[German]A very brief note, which was also pointed out to me by a blog reader. Forti has re-released all FortiOS versions on February 8, 2024. The release notes do not say what has been fixed in these versions. The reader confirmed my suspicion off the record that there is another critical SSLVPN bug.
[German]Quick note for administrators who use the load balancer LoadMaster from Progress Kemp. The provider has provided various firmware updates for its LoadMaster as of February 7, 2024. These should be installed immediately. Addendum: Information about CVE-2024-1212 in Progress Kemp LoadMaster added.
[German]A small addendum from yesterday regarding security. There is a critical vulnerability in JetBrains TeamCity Server that endangers on-premises servers. There is probably a security update available, which should be installed as soon as possible. I don't know who among the readership uses the package, I didn't know the name. I will summarize the necessary information in this article.
[German]The successful cyberattack on AnyDesk, a provider of remote maintenance software, is making quite a stir. Officially, the incident was confirmed by AnyDesk on February 2, 2024 (specifically Friday evening at 10:44 pm). Almost nothing is known – neither when, nor what exactly was hacked. I've been working on this topic since January 2024 and an overall picture is emerging from many bits and pieces of information. I now have various sources that indicate that the hack was noticed as early as December 20, 2023. Addendum: AnyDesk has confirmed my suspicions, see my text below.
[German]A news for Windows users, encrypting their disks with Bitlocker. A YouTuber demonstrates how a vulnerability in "external" TPM chips can be exploited to determine a Bitlocker key within seconds. All you need is a Bitlocker key sniffer in the form of a Raspberry Pi Pico for around 10 US dollar.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Google has released updates to the Google Chrome browser in the Stable Channel for Mac, Linux and Windows on February 6, 2024. There were also updates for the Extended Stable Channel. The Chrome browser Android app has also been updated. The updates contain security fixes. Here is an overview of these updates. Continue reading
[German]On February 6, 2024, the Mozilla developers released the update of Firefox Firefox 122.0.1. It is a maintenance update that fixes some bugs.
[German]The successful cyberattack on the provider of remote maintenance software, AnyDesk GmbH, has caused quite a stir. One problem for users of AnyDesk – at least in my eyes – is that the provider is very tight-lipped about the details. We don't know what happened, we don't know when something happened. However, there are always bits and pieces of information from the readership that fall into place like pieces of a puzzle. Below I try to complete this picture, especially after AnyDesk published an FAQ hours ago.
[German]On February 6, 2023 (first Tuesday of the month), Microsoft released a non-security update for Microsoft Project 2016. It is the update KB5002530, which is intended to fix a startup problem of previous updates. Here is some information about this update.
[German]Following the cyberattack on the provider of remote maintenance software, AnyDesk GmbH, there is a notice that the certificate for binary signing of the clients will be exchanged and the old certificate "will be revoked soon". Users should switch to AnyDesk Client 8.0.8 or higher. The problem is the "Customs Clients" used by OEMs or companies, which are still based on the 7.x development branch. There are problems with the generation of these client versions. And I have a statement from support via a reader that these clients will only be equipped with a new certificate "in a few weeks".
MVP:
2013 – 2016
WIMVP:
2017 – 2020
