Cisco: New 0-day vulnerability (CVE-2023-20273) in IOS XE; already being exploited

Posted on 2023-10-23 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]US vendor Cisco has publicly disclosed another 0-day vulnerability (CVE-2023-20273) in IOS XE as of October 20, 2023. This vulnerability is already being exploited in the wild to compromise systems. The vendor plans to provide fixes for the CVE-2023-20198 and CVE-2023-20273 vulnerabilities probably on October 22, 2023 (US time). A vulnerability made public on Oct. 16, 2023, led to tens of thousands of infections. Now the number of "discoverable, infected" systems suddenly dropping to a few hundred.

Continue reading

Posted in devices, Security, Software | Tagged , , | Leave a comment

Microsoft Exchange Server October 2023 Patchday issues

Posted on 2023-10-23 by guenni

Exchange Logo[German]As of October 10, 2023, Microsoft has indeed released security updates (SU) for on-premises Exchange Server 2016 / 2019. These pick up the August 2023 patches, but may cause problems with Exchange installations. For example, there may be installation error 0x80070534. Microsoft has also confirmed that users cannot change expired passwords in OWA in Exchange installations with multiple forests. Furthermore, I have a message that a "FIP-FS Scan Engine failed to load" occurs on Exchange Server 2019 after the update installation. Below is a summary of the issues.

Continue reading

Posted in issue, Software | Tagged , | Leave a comment

Customer data from genome analysis provider 23andMe leaked on the web

Posted on 2023-10-22 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German] Provider 23andMe (creates analyses of the human genome) has suffered a cyber incident in which millions of customer data were stolen. At first, the provider denied everything. A few days ago, one million records of Ashkenazi Jews were published in an underground forum. Now more captured data of 4.1 million customers from Germany and the UK has been published.

Continue reading

Posted in Security | Tagged | Leave a comment

Updates: VMware Player / Workstation 17.5; Fusion 13.5

Posted on 2023-10-22 by guenni

UpdateVMware has released an update for its virtualization solutions VMware Player and Workstation to version 17.5 this week. neowin.net describes here some improvements and fixes of the new version. VMware has released the security advisory MSA-2023-0021 (Aria, CVE-2023-34051, CVE-2023-34052, 8.1) and VMSA-2023-0022 (CVE-2023-34044, CVE-2023-34045, CVE-2023-34046, 6.6-7.1) describing update of VMware Player / Workstation 17.5, as well as to Fusion 13.5, to close several vulnerabilities in the products.

Posted in Security, Software, Update | Tagged , | Leave a comment

VMMap v3.4 released

Posted on 2023-10-22 by guenni

As of October 17, 2023 VMMap v3.4 has been released in Sysinternals Tools. VMMap is a utility for analyzing virtual and physical process memory on Windows.

Continue reading

Posted in Software | Tagged | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Quishing (QR code phishing), a growing problem

Posted on 2023-10-22 by guenni

Sicherheit (Pexels, allgemeine Nutzung)In addition to classic email phishing and SMS phishing on mobile devices, the misuse of QR codes, which are used to lure users to obscure sites, is also spreading. If QR codes come to the victim via e-mails, it is called quishing. This is an increasing problem, as I have noticed. Here is some information about a situation that a reader brought to my attention this week.

Continue reading

Posted in Security | Tagged | Leave a comment

Okta support system hacked with stolen credentials

Posted on 2023-10-21 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Okta's support system has been compromised with stolen credentials. Vendor Okta (provider of authentication services in the cloud) just admitted that. The attacker was able to view files uploaded by certain Okta customers as part of recent support cases. The vendor is now asking customers to renew their credentials.

Continue reading

Posted in Cloud, Security | Tagged , | Leave a comment

Over 32,000 Cisco components compromised via CVE-2023-20198 vulnerability

Posted on 2023-10-21 by guenni

Stop - Pixabay[German]Short note for users who have Cisco components with IOS XE in use and these components are accessible via the Internet. As of October 16, 2023, Cisco issued a security warning about the 0-day vulnerability CVE-2023-20198, which is unpatched so far but is being exploited in the wild to take over Cisco components. In the meantime, the vulnerability seems to be exploited in fierce waves of attacks and 10,000s of compromised systems can be assumed.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Edge 118.0.2088.61 (Oct. 20. 2023)

Posted on 2023-10-21 by guenni

EdgeMicrosoft has updated the Edge browser in the stable channel to version 118.0.2088.61 on October 20, 2023 (thanks to the reader for pointing this out). The release note here say: "Fixed various bugs and performance issues".

Posted in browser | Tagged | 1 Comment

MO682702: Microsoft 365 suite disruption, teams affected (10/20/2023)

Posted on 2023-10-21 by guenni

Stop - Pixabay[German]On October 20, 2023, Microsoft 365 suite experienced a disruption. Users in Europe were unable to access several Microsoft 365 services or experienced loss of functionality. In particular, MS Teams users were affected and were unable to send messages, receive call notifications, or experience delays. I got also reports that Exchange Online had been affected. And administrators may not have been able to assign Microsoft Teams numbers to user accounts. Addendum: It was was power failure.

Continue reading

Posted in Cloud, issue | Tagged , | Leave a comment