Windows vulnerability CVE-2024-21412: Attacks by the APT group Water Hydra

Posted on 2024-02-28 by guenni

Windows[German]On 13 February 2024, the Internet Shortcut Files Security Feature Bypass vulnerability CVE-2024-21412 became known. This vulnerability can be used to bypass the SmartScreen in Windows and other products. Microsoft has provided corresponding patches for the supported Windows versions with the February 2024 security updates to fix this vulnerability. Trend Micro now reports that the APT group Water Hydra is exploiting this Internet Shortcut Files Security Feature Bypass vulnerability CVE-2024-21412 for attacks.

Continue reading

Posted in Security, Update, Windows | Tagged , , | Leave a comment

Edge 122.0.2365.59

Posted on 2024-02-28 by guenni

Edge[German]Microsoft has released another update of the Edge (Chromium) browser with version 122.0.2365.59 in the stable channel on 27 February 2024. It is a maintenance update that is intended to fix problems and bring new features. The release notes contain the note "Fixed various bugs and performance issues." There is nothing in the security release notes about closed vulnerabilities. It is unknown whether the bugs mentioned in my German article Neuer Bug im Edge Browser? have been fixed. Thanks to the reader for the hint.

Posted in browser, Software, Update | Tagged , | 1 Comment

TeamViewer password vulnerability CVE-2024-0819

Posted on 2024-02-28 by guenni

Stop - Pixabay[German]A short warning to readers who use the TeamViewer remote maintenance software still with a "personal password". The client for Windows should urgently be updated to version 15.51.5. The manufacturer has published a security notice stating that older software versions only offer incomplete protection of personal password settings. Here are the details what you need to know.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Elon Musk and the forced Windows Microsoft account

Posted on 2024-02-28 by guenni

Windows[German]US entrepreneur Elon Musk bought a Windows PC and realized that he had made a mistake. The thing required Musk to have a Microsoft account when he started it up. The man was not "amused" and he kicked Microsoft boss Satya Nadella off the sidelines, which is what this crap is all about. But the episode also shows how far removed we IT techies have become from what affects people.

Continue reading

Posted in Windows | Tagged | Leave a comment

WordPress LiteSpeed Cache Plugin with vulnerability CVE-2023-40000

Posted on 2024-02-28 by guenni

[German]Quick note for WordPress users who use the LiteSpeed Cache plugin. The plugin should be updated urgently, as a vulnerability CVE-2023-40000 can lead to an unauthoriszd takeover of the website. An update for the quite popular plugin is available.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Camera for facial recognition discovered in Invenda vending machines (Mars, Coca-Cola)

Posted on 2024-02-27 by guenni

Stop - Pixabay[German]An unpleasant story that went public come to light in Canada. An error message on the display of a vending machine from which you can buy sweets such as MMs or Mars bars prompted a student at a Canadian university to investigate. The result: vending machines from the Swiss company Invenda, which are installed in Canada by M&M or Coca-Cola, may contain cameras to recognize people. Anyone who buys something from the vending machine is recorded and evaluated by the camera. The aim is for the machine to be able to show the buyer targeted advertising on the display.

Continue reading

Posted in devices, Security | Tagged , | Leave a comment

New Teams 2.0 client will be mandatory later – but some "chaos"

Posted on 2024-02-27 by guenni

Teams[German]Will the forced switch to the new Microsoft Teams 2.0 client in companies not be mandatory on 1 April 2024 after all? While this date is still valid, Redmond is now giving corporate customers a three-month grace period. The background to this is probably that some customers are having problems with the changeover. Here is an overview about some "Teams 2.0" shenanigans.

Continue reading

Posted in Software | Tagged | Leave a comment

Windows 11 24H2: Is Microsoft planning "hotpatching" (Update installation without reboot)?

Posted on 2024-02-26 by guenni

Windows[German]A small addendum from last week regarding the development of Windows 11. There are reports (rumors) that the upcoming Windows 11 version 24H2 could or should get something like "hotpatching". This would mean that updates can be installed and take effect without the need for a reboot. However, the concept, as it currently appears to me, has some limitations that you should be aware of.

Continue reading

Posted in Update, Windows | Tagged , | 1 Comment

SSH snake steals SSH keys

Posted on 2024-02-26 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Warning about the Snake worm, which is designed to steal SSH keys. The SSH-Snake malware was discovered by the Sysdig Threat Research Team (TRT). The self-modifying worm uses SSH credentials discovered on a compromised system to spread throughout the network. The worm automatically scans known locations for credentials and shell history files.

Continue reading

Posted in Security, Software | Tagged | Leave a comment

LockBit ransomware group back? And new findings

Posted on 2024-02-25 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Recently, international law enforcement agencies have announced the dismantling of the LockBit ransomware group's infrastructure. However, this appears to have been only a brief success – the LockBit ransomware group has set up new servers and appears to be back in business. Meanwhile, new findings have emerged following the dismantling of the LockBit ransomware group's infrastructure by the FBI and the UK's National Crime Agency (NCA).

Continue reading

Posted in Security | Tagged | Leave a comment