Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Category Archives: Software
French Kinomap app and the data leak
[German]French provider Kinomap suffers a data leak, where an unprotected database contained about 42 million records (40 GB) of user data was reachable unprotected on the Internet.
Security: Chromium Edge 81.0.416.64 released
Microsoft released a security update for the Chromium Edge browser on April 23, 2020 (see ADV200002). This update fixes the vulnerabilities CVE-2020-6458, CVE-2020-6459 und CVE-2020-6460. The new Chromium Edge can be downloaded from this website.
Backdoor: NSA and ASD warn of vulnerabilities
[German]The US secret service NSA and the Australian secret service have issued a joint warning. Hackers are increasingly trying to exploit unpatched vulnerabilities in products to infiltrate systems via web shell malware.
Cisco AnyConnect Secure Mobility Client Vulnerability CVE-2020-3153
[German]The Windows version of Cisco AnyConnect Secure Mobility client has a vulnerability in it's auto update, that can be misused for privilege escalation. A patch is available.
Four 0-day Exploits in IBM Data Risk Manager
[German]Security researchers have just revealed four unpatched vulnerabilities in IBM Data Risk Manager. The vulnerabilities were reported to IBM, but IBM rejected the report due to lack of formal requirements. Three vulnerabilities are considered critical.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Chrome 81.0.4044.122 with security fixes released
[German]Google released the update to Chrome 81.0.4044.122 on April 21, 2020. This is an unscheduled security update which closes several (critical) vulnerabilities.
Microsoft Security Advisories April 14, and 21, 2020
[German]Microsoft has published Security Advisories for a critical RCE vulnerability (CVE-2020-0905) in Microsofts Dynamics Business Central. And there are security advisories for an update to the Autodesk FBX Library and for an OpenSSL Remote Denial of Service vulnerability.
Posted in Security, Software, Update
Tagged ADV200004, ADV200007, CVE-2020-0905, Security, Software
Leave a comment
Sophos Firmware Sophos UTM 9.703 re-release this week?
Brief information for users of Sophos UTM. In mid-April 2020, in the article Stop: Don't install Sophos UTM 9.703 Firmware, I reported that the firmware update was pulled due to issues. Users should not install this update. Sophos has updated … Continue reading
RCE vulnerability in Foxit PDF Reader and PhantomPDF
[German]A remote code execution vulnerability exists in the two PDF programs Foxit PDF Reader and PhantomPDF. However, the vendor has already released updates to close the critical vulnerability – I had pointed this out. Now some more details have become … Continue reading
Approach to deactivate almost any antivirus program
[German]Security researchers from Rack911 Labs describe a technique that can be used to leverage and disable almost any antivirus software on Windows or macOS. Although some AV vendors has improved their products, it's not a good news for fans of … Continue reading