20,000 unpatched Exchange servers accessible via the Internet (Dec. 2023)

Posted on 2023-12-04 by guenni

Exchange Logo[German]Looks like we're heading for the next cyberattack disaster. Network scans by security researchers have found around 20,000 Microsoft Exchange servers that are accessible via the internet and vulnerable to remote code attacks. The Exchange servers are located in Asia, Europe and the USA and can no longer be patched as they have reached the end of their life cycle and have fallen out of support. A worthwhile target for cyber attackers, who can no longer keep up as quickly as security gaps grow on the Internet.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment
Advertising

40 years of Turbo Pascal

Posted on 2023-12-03 by guenni

[German]I recently recognized that the Turbo Pascal development environment was introduced by Borland 40 years ago. But it completely passed me by. I myself only came into contact with Turbo Pascal around 1987/1988. Today, a brief look back for the somewhat older blog readers.

Continue reading

Posted in General, Software | Tagged , | 1 Comment

How to find weak passwords in Active Directory and eliminate them with PowerShell

[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...

Windows 11 24H2 and "Windows 12" are proably scheduled for release in 2024

Posted on 2023-12-02 by guenni

Windows[German]Support for Windows 10 will expire for most systems at the end of 2025. Something should therefore happen in 2024 in terms of a "successor". I think it's safe to assume that a feature update for Windows 11 will be released in 24H2 – unless hell freezes over in Redmond because the co-pilot has taken over. Interesting fact: Microsoft also seems to be planning something in the direction of "Managed Service Accounts" to prevent Kerberoasting attacks on network environments. And there has long been a rumor that Microsoft is working internally on a "Windows 12". Rumor has it that manufacturers will receive this Windows as early as 2024 in order to develop devices and possibly launch them on the market in July 2024. The development of this Windows will then move towards more online and more AI features.

Continue reading

Posted in Windows | Tagged | Leave a comment
Advertising

Zyxel warns of critical security vulnerabilities in NAS devices

Posted on 2023-12-02 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Does anyone operate a Zyxel NAS in their environment? The Taiwanese manufacturer has just warned of several vulnerabilities in the firmware of these devices. Three critical vulnerabilities allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage (NAS) devices. Firmware updates for the affected devices are available to close these vulnerabilities.

Continue reading

Posted in devices, Security, Update | Tagged , , | Leave a comment

Windows 10 22H2 Preview Update KB5032278 (November 30, 2023)

Posted on 2023-12-01 by guenni

Windows[German]Microsoft has released an optional, cumulative (preview) update KB5032278 for Windows 10 22H2 on November 30, 2023 (D-Week). This is intended to fix numerous bugs in Windows 10 22H2. Windows Copilot will also be rolled out outside the EU. Below is an overview of these updates for Windows 10.
Continue reading

Posted in Update, Windows | Tagged , | 1 Comment
Advertising

iOS, macOS, Safari: Emergency updates close vulnerabilities

Posted on 2023-12-01 by guenni

[German]Apple released updates for iOS, macOS and Safai a few hours ago. These emergency updates are intended to close critical security vulnerabilities (CVE-2023-42916 & CVE-2023-42917) that are already under attack. These vulnerabilities can expose sensitive data while browsing. So it's time to update.

Continue reading

Posted in browser, ios, Security, Update | Tagged , , , , | Leave a comment

Windows 10/11: "HP Smart" printer app is installed without permission

Posted on 2023-12-01 by guenni

Windows[German]Since the end of November 2023, users have been reporting that an "HP Smart" printer app has suddenly been installed on their Windows 10 and Windows 11 systems. This also applies to systems to which no HP printer has been connected at all, let alone set up. The assumption is probably that the "HP Smart" printer app from Microsoft is being flushed onto the system as further bloatware from HP, so to speak. Below is an overview of the situation and a question to the readership as to whether anyone is affected.

Continue reading

Posted in Software, Windows | Tagged , , , , | 2 Comments

Security risks from web cams; Hikvision cameras and NVR with security risk

Posted on 2023-12-01 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security cameras with vulnerabilities pose a risk to their owners. The same applies to webcams, which can often be taken over by attackers. Cameras and NVRs (Network Video Recorder) from the manufacturer Hikvision have vulnerabilities that can be exploited by attackers. Wyze webcams have also recently attracted attention because third parties were able to retrieve video streams. I will summarize some points in a summary article.

Continue reading

Posted in devices, Security | Tagged , | Leave a comment
Advertising

Firefox 120.0.1

Posted on 2023-12-01 by guenni

Mozilla[German]On November 30, 2023, the Mozilla developers released the update of Firefox 120.0.1. It is a maintenance update that fixes bugs in 120.0.

Continue reading

Posted in browser, Software, Update | Tagged | Leave a comment

Firefox for Android gets over 400 extensions in December 2023

Posted on 2023-11-30 by guenni

Mozilla[German]The developers at Mozilla have just announced that they will be giving users of the Firefox browser on Android over 400 extensions by December 14, 2023. This should greatly enhance the Firefox app on Android if the extensions deliver what they promise.

Continue reading

Posted in Android, browser | Tagged , | Leave a comment