[German]A news for Windows users, encrypting their disks with Bitlocker. A YouTuber demonstrates how a vulnerability in "external" TPM chips can be exploited to determine a Bitlocker key within seconds. All you need is a Bitlocker key sniffer in the form of a Raspberry Pi Pico for around 10 US dollar.
[German]Google has released updates to the Google Chrome browser in the Stable Channel for Mac, Linux and Windows on February 6, 2024. There were also updates for the Extended Stable Channel. The Chrome browser Android app has also been updated. The updates contain security fixes. Here is an overview of these updates. Continue reading
[German]On February 6, 2024, the Mozilla developers released the update of Firefox Firefox 122.0.1. It is a maintenance update that fixes some bugs.
[German]The successful cyberattack on the provider of remote maintenance software, AnyDesk GmbH, has caused quite a stir. One problem for users of AnyDesk – at least in my eyes – is that the provider is very tight-lipped about the details. We don't know what happened, we don't know when something happened. However, there are always bits and pieces of information from the readership that fall into place like pieces of a puzzle. Below I try to complete this picture, especially after AnyDesk published an FAQ hours ago.
[German]On February 6, 2023 (first Tuesday of the month), Microsoft released a non-security update for Microsoft Project 2016. It is the update KB5002530, which is intended to fix a startup problem of previous updates. Here is some information about this update.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Following the cyberattack on the provider of remote maintenance software, AnyDesk GmbH, there is a notice that the certificate for binary signing of the clients will be exchanged and the old certificate "will be revoked soon". Users should switch to AnyDesk Client 8.0.8 or higher. The problem is the "Customs Clients" used by OEMs or companies, which are still based on the 7.x development branch. There are problems with the generation of these client versions. And I have a statement from support via a reader that these clients will only be equipped with a new certificate "in a few weeks".
[German]After I had been researching on the "suspected case" of the AnyDesk hack for a week, which was confirmed as a "successful cyberattack" on Friday, February 2, 2024, the BSI finally published a notification with TLP:CLEAR on February 5, 2024. The threat level is classified as "2 / Yellow" – as of January 29, 2024, this was still classified as TLP:Amber-Strict. Here is a brief summary of what the BSI is telling its readers.
[German]I've been working on the "suspected case" of the AnyDesk hack since a week, which was confirmed as a "successful cyberattack" on Friday, February 2, 2024. At the weekend, I wrote up my findings in four articles (see links at the end of the article). I would now like to add a few more thoughts and tips for readers as a kind of follow-up.
[German]With regard to the AnyDesk hack, I am currently being constantly overtaken by reality. The credentials of AnyDesk customer accounts are already being offered for sale in the internet. Here is the new development, I would like to take this opportunity to thank the reader for pointing this out. Addendum: The data set is from an old breach.
[German]Following confirmation that the provider of remote maintenance software, AnyDesk, was the victim of a hack that also affected production systems, I have prepared some information in Part 1 and Part 2 of my series of articles (AnyDesk confirmed, they have been hacked in January 2024, Production systems affected – Part 1). In Part 3, I address topics that were brought to my attention by readers. It deals with unauthorized access attempts and sudden communication of the client with foreign URLs. Although I now classify these as "false alarms", the discussion may help some readers with their interpretation. And there is probably a first malware find. Below is a summary of these points.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
