Category Archives: Software

Sophos XG Firewall: RCE vulnerability (CVE-2022-3236)

Posted on 2022-09-26 by guenni

[German]Vendor Sophos warns about a remote code execution vulnerability in its firewall. There is a code injection vulnerability in the Sophos XG Firewall user portal and web admin (UTM products not affected). This vulnerability is already being exploited in a … Continue reading

Posted in Security, Software | Tagged , | Leave a comment
Advertising

WhatsApp: Two vulnerabilities allow remote code execution

Posted on 2022-09-26 by guenni

[German]Meta subsidiary WhatsApp warns about two vulnerabilities in its apps for Android and iOS that put users' security at risk. Both vulnerabilities allow remote code execution – so the apps should be updated promptly. Advertising

Posted in Security, Software | Tagged , | Leave a comment

How to find weak passwords in Active Directory and eliminate them with PowerShell

[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...

How to find weak passwords in Active Directory and eliminate them with PowerShell

Posted on 2022-09-23 by guenni

Advertising – Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate … Continue reading

Posted in Security, Software | Tagged , , | Leave a comment
Advertising

WSUS chaos: Preview updates for Windows and Net withdrawn as superseded on 9/21/2022

Posted on 2022-09-23 by guenni

[German]Small addendum from this week. Microsoft had released several preview updates for Windows 10, Windows 11 and Windows Server 2019/2022 as well as .NET Framework on September 20, 2022. However, it looks like Microsoft withdrew these updates from WSUS (and … Continue reading

Posted in Software, Update, Windows | Tagged , , | Leave a comment

Thunderbird 102.3.0 released

Posted on 2022-09-21 by guenni

[German]The developers of Thunderbird have released another update to the email client to version 102.3.0 as of September 20, 2022 (thanks to the reader for pointing this out). It's a bug-fix update, which is supposed to fix a number of … Continue reading

Posted in Security, Software, Update | Tagged | 1 Comment
Advertising

Rockstar Games leak: source code and many game videos published after hack

Posted on 2022-09-19 by guenni

[German]Game developer Rockstar Games was hacked. Now a user on GTAForums has posted 90 video taken from a test build of Grand Theft Auto 6. The hacker also claims to have the source code of GTA 5 and 6. The … Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Microsoft Teams stores authentication tokens as plain text in Windows, Linux, Macs

Posted on 2022-09-18 by guenni

[German]The desktop app for Microsoft Teams stores authentication tokens as plain text on the Linux, macOS, and Windows platforms. This allows attackers to access accounts using these tokens even if multi-factor authentication (MFA) has been enabled. Customers should rely on … Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Bitdefender has released a Decryptor for LockerGoga encrypted files

Posted on 2022-09-17 by guenni

[German]Small note for people who have fallen victim to LockerGoga ransomware. Bitdefender has informed me that the company has released a universal decryptor. This allows victims of all previous LockerGoga ransomware attacks to recover their encrypted files.  Europol, the NoMoreRansom … Continue reading

Posted in Security, Software | Tagged | Leave a comment
Advertising

Microsoft Edge 105.0.1343.42

Posted on 2022-09-17 by guenni

Microsoft has updated the Edge browser in the stable channel to version 105.0.1343.42 on September 15, 2022. The release notes don't reveal much – Chrome security fixes have been integrated into the new version. Advertising

Posted in browser, Software, Update | Tagged , | Leave a comment

Update for Exchange Extended Protection script, but still errors

Posted on 2022-09-16 by guenni

[German]August 2022 security updates for Microsoft Exchange (on-premises solution) requires, to enable Extended Protection (EP) to close all vulnerabilities. The activation is done via script, which Microsoft provided – but this script caused isses. Now Microsoft has released an updated … Continue reading

Posted in Security, Software | Tagged , | Leave a comment