Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Security
Hackers attack WordPress via unpatched Elementor Pro plugin
WordPress administrators using the Elementor Pro plugin should urgently check if it is up to date and if WordPress has already been compromised (e.g. check urlscan.io to see what connections are going down). On March 18, 2023, NinTechNet security researcher … Continue reading
Vulkan Files Exposes Russia's Cyberwar Strategies
[German]Files leaked from a whistle blower to German news magazine Süddeutsche Zeitung show how Russia under Putin is planning cyberwar. An evaluation by a media collective shows: Train and air lines are to be attaced, as well as energy supply … Continue reading
World Backup Day March 31, 2023
[German]March 31st of every year is "World Backup Day", and it's to remind people of the importance of backups. To mark the day, a little kaleidoscope of information around this topic.
QNAP QTS update closes vulnerabilities (March 29, 2023)
[German]As of March 29, 2023, manufacturer QNAP has published a security advisory for its QTS operating system. With an update of the QTS software, the manufacturer closes the vulnerabilities CVE-2022-3437, CVE-2022-3592, CVE-2022-27597, CVE-2022-27598, CVE-2022-42898, CVE-2023-22809. Here is a brief overview … Continue reading
Thunderbird 102.9.1
[German]The developers of Thunderbird have released another update of the email client to version 102.9.1 on March 28, 2023. It is a bug fix and security update, which should eliminate vulnerabilities.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Bi(n)gBang: Microsoft Azure vulnerability allows Bing search hijacking and Office 365 data theft
[German]A nice case about the risk of the cloud. Microsoft 's Azure may have allowed a misconfiguration of some apps or services. As a result, attackers could potentially inject malicious code into Bing search results pages to manipulate them. It … Continue reading
Deprecated Remote PowerShell gets reprieve in Exchange Online
[German]To force administrators of Exchange instances to the more secure PowerShell v3 modules, Microsoft plans to discontinue Remote PowerShell (RPS) in Exchange Online. It was supposed to be disabled for all customers starting June 2023 – and already on April … Continue reading
Microsoft confirms: Defender has flagged legitimate URLs or files as malicious (DZ534539)
[German]Have you had more frequent messages from Microsoft Defender blocking legitime URLs the last few days when accessing websites? Or was the access to files blocked because of alleged malware? Microsoft has now confirmed that there was an issue and … Continue reading
3CX desktop app (probably) infected in a supply chain attack (March 29, 2023)
[German]Warning to customers of phone system provider 3CX. Its 3CX Desktop app has probably been infected with malware via a supply chain attack. At least, that's what various reports from security companies as well as posts on reddit.com suggest. Here's … Continue reading
Exchange Online blocks mail from on-premises Exchange servers with vulnerabilities
[English]Microsoft has just unveiled a new security policy for Exchange Online that can block the acceptance of email from insecure on-premises Exchange servers (in hybrid environments). The administrators in question will receive a notification that the on-premises Exchange server is … Continue reading