As of October 17, 2023 VMMap v3.4 has been released in Sysinternals Tools. VMMap is a utility for analyzing virtual and physical process memory on Windows.
Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Quishing (QR code phishing), a growing problem
In addition to classic email phishing and SMS phishing on mobile devices, the misuse of QR codes, which are used to lure users to obscure sites, is also spreading. If QR codes come to the victim via e-mails, it is called quishing. This is an increasing problem, as I have noticed. Here is some information about a situation that a reader brought to my attention this week.
Okta support system hacked with stolen credentials
[German]Okta's support system has been compromised with stolen credentials. Vendor Okta (provider of authentication services in the cloud) just admitted that. The attacker was able to view files uploaded by certain Okta customers as part of recent support cases. The vendor is now asking customers to renew their credentials.
Over 32,000 Cisco components compromised via CVE-2023-20198 vulnerability
[German]Short note for users who have Cisco components with IOS XE in use and these components are accessible via the Internet. As of October 16, 2023, Cisco issued a security warning about the 0-day vulnerability CVE-2023-20198, which is unpatched so far but is being exploited in the wild to take over Cisco components. In the meantime, the vulnerability seems to be exploited in fierce waves of attacks and 10,000s of compromised systems can be assumed.
Edge 118.0.2088.61 (Oct. 20. 2023)
Microsoft has updated the Edge browser in the stable channel to version 118.0.2088.61 on October 20, 2023 (thanks to the reader for pointing this out). The release note here say: "Fixed various bugs and performance issues".
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
MO682702: Microsoft 365 suite disruption, teams affected (10/20/2023)
[German]On October 20, 2023, Microsoft 365 suite experienced a disruption. Users in Europe were unable to access several Microsoft 365 services or experienced loss of functionality. In particular, MS Teams users were affected and were unable to send messages, receive call notifications, or experience delays. I got also reports that Exchange Online had been affected. And administrators may not have been able to assign Microsoft Teams numbers to user accounts. Addendum: It was was power failure.
Microsoft fixes slow Outlook start and freeze bug; fix will be shipped in November 2023
[German]Microsoft has addressed the problem that Outlook from Microsoft 365 takes a very long time to start and then sometimes hangs completely (freeze bug). If the application is closed and restarted, Outlook is opened directly. According to an announcement, the problem, which has been known since June 2023, has now been identified and fixed. The fix has already been published in the beta channel and will be rolled out in November 2023 via a Microsoft 365 update in the current channel.
Warning: WinRAR vulnerability CVE-2023-38831 is exploited by Chinese and Russian hackers
[German]Warning to users of the WinRAR archive program. Various state threat actors from Russia and China are trying to exploit a vulnerability in the WinRAR archiving tool for Windows. Attackers can execute arbitrary code when unpacking archives via the CVE-2023-38831 vulnerability. Affected by the vulnerability are WinRAR versions prior to 6.23 – currently WinRAR 6.24 is available.
Europol and other law enforcement seized RagnarLocker dark web site
[German]Europol and other law enforcement authorities like German BKA, the FBI and other international police agencies have seized the RagnarLocker ransomware gang's website, which was used to negotiate ransom payments with victims. It is hoped that this will cut off the ransomware group from its funding opportunity. Currently, there are no official announcements yet – they are expected to be released later today.
New Outlook: Microsoft will definitely not support COM add-ins
[German]Hope dies last, but now it's finally dead. Microsoft has just clarified in a blog post that the new Outlook app, which will eventually replace the classic Outlook, will not support COM. I touched on this topic here on the blog just a short while ago. Here's a quick update on what's going on.