[German]The U.S. cybersecurity agency CISA is warning administrators of Citrix NetScaler ADC installations. Threat actors have begun exploiting the NetScaler ADC vulnerability CVE-2023-3519, disclosed a few days ago, to implant webshells. Administrators should look for signs of compromise. Kompromittierung suchen.
[German]As part of this week's Inspire 2023 partner conference, Microsoft also unveiled two new data backup products. With Microsoft365Backup and Microsoft 365 Archive, administrators should be able to back up data from Microsoft products such as OneDrive, SharePoint or Exchange in the Microsoft Cloud.
[German]It has already been whispered about for a week: The EU Competition Commission is investigating an antitrust complaint against Microsoft because of the Teams bundling with Office 365. On the one hand, competitor Slack had complained about Microsoft to the EU Commission. On the other hand, German provider Alfaview from Karlsruhe is also said to have complained yesterday.
[German]Microsoft's July 11, 2023 security update KB5028166 seems to be turning into a problem bear. I have already been contacted by two pages from the readership, who report hints of different problems with third-party security solutions, NAS drives or similar. So I'm picking up new issues, since I hadn't cover it in part I.
Brief information for people who use Foxit PDF Reader and/or PDF Editor. There are vulnerabilities in older versions which will be fixed by a security update to version 12.1.3.15356 (thanks to the reader for reminding me). Details can be found in this Foxit security advisory. The colleagues from deskmodder.de have collected the relevant links – also for download – here. Does anyone from the readership use these products?
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]On Patchday, July 11, 2023, Microsoft released a bunch of security updates for Windows, Office and other products. In addition, a vulnerability in the HTML component of IE became known, which could allow an RCE attack on Office and Windows with system takeover. There is no patch for this, only countermeasures for protection. And some readers complain about issues after the update, among other things because Kerberos hardening measures take effect since July 2023 and can no longer be disabled. Here is part 1 of a follow-up on these issues.
There is a vulnerability in the firmware of the TP-Link router TP-LINK TL-WR840N that allows a remote attacker to perform a stack buffer overflow DOS attack. TP-Link does not want to publish a security advisory for this, but has made a new firmware (TL-WR840N(KR)_V6.2_230702) available on this website. The team at ssd-disclosure.com has disclosed details about the vulnerability in this blog post.
[German]I'm posting a problem here in the blog that a reader reported by email. The Windows user regularly receives files with the file name extension .checkpoint and (presumably) a UUID code as the file name in the Windows System32 folder. This is a Windows 10 22H2 system and the files can also be deleted. Is there an explanation, what these files are meaning?
[German]At the suggestion of the U.S. National Security Agency (CISA), Microsoft will provide its customers with enhanced cloud logging capabilities at no additional cost. This is intended to improve cyber defenses and incident response and is in response to the successful attack by Chinese hackers (Storm-0558) on Outlook Online accounts, which only attracted the attention of a U.S. agency because of such logging capabilities.
[German]As of July 18, 2023, the developers of Virtualbox have released both version7.0.10 and the update to version 6.1.46. Both versions are maintenance updates for bug fixes.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
