[German]Someone among the blog readership who relies on SonicWall. There have been reports for days that attacks on SonicWall firewalls are being observed. It seems to relate to the SSL VPN function of the Gen 7 SonicWall firewalls. It is unclear whether an unknown vulnerability is being exploited.
[German]Another note for administrators of Microsoft Exchange Server hybrid configurations. Microsoft points out that these configurations are at risk from an Elevation of Privilege vulnerability (CVE-2025-53786). However, there is a hotfix to eliminate this vulnerability in these hybrid configurations and instructions to secure the installation.
[German]Quick survey for administrators among my blog readers: Is there a problem with OneDrive, and how are you dealing with it? In July 2025, Microsoft began allowing OneDrive Personal users to synchronize OneDrive for Business as well. How are you dealing with this issue, which could pose a security problem?
[German]Brief information for administrators who use the Trend Micro Apex One security solution under Windows. The manufacturer has issued a security notice about a critical vulnerability that probably affects all versions and is also under attack. There is a Fix, and an update is advised for Mid August 2025.
[German]Is it a surprise? No, it's not a surprise, but rather to be expected. The Recall spyware feature that Microsoft is pushing onto Windows systems continues to collect sensitive information such as credit card details and passwords. And this despite Microsoft's claims that this is not the case.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Since the SharePoint disaster in July 2025, in which vulnerabilities were exploited, there have been new revelations almost every day. It has been speculated that suspected Chinese hackers were able to access internal descriptions of zero-day vulnerabilities in Microsoft SharePoint Server in advance. Now it is said that Microsoft employed staff from China to maintain SharePoint. A brief update on the latest developments.
[German]Security researchers from Nextron Research have identified a previously undocumented PAM-based backdoor while searching for unknown threats with YARA rules. This backdoor, dubbed Plague by the security researchers, can be persistently installed on Linux systems by attackers and grants persistent SSH access without being detected by security systems.
[German]There has been a security incident at Logitech. Logitech partners recently received a fraudulent email warning of the risk of an attack on a MetaMask wallet, but the message containing a phishing link. Logitech has now confirmed that an incident occurred a third party service provider.
[German]Did suspected Chinese hackers gain access to internal descriptions of zero-day vulnerabilities in Microsoft SharePoint Server before they were exploited last weekend? Microsoft is investigating whether there was a leak in internal systems where such information is stored.
[German]A brief update from this week. Microsoft has uncovered and publicly disclosed a campaign by the Russian cyber group Secret Blizzard. The state-sponsored group is using a man-in-the-middle position (AiTM) to deploy custom malware called ApolloShadow at embassies in Moscow for espionage purposes.
-
MVP:
2013 – 2016
WIMVP:
2017 – 2020
