[German]A small note for users of the backup software from the manufacturer Veeam. As of March 7, 2023, Veeam has fixed a critical vulnerability (CVE-2023-27532) in its Backup & Replication product in versions V11a/V12 via an update. The update via a cumulative update should be applied promptly. Update: There is now an exploit, exploitation likely soon.
[German]Administrators of Fortinet's FortiOS and FortiProxy must become active. The manufacturer has published various security advisories for different products as of March 7, 2023. Among other things, a DoS vulnerability CVE-2022-45861 in FortiOS and FortiProxy are addressed. Some of the vulnerabilities are very critical (CVSSv3 score 9.3).
[German]It is an issue that has been bothering users for months. There is a bug in Windows 11 22H2 that causes a serious speed drop when copying large files. Since December 2022 I have been hoping that this would be fixed with a patch. But now this bug is fixed with the lastest preview update, as I just found out.
[German]Google has released updates to Google Chrome Browser 111 in the stable channel for Mac, Linux and Windows as of March 7, 2023. Mac and Linux now reach version 111.0.5563.64, while for Windows, versions 111.0.5563.64/.65 are ready. These are security updates that fix critical vulnerabilities. The Extended Stable Channel and Android have also been updated.
[German]There are signs of a "business change" at WhatsApp, the Meta subsidiary. In the past, WhatsApp didn't care about the EU when it came to data protection and wanted to force users to agree to the transfer of data to Facebook. WhatsApp agrees now to comply with EU regulations, not to forward data to third parties or Facebook for advertising purposes, and to generally become more transparent.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Quick note for blog readers who are running Windows 11 22H2. It looks like Microsoft has changed something internally with the February 2022 update KB5022845 and the Moments 2 update KB5022913, which is currently available as a preview. Users who have deactivated Windows Defender and have not installed any other virus protection may run into the problem that applications start slower or even hang completely after the update installation. However, there is a workaround to fix this.
[German]In addition to preparing the Windows Insider Program for testing Windows 12, Microsoft just announced another new feature. With the March 2023 update, a new approach for Windows 11 22H2 called "continuous innovation delivery" will come into effect. In this way, Microsoft wants to tip innovations "under the table" onto the user systems via Windows Update.
[German]Microsoft has just announced that there will be a new Canary Channel in the Windows Insider program. What sounds like "even more chaos" might indicate that Redmond is preparing a playground for Windows Insiders to test Windows 12, which is expected sometime in 2024. Here is what we know so far about that. Continue reading
[German]International investigators and law enforcement (FBI, Europool, German LKA, etc.) have succeeded in identifying members of a cybergang that operated under the names "DoppelSpider" and "DoppelPaymer". The cybergang was responsible for ransomware attacks on companies and the University Hospital in Düsseldorf or the UK health system. Multiple targets in Germany and Ukraine has been raided last Tuesday. Law enforcement also issued international arrest warrants for three suspects with Russian backgrounds.
[German]Drones from the Chinese manufacturer DJI have vulnerabilities that allow third parties to read radio traffic and determine the location of the drone pilot. This vulnerability comes from a monitoring feature called AeroScope (DroneID), developed by the manufacturer for "law enforcement agencies", which allowed them to determine the location of the pilot at a distance of up to 50 km. This has been known for a year, but DJI wrotes, the DroneID protocol used for this is encrypted now. However, security researchers have proven that these "assurances of the manufacturer" are simply wrong. In addition, German security researchers have uncovered other vulnerabilities in various DJI drones, made public on March 3, 2023, that allow a drone's serial number to be altered or the aircraft to crash. This causes trouble for companies and individuals who use such drones.
-
MVP:
2013 – 2016
WIMVP:
2017 – 2020
