Microsoft identifies Russian attacker exploiting CVE-2023-23397 in Outlook to access Exchange accounts

Posted on 2023-12-05 by guenni

Exchange Logo[German]CVE-2023-23397 is a vulnerability in Microsoft Outlook that could be exploited in conjunction with Microsoft Exchange servers, which was closed with security updates in March 2023. Microsoft has now identified an attacker based in Russia who is actively exploiting CVE-2023-23397 to gain unauthorized access to email accounts in Exchange servers. This can then be used for NTLM relay attacks against other services. The Russian attacker is referred to by Microsoft as Forest Blizzard (STRONTIUM, APT28, FANCYBEAR).

Continue reading

Posted in Security, Software | Tagged , , , | Leave a comment

Recordings from Nullcon Security Conference (Goa 2023)

Posted on 2023-12-05 by guenni

Sicherheit (Pexels, allgemeine Nutzung)In September 2023 there was the "Nullcon Security Conference" in Goa. I was invited this year, but unfortunately (as with so many other conferences) I was unable to attend (which is better from an environmental point of view). But the organizers kept their word and informed me afterwards at the end of November 2023 that the recordings of the lectures are now online. Interested readers can find the slides of the presentations on this website.

Posted in Security | Tagged | Leave a comment

20,000 unpatched Exchange servers accessible via the Internet (Dec. 2023)

Posted on 2023-12-04 by guenni

Exchange Logo[German]Looks like we're heading for the next cyberattack disaster. Network scans by security researchers have found around 20,000 Microsoft Exchange servers that are accessible via the internet and vulnerable to remote code attacks. The Exchange servers are located in Asia, Europe and the USA and can no longer be patched as they have reached the end of their life cycle and have fallen out of support. A worthwhile target for cyber attackers, who can no longer keep up as quickly as security gaps grow on the Internet.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

40 years of Turbo Pascal

Posted on 2023-12-03 by guenni

[German]I recently recognized that the Turbo Pascal development environment was introduced by Borland 40 years ago. But it completely passed me by. I myself only came into contact with Turbo Pascal around 1987/1988. Today, a brief look back for the somewhat older blog readers.

Continue reading

Posted in General, Software | Tagged , | 1 Comment

Windows 11 24H2 and "Windows 12" are proably scheduled for release in 2024

Posted on 2023-12-02 by guenni

Windows[German]Support for Windows 10 will expire for most systems at the end of 2025. Something should therefore happen in 2024 in terms of a "successor". I think it's safe to assume that a feature update for Windows 11 will be released in 24H2 – unless hell freezes over in Redmond because the co-pilot has taken over. Interesting fact: Microsoft also seems to be planning something in the direction of "Managed Service Accounts" to prevent Kerberoasting attacks on network environments. And there has long been a rumor that Microsoft is working internally on a "Windows 12". Rumor has it that manufacturers will receive this Windows as early as 2024 in order to develop devices and possibly launch them on the market in July 2024. The development of this Windows will then move towards more online and more AI features.

Continue reading

Posted in Windows | Tagged | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Zyxel warns of critical security vulnerabilities in NAS devices

Posted on 2023-12-02 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Does anyone operate a Zyxel NAS in their environment? The Taiwanese manufacturer has just warned of several vulnerabilities in the firmware of these devices. Three critical vulnerabilities allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage (NAS) devices. Firmware updates for the affected devices are available to close these vulnerabilities.

Continue reading

Posted in devices, Security, Update | Tagged , , | Leave a comment

Windows 10 22H2 Preview Update KB5032278 (November 30, 2023)

Posted on 2023-12-01 by guenni

Windows[German]Microsoft has released an optional, cumulative (preview) update KB5032278 for Windows 10 22H2 on November 30, 2023 (D-Week). This is intended to fix numerous bugs in Windows 10 22H2. Windows Copilot will also be rolled out outside the EU. Below is an overview of these updates for Windows 10.
Continue reading

Posted in Update, Windows | Tagged , | 1 Comment

iOS, macOS, Safari: Emergency updates close vulnerabilities

Posted on 2023-12-01 by guenni

[German]Apple released updates for iOS, macOS and Safai a few hours ago. These emergency updates are intended to close critical security vulnerabilities (CVE-2023-42916 & CVE-2023-42917) that are already under attack. These vulnerabilities can expose sensitive data while browsing. So it's time to update.

Continue reading

Posted in browser, ios, Security, Update | Tagged , , , , | Leave a comment

Windows 10/11: "HP Smart" printer app is installed without permission

Posted on 2023-12-01 by guenni

Windows[German]Since the end of November 2023, users have been reporting that an "HP Smart" printer app has suddenly been installed on their Windows 10 and Windows 11 systems. This also applies to systems to which no HP printer has been connected at all, let alone set up. The assumption is probably that the "HP Smart" printer app from Microsoft is being flushed onto the system as further bloatware from HP, so to speak. Below is an overview of the situation and a question to the readership as to whether anyone is affected.

Continue reading

Posted in Software, Windows | Tagged , , , , | 3 Comments

Security risks from web cams; Hikvision cameras and NVR with security risk

Posted on 2023-12-01 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security cameras with vulnerabilities pose a risk to their owners. The same applies to webcams, which can often be taken over by attackers. Cameras and NVRs (Network Video Recorder) from the manufacturer Hikvision have vulnerabilities that can be exploited by attackers. Wyze webcams have also recently attracted attention because third parties were able to retrieve video streams. I will summarize some points in a summary article.

Continue reading

Posted in devices, Security | Tagged , | 1 Comment