Veeam warns of critical RCE vulnerability CVE-2024-4071 in Backup & Replication

Posted on 2024-09-06 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Veeam warns of a critical RCE vulnerability in Backup & Replication. Blog reader j. pointed out the vulnerability yesterday in the discussion area (thanks for that) – but I had already heard about it elsewhere. The vulnerability CVE-2024-4071 was classified with a CVSS index of 9.8, so it should be fixed as soon as possible. Veeam has therefore published corresponding updates to its Backup & Replication software to close these vulnerabilities. But there are other vulnerabilities in various products. Here is a brief overview of this topic.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Password spraying attacks on (Sophos) firewalls from IP 92.53.65.166

Posted on 2024-09-06 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[English]Brief information for administrators of Sophos firewalls – a reader has informed me that since September 5, 2024, he has been observing increased attempts to attack his Sophos firewalls. And the VPN portal in particular is being flooded with login versions via port 443. The IP from which the attacks are being launched points to Russia. There are indications that hackers are trying to access corporate networks via cracked VPN accesses. Here is the information I have.

Continue reading

Posted in Security | Tagged , | 2 Comments

Zyxel Security Advisory September 2024 – Vulnerabilities in routers

Posted on 2024-09-05 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Zyxel has released security updates to close a critical vulnerability in several of its business routers. These vulnerabilities, rated with a CVSS v3 score of 9.8, may allow unauthenticated attackers to inject operating system commands. Updates are available to close the vulnerabilities.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Windows 11/Server 2024 SMB Security-Hardening

Posted on 2024-09-05 by guenni

Windows[German]In anticipation of the upcoming releases of Windows 11 24H2 and Windows Server 2025 at the end of August 2024, Microsoft has published a tech community article on the topic of "SMB Security Hardening". The whole thing is part of the Microsoft Secure Future Initiative (SFI), and the operating systems are to have hardened SMB settings right from the start in order to better protect against cyberattacks.

Continue reading

Posted in Security, Windows | Tagged , , , | Leave a comment

Office updates from September 3, 2024

Posted on 2024-09-04 by guenni

[German]On September 3, 2024 (first Tuesday of the month), Microsoft released non-security updates for Microsoft Office 2016. I'll summarize some information about these updates here in the blog.

Continue reading

Posted in Office, Update | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Veeam Backup & Replication 12.2 with Proxmox Support

Posted on 2024-09-04 by guenni

Amazon[German]New Veeam versions have been available since August 28, 2024. Certainly of interest to many administrators: Veeam Backup & Replication 12.2 includes the long-announced support for the virtualization solution Proxmox.

Continue reading

Posted in Software | Tagged , | Leave a comment

Warning: MPIP / AIP Client for Microsoft Azure destroys files

Posted on 2024-09-03 by guenni

[German]A German blog reader has just pointed out a bug in the Microsoft MPIP-AIP client for Purview Information Protection that can cause files on the OneDrive online storage to become corrupted. If you don't have a backup, these files are then lost (safe for eternity, so to speak). Microsoft has confirmed the bug, two "clients or services" work independently of each other. Let me summarize the relevant information for the reader.

Continue reading

Posted in Cloud, issue | Tagged , , , | Leave a comment

Scam-Warning: Fake Trojan alert (here shown via Facebook ads)

Posted on 2024-09-02 by guenni

[German]Brief information for Facebook users. There are indications that a campaign is running via ads on Facebook, which pretends to be a fake Trojan in the browser and asks the user to call a "Microsoft support page". This is of course also fake and amounts to fraud. I came across such an ad the other day, and I'll post it briefly on the blog.

Continue reading

Posted in Security | Tagged | Leave a comment

Windows: Side-Loading DLL attacks via licensingdiag.exe

Posted on 2024-09-01 by guenni

Windows[German]I'm once again posting information here in the blog that I stumbled across recently. Anyone who is concerned about Windows security should keep an eye on the command line tool licensingdiag.exe. It is another "living of the land" tool that can be used for side-loading DLL attacks. This is because there is an entry in the registry that specifies which DLL is to be loaded from which path.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Office 365 Version 2408: Issues with Access when accessing a SQL database

Posted on 2024-08-31 by guenni

[German]A blog reader has just contacted me because he has run into significant problems with Microsoft Access with Microsoft Office 365 version 2408 (Build 17928.20114). He often gets error 3048 from the Access frontend when trying to access it. The question is whether other users are also experiencing this.

Continue reading

Posted in issue, Office, Update | Tagged , | 2 Comments