LockBit ransomware group back? And new findings

Posted on 2024-02-25 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Recently, international law enforcement agencies have announced the dismantling of the LockBit ransomware group's infrastructure. However, this appears to have been only a brief success – the LockBit ransomware group has set up new servers and appears to be back in business. Meanwhile, new findings have emerged following the dismantling of the LockBit ransomware group's infrastructure by the FBI and the UK's National Crime Agency (NCA).

Continue reading

Posted in Security | Tagged | Leave a comment

Mailboxes are currently flooded by password reset, newsletter or account confirmation mails – it's an attack

Posted on 2024-02-25 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]A German blog reader contacted me this week and reported a worrying observation made by one of his customers. The customer is receiving a flood of requests to reset his passwords, to confirm a newsletter or a now user account. The messages really do come from the services in question. At the moment, it is still somewhat unclear what exactly is behind this. But my suspicion is, that this email flood shall hide a breach of an account.

Continue reading

Posted in Security | Tagged | Leave a comment

Attacks on OpenVPN servers (Synology and others) since Feb. 2024

Posted on 2024-02-24 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]It seems that products, that using OpenVPN servers, are now under (Brute Force) attacks. A blog reader contacted me by email the other day because he had observed strange behavior. His logs showed access attempts from the same IP addresses to the Synology OpenVPN server on his systems. It seems to him that the DDNS domains registered with Synology are being attacked. But I got now reports, that a other products with OpenVPN servers also see this access attempts from South Africa.

Continue reading

Posted in devices, Security | Tagged , , | Leave a comment

Vulnerabilities in HP Laser printers (Feb. 2024)

Posted on 2024-02-24 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Printer manufacturer Hewlett Packard has published security messages warning of vulnerabilities in various HP Laserjet printers. These vulnerabilities can be used to inject code. The manufacturer has provided firmware updates to close the vulnerabilities in its devices. Thanks to the reader for the tip.

Continue reading

Posted in devices, Security | Tagged , | Leave a comment

Edge 122.0.2365.52 

Posted on 2024-02-24 by guenni

Edge[German]Microsoft has released another update of the Edge (Chromium) browser with version 122.0.2365.52 in the stable channel on 23 February 2024. It is a maintenance update that is intended to fix problems and bring new features. Thanks to the reader for the hint.

Continue reading

Posted in browser | Tagged , | 1 Comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Google Chrome 122.0.6261.69/.70

Posted on 2024-02-24 by guenni

Chrome[German]Google has released another update of the Google Chrome browser (branch 122) in the stable channel on 22 February 2024 (one day after the release of Chrome 122.0.6261.57/.58). The Extended Stable Channel has also received an update. Both updates fix bugs. Here is an overview of these updates. Continue reading

Posted in browser, Update | Tagged | Leave a comment

Upgrade to Windows 11 23H2 is forced (20 February 2024)

Posted on 2024-02-22 by guenni

Windows[German]Approximately 3 months after the release of the feature update to version 23H2 for Windows 11, Microsoft is starting the final rollout phase. All Windows 11 machines that are compatible with version 23H2 will now be offered the corresponding feature update and will be forcibly updated to this version in the coming days.

Continue reading

Posted in Update, Windows | Tagged , | 1 Comment

Windows Explorer issues since Adobe Sync deactivation; fixed in Feb. 2024

Posted on 2024-02-22 by guenni

Windows[German]A little information for Windows 10/11 users who also use Adobe's Creative Cloud. It seems that some of these users have "recently" started to suffer from problems with Windows Explorer. It reacts extremely slowly when changing folders and file selection is hardly possible. The cause is the deactivation of Adobe synchronization with the cloud. As a result, an Adobe operating system extension for Windows no longer worked. There was a simple workaround for those affected, but Adobe has now also provided a fix.

Continue reading

Posted in issue, Software, Windows | Tagged , , , | Leave a comment

VMware Warning: Uninstall Enhanced Authentication Plug-in (EAP)

Posted on 2024-02-22 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Virtualisation vendor VMware has just issued a security warning. It concerns the Enhanced Authentication Plug-in (EAP), which should be uninstalled as a matter of urgency. Critical vulnerabilities have been found in the Enhanced Authentication Plug-in (EAP). We do not know if EAP is still in use, as it has been retired as obsolete in 2021. In addition, EAP is not included in vCenter Server, ESXi or Cloud Foundation installations.

Continue reading

Posted in Security, Software, Virtualization | Tagged , , | Leave a comment

Critical vulnerability in ConnectWise remote software Screenconnect (Feb. 2024)

Posted on 2024-02-22 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Does anyone use Screenconnect from the provider ConnectWise? A critical vulnerability (CVSS 3.1 10.0) has been discovered in the remote desktop software, which should be closed immediately. An initial exploit for this vulnerability is already available. Here is a quick overview for administrators who are responsible for or manage the use of this software. I would say: The roof is on fire. Addendum: 2,866 vulnerable instances in the USA.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment