CrowdStrike: New report, current status, lawsuits and more

Posted on 2024-08-07 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]After the CrowdStrike Falcon software paralyzed 8.5 million Windows computers some time ago, the provider has now issued a second statement. According to the statement, 99% of the sensors are now back in operation. Otherwise, some of those affected are threatening to sue for damages. Delta Air Lines' approach has made it into the media. Now there is the first counterattack: Microsoft had offered Delta Air Lines free support, but this was rejected. Here is a summary of the relevant information.

Continue reading

Posted in Security, Update, Windows | Tagged , , | Leave a comment

Attention: Microsoft's UEFI certificate expires on Oct. 19, 2026 – Secure Boot affected

Posted on 2024-08-07 by guenni

Windows[German]I'm posting a topic here in the blog that still has "a few days to go" but could have very unpleasant consequences. In the fall of 2026, a certificate in Windows will expire, which ensures that Secure Boot can be executed in the UEFI. At that time, the certificate was valid for 15 years, but all machines that are not updated will no longer be able to start in Secure Boot mode by the deadline.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Windows SmartScreen and Smart App Control exploited since 2018

Posted on 2024-08-06 by guenni

Windows[German]There are vulnerabilities in Windows SmartScreen and Smart App Control that are based on design errors. It has now become public that these vulnerabilities have been exploited by attackers since 2018. Security researchers at Elastic Security Labs have compiled and published an overview of the problems and design weaknesses of the security functions used in Windows.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Microsoft's analysis of the CrowdStrike incident and recommendations

Posted on 2024-08-06 by guenni

Windows[German]One more addendum, on a topic taken up in my German blog at the end of July 2024. Microsoft has recently published an analysis of the CrowdStrike incident, which confirms the statements made by Crowdstrike. And there are recommendations on how third-party providers of security software should work. The use of kernel drivers, as was the case with CrowdStrike, is not recommended. It also states that Microsoft wants to improve the "security of Windows".

Continue reading

Posted in issue, Security, Windows | Tagged , , | Leave a comment

Microsoft 365: Service degration (August 5, 2024)

Posted on 2024-08-05 by guenni

Stop - Pixabay[German]On August 5, 2024, there will be another disruption to Microsoft 365 features and services, which will probably affect various users worldwide. Microsoft has already confirmed the problem under MO851360 in the status area for MS 365 administrators. The effects are likely to vary depending on the user. Some are experiencing sluggish access to Microsoft 365 features and services, while other users are unable to access them at all.

Continue reading

Posted in Cloud, issue | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

New BITSLOTH backdoor discovered; abuses the Windows BITS service

Posted on 2024-08-05 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Another nice story that I came across last week. What I had suspected for some time has been confirmed. The Background Intelligent Transfer Service (BITS) can be abused. A newly discovered Windows backdoor BITSLOTH uses BITS to communicate with command and control servers. An intrusion into a South American government via this backdoor has now been observed. The BITSLOTH malware contains keylogging and screen capture functions.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Identities Inventory: How to certify access rights

Posted on 2024-08-04 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]What do you think about the certification of access rights for users? Access certification describes the independent review of access rights by an auditor. The auditor examines whether the rights granted to users are really necessary. A thorough user access certification process ensures that each employee's digital identity only has the authorizations required to perform their tasks. This also ensures the security of internal data. I recently received a text from Omada that deals with this issue. I'll post the information here in the blog.

Continue reading

Posted in Security | Tagged | Leave a comment

Active Directory tool LDP has a built-in SDDL editor and text exporter

Posted on 2024-08-03 by guenni

Windows[German]I'm putting a topic for administrators in the blog – it may be widely known. I myself am not so well versed in the AD area and the available tools. In Windows, there is the LPD.exe tool, which contains both an SDDL editor and an SDDL-to-text converter. If you are not yet familiar with it, it may be of interest. Here is some background information on this topic, which I came across some time ago.

Continue reading

Posted in Windows | Tagged | Leave a comment

Oracle's Java pricing: Subscribers switch to OpenJDK

Posted on 2024-08-02 by guenni

[German]Has Oracle simply gambled with the pricing of JAVA licenses? It will be bitter for subscribers when Oracle issues an invoice for the licensing of JAVA. After all, it is calculated on a "per user" basis. It is incomprehensible to me that those affected are only now switching to OpenJDK. Here is another look at this situation, based on a survey.

Continue reading

Posted in General | Tagged | Leave a comment

Microsoft 365 Backup and Microsoft 365 Backup Storage available

Posted on 2024-08-01 by guenni

Amazon[German]Microsoft has just announced the general availability of its Microsoft 365 Backup and Microsoft 365 Backup Storage solutions. Microsoft 365 Backup allows you to back up and restore data from OneDrive, SharePoint and Exchange.

Continue reading

Posted in Cloud, Office, Software | Tagged , | Leave a comment