[German]Taiwan-based manufacturer MSI (Micro-Star International) has admitted to a cyberattack on part of its IT network as of April 7, 2023. Earlier this week, the ransomware gang called Money Message infiltrated some of MSI's systems, according to its own statement. The group threatened to release captured files on the Internet next week if no ransom was paid by MSI.
[German]Microsoft updated the Edge browser in the stable channel to version 112.0.1722.34 on April 6, 2023. The browser gets new features (e.g. Enhanced Security Mode improvements) as well as security and bug fixes.
[German]Microsoft has just unveiled its Windows365 Frontline – a Windows 11-based system streamed from the cloud. The system is designed to offer a personalized Windows that can be deployed and managed via Microsoft Intune alongside cloud PCs and physical devices. The idea behind the Windows 365 Frontline rollout is to offer shift and part-time workers the flexibility of the cloud PC. Continue reading
[German]Brief note for administrators of Citrix Workspace App 2203: Build 2203 of the Citrix Workspace App in question seems to cause high resource utilization and thus performance problems under Windows. [Addendum: It's not clear to me, if version 2203 LTSC is affected, or if it's a typo and it affects 2303. I use 2203 here, in accordance with Citrix`support post.] The reason is probably due to the webview component of Edge (MSEdgewebview2). Citrix has suggested a workaround, but it is only applicable in certain scenarios.
[German]Anyone who owns a Nexx home automation system and uses it to remotely control their garage doors now has a fat problem. A vulnerability in the Nexx remote control allows hackers to gain unauthorized access to the garage doors. They can then remotely access this control, open the garage door and possibly enter the garage or even buildings via this route. Unfortunately, there is no countermeasure against such manipulations.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Google has released updates to the Google Chrome browser 112 in the stable channel for Mac, Linux and Windows on April 4, 2023. These are security updates that fix critical vulnerabilities. The apps for Android and iOS have also been updated.
[German]Microsoft is reacting to the fact that OneNote is now being abused as a malware sling for systems. The application is supposed to block 120 dangerous file types in the future, so that they can no longer be abused for malware attacks by downloads from the Internet.
[German]In a coordinated action, the FBI and international law enforcement have seized and taken down the domain of Genesis Market, dismantling one of the most important criminal online platforms. The Genesis Market was a central hub for criminals seeking to purchase stolen credentials as well as tools to harvest such credentials. The Market was linked to millions of cyberattacks, from fraud to ransomware cases.
[German]Firmware from various laser printers is vulnerable to CVE-2023-1707 vulnerability. Certain HP Enterprise LaserJet and HP LaserJet are potentially vulnerable to information disclosure in managed environments when IPsec is enabled with FutureSmart version 5.6. A patch may be up to 90 days away. Administrators so far only have the option to perform a workaround in the form of a firmware downgrade.
[German]Over the past few months, some administrators have complained of Windows virtual machine boot issues in conjunction with the monthly security updates. In many cases, this could be traced back to VMware products such as ESXi – or turning off Secure Boote helped get VMs booting again. But there is a bug in certain versions of the virtualizer KVM, which affects e.g. QUEMU or Proxmox users from version 7.x on. Then Windows virtual machines no longer boot if they have been running for more than 11 days. I'll pull this issue out separately.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
