AlienFox: Toolkit to compromise email and web hosting services in the cloud

Posted on 2023-04-11 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]AlienFox is a toolkit for compromising email and web hosting services. This toolkit is highly modular, comes in multiple versions, and attempts to exploit misconfigurations in the cloud to grab credentials for services such as AWS, Microsoft 365, Google Workspace, 1and1, etc. Security researchers from SentinelLabs, the research division of SentinelOne, have analyzed multiple versions of AlienFox and are making their findings available. Companies should arm themselves accordingly and protect themselves from attacks by the toolkit.

Continue reading

Posted in Cloud, Security | Tagged , | Leave a comment

Additional information about the compromised 3CX desktop app

Posted on 2023-04-10 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The 3CX Desktop app from phone system provider 3CX was infected with malware via supply chain attack. As a follow-up, I have some additional information. For example, the incident has now been confirmed by 3CX and both Cyble and Kasperky have provided analysis. According to Kaspersky, the North Korean hacker group Lazarus seems to be connected to the attack. The attack was also made possible because a vulnerability in Windows, known for 10 years, was declared by Microsoft to be only "opt-in" to close – hardly anyone knows about this possibility. And not all virus scanners recognize the threat.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Citrix Cloud Connector May 2023 upgrade requires new DigiCert G4 root and intermediate certificates

Posted on 2023-04-10 by guenni

[German]Brief note for administrators who are responsible for the deployment of the Citrix Cloud Connector. Normally, there is no need to worry about an update of this connector. However, in early May 2023, there is a connector update that administrators should be take care of. The installation of the update in question requires that the required DigiCert G4 root and intermediate certificates have been updated beforehand.

Continue reading

Posted in Cloud, Security, Software | Tagged , , | Leave a comment

Microsoft 365: Outlook.com can't send/receive mails, due to reaching Microsoft's OneDrive file limit

Posted on 2023-04-09 by guenni

[German]Nasty surprise for Microsoft 365 users who use Microsoft's Outlook.com email service. Users of the free email service may suddenly find that they can no longer receive or send mails. The reason given for the Outlook.com going on strike is that the available storage capacity of OneDrive has been exceeded. The cause of this effect is a change in the OneDrive storage limit policy on February 1, 2023, which has now been rolled out more broadly. This is because Microsoft now also includes email attachments for Outlook.com in the 5 GB OneDrive storage limit.

Continue reading

Posted in Cloud, issue | Tagged , , | Leave a comment

Google Dropcam and Nest Secure reaches End of Live on April 8, 2024

Posted on 2023-04-09 by guenni

[German]Bad news for users of Google's home automation products like the Nest Thermostats, the Dropcam camera or the Google Secure solutions. Google has announced that their support will be discontinued on April 4, 2024. The solutions in question will then no longer be accessible via app and will become more or less useless, as support will be missing. Here is a short overview of what Google has announced.

Continue reading

Posted in Cloud, Security, Software | Tagged , , , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Issues with new 365 tenant/accounts – Migration Exchange 2013 to Exchange Online

Posted on 2023-04-08 by guenni

Exchange Logo[German]This month, support for Microsoft Exchange 2013 expires, so administrators are facing a switch to Exchange 2019 or Exchange Online. A blog reader emailed me the other day because he ran into problems when migrating customers from Microsoft Exchange 2013 to Exchange Online. I'm posting the reader's experience report here – maybe it will help others who are affected.

Continue reading

Posted in Cloud, issue | Tagged , | 3 Comments

Windows 10 21H2: Support expires in June 2023

Posted on 2023-04-08 by guenni

Windows[German]Microsoft has reminded Windows 10 users as of April 6, 2023 that support for version 21H2 will expire in June 2023. After that, these builds will not get any security updates. Users of version 21H2 have two options: Either they update the operating system to version 22H2. Or they check whether the machine is compatible for Windows 11 22H2 and switch to this version – at least that is what Microsoft writes. Another alternative would be to switch to a Linux distribution, provided that the required functions are available on this platform. And there would be the option of switching to Windows 10 1909 IoT LTSC – there is support there until 2029.

Continue reading

Posted in Security, Update, Windows | Tagged , , | Leave a comment

Cyber attack on MSI (April 2023)

Posted on 2023-04-07 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Taiwan-based manufacturer MSI (Micro-Star International) has admitted to a cyberattack on part of its IT network as of April 7, 2023. Earlier this week, the ransomware gang called Money Message infiltrated some of MSI's systems, according to its own statement. The group threatened to release captured files on the Internet next week if no ransom was paid by MSI.

Continue reading

Posted in Security | Tagged | Leave a comment

Edge 112.0.1722.34 with new features

Posted on 2023-04-07 by guenni

Edge[German]Microsoft updated the Edge browser in the stable channel to version 112.0.1722.34 on April 6, 2023. The browser gets new features (e.g. Enhanced Security Mode improvements) as well as security and bug fixes.

Continue reading

Posted in browser | Tagged | Leave a comment

Windows365 Frontline introduced

Posted on 2023-04-07 by guenni

Windows[German]Microsoft has just unveiled its Windows365 Frontline – a Windows 11-based system streamed from the cloud. The system is designed to offer a personalized Windows that can be deployed and managed via Microsoft Intune alongside cloud PCs and physical devices. The idea behind the Windows 365 Frontline rollout is to offer shift and part-time workers the flexibility of the cloud PC. Continue reading

Posted in Cloud, devices, Windows | Tagged , | Leave a comment