Data protection, Microsoft, Privacy | Leave a comment

Zyxel: Security advisory for CVE-2023-28771 in firewalls

Posted on 2023-04-28 by guenni

Blog reader Liam had alerted me about vulnerability CVE-2023-28771 in Zyxel firewalls via email just a few days ago (thanks for that). An April 25, 2023 post states that improper handling of error messages occurs in Zyxel ZyWALL/USG series firmware … Continue reading →

Posted in Security, Software | Tagged Security, Software | Leave a comment

SonicOS SSLVPN: CVE-2023-1101 at MFA – new firmware for Gen6 firewalls (6.5.4.12-101n)

Posted on 2023-04-28 by guenni

[German]Reminder for administrators using Sonic Wall products. There is a critical vulnerability in SonicOS SSLVPN that allows an authenticated attacker to use excessive MFA codes. The vulnerability, CVE-2023-1101, received a CVSS v3 index of 4.3 from SonicWall on March 28, … Continue reading →

Posted in Security, Software | Tagged Security | Leave a comment

Apache Superset: CVE-2023-27524 allows Remote Code Execution (RCE)

Posted on 2023-04-27 by guenni

[German]Brief note for users who deploy Apache Superset in their environment. There is a problem in the default configuration that the software can be attacked via remote code execution vulnerability. This becomes a problem if the server is accessible via … Continue reading →

Posted in Security, Software | Tagged Security, Software | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Microsoft Edge feature "Follow creators" sends nerly all visited website URLs to Bing API

Posted on 2023-04-27 by guenni

[German]There are reports, that the Microsoft Edge browser is transmit the URLs of all websites visited by the user to the API of Microsoft's search engine Bing. The "Follow creators" feature, which is now being rolled out more broadly for … Continue reading →

Posted in browser, Security | Tagged Edge, Privacy | Leave a comment

Windows 10/11: Microsoft has published a fix for OOBE Bitlocker Bug

Posted on 2023-04-23 by guenni

[German]Microsoft does promote Bitlocker for encrypting drives under Windows. But there are always bugs that prevent encryption or allow third parties unauthorized access to encrypted drives. A Microsoft supporter has now revealed a case where Bitlocker is not enabled in … Continue reading →

Posted in issue, Security, Windows | Tagged Bitlocker, issue, Windows 11 | Leave a comment

Microsoft Defender Threat Intelligence now with hash and URL search

Posted on 2023-04-23 by guenni

[German]Small addendum: Microsoft expanded its Microsoft Defender Threat Intelligence (Defender TI) this week. Defender TI now includes functions that allow logged-in users to check file hash values. It also adds support for a URL search. This should allow security managers … Continue reading →

Posted in Security | Tagged Security | Leave a comment

Nearly two-thirds of XIoT vulnerabilities remotely exploitable

Posted on 2023-04-23 by guenni

[German]From a security perspective, I think we're in for a disaster – I've had Claroty's State of XIoT Security Report: 2H 2022 for a few days now. It does show the positive impact of increased vulnerability research and increased vendor … Continue reading →

Posted in devices, Security | Tagged Security | Leave a comment

Trend Micro Endpoint UMH component collides with Windows April 2023 updates

Posted on 2023-04-20 by guenni

[German]As of April 11, 2023, Microsoft has released a slew of security updates for the still-supported versions of Windows, some of which address critical vulnerabilities. Administrators and users running Trend Micro Endpoint on Windows need to be wary of the … Continue reading →

Posted in Security, Software, Windows | Tagged Patchday 4.2023, Trend Micro, Update, Windows | Leave a comment

Category Archives: Security

SolarWinds hack in 2020: US Department of Justice knew 6 months in advance

Microsoft receives the German Big Brother Award 2023 for its "life's work"

Zyxel: Security advisory for CVE-2023-28771 in firewalls

SonicOS SSLVPN: CVE-2023-1101 at MFA – new firmware for Gen6 firewalls (6.5.4.12-101n)

Apache Superset: CVE-2023-27524 allows Remote Code Execution (RCE)

Why ISL Online: Critical factors when choosing a remote desktop solution

Microsoft Edge feature "Follow creators" sends nerly all visited website URLs to Bing API

Windows 10/11: Microsoft has published a fix for OOBE Bitlocker Bug

Microsoft Defender Threat Intelligence now with hash and URL search

Nearly two-thirds of XIoT vulnerabilities remotely exploitable

Trend Micro Endpoint UMH component collides with Windows April 2023 updates

Translate

Blogs

Links

Social networks

Awards

Sponsors