CERT Warning: Default KeePass Setup Allows Password Theft (CVE-2023-24055)

Posted on 2023-01-30 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Warning to users of KeePass Password Safe for managing passwords and credentials. The Cyber Emergency Response Team from Belgium (CERT.be) published a warning about KeePass on January 27, 2023. In the default setup, write access to the XML configuration file is possible. This leads to r vulnerability CVE-2023-24055, which could open the way for an attacker to obtain the plaintext passwords by adding an export trigger (Unauthenticated RCE, Information disclosure). However, there are lesser known ways to harden the setup somewhat – whether it is useful is another story. Here is an overview of this topic.

Continue reading

Posted in Security | Tagged | Leave a comment

20,000 accounts hacked at Dutch online mail-order pharmacy DocMorris (Jan. 2023)

Posted on 2023-01-30 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Trouble for customers of the online mail-order pharmacy DocMorris. The mail-order company had already restricted payment options days ago due to invoice fraud and requires payment in advance. Now it is reported that 20,000 user accounts at DocMorris were hacked via a credential stuffing attack. DocMorris has blocked these accounts.

Continue reading

Posted in Security | Tagged | Leave a comment

Sysinternals RDCMan, Sysmon and ZoomIt updated

Posted on 2023-01-29 by guenni

Windows[German]The Sysinternals team updated the RDCMan (remote desktop session management), Sysmon (host monitoring tool) and ZoomIt (allows screen magnification and annotations) tools for Windows at the end of January 2023. These are bug fixes in the tools mentioned here.

Continue reading

Posted in Software, Windows | Tagged , | Leave a comment

Windows Update CSP page refreshed (Jan. 2023)

Posted on 2023-01-29 by guenni

Windows[German]Quick note to administrators of Windows environments. Microsoft has updated the Policy CSP – Update web page as of January 27, 2023. This page documents group policies for Windows Update and now shows which policies should be used for what in Windows 10/Windows 11 and which are old policies that Microsoft does not recommend.

Continue reading

Posted in Update, Windows | Tagged , | Leave a comment

Do we need RDS licenses for Citrix Virtual App/Desktop environments?

Posted on 2023-01-29 by guenni

ParagraphDo we actually need Microsoft RDS licenses if we run an environment with Citrix Virtual App/Desktop? Citrix has discussed this in the article Do We Need RDS Licenses For Citrix Virtual App/Desktop Environment. Short answer: yes, you need both Citrix licenses and Microsoft RDS licenses to use the Citrix Virtual App/Desktop environment. (via Twitter)

Posted in General, Software, Virtualization, Windows | Tagged , , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Microsoft Teams: Remote Code Execution (RCE) vulnerability

Posted on 2023-01-28 by guenni

TeamsA little note about security on Microsoft Teams. Two security researchers @adm1nkyj1 and @jinmo123 participated in pwn2own 2022 in Vancouver. There they tried to hack Microsoft Teams, but failed due to time allocation. Both discovered a bug that allowed an exploit. The deeplink handler for /l/task/:appId in Microsoft Teams can load an arbitrary url in Webview/iframe. Attackers can exploit this using Teams' RPC functionality to execute code outside the sandbox. The security researchers have shared the details in this blog post. Thanks to Jan R. for pointing this out.

Posted in Security, Software | Tagged , | Leave a comment

Malware PlugX infects USB devices

Posted on 2023-01-28 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researchers from Palo Alto Networks' Unit 42 have observed cyberattacks with new variant of the old known malware. Suspected to originate from China, the PlugX malware has attracted attention because this variant infects all connected USB removable media devices such as floppy, thumb or flash drives, as well as any other systems to which the USB stick is later connected.

Continue reading

Posted in Security | Tagged | Leave a comment

European Data Protection Day 2023

Posted on 2023-01-28 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Today, January 28, 2023, is European Data Protection Day. It's a day of action for data protection launched on the initiative of the Council of Europe. It has been celebrated annually around January 28 since 2007. This date was chosen because the European Convention on Data Protection was signed on January 28, 1981. To ensure the security of data, risk behavior should be adjusted in everyday life.

Continue reading

Posted in Security | Tagged , | Leave a comment

Windows 11 21H2 is automatically updated to version 22H2 (Jan. 26, 2023)

Posted on 2023-01-27 by guenni

Windows[German]Microsoft has released the upgrade brakes for Windows 11 21H2 as of January 26, 2023, and generally released the feature update to version 22H2, which was released in November 2022. Starting on the aforementioned date, Microsoft will begin automatically upgrading consumer and unmanaged versions of Windows 11 Home and Pro to Windows 11 22H2. However, the whole thing will be done in waves.

Continue reading

Posted in Update, Windows | Tagged , | Leave a comment

Windows 11 22H2: Preview-Update KB5022360 (Jan. 26, 2023)

Posted on 2023-01-27 by guenni

Windows[German]Microsoft has released the optional cumulative (preview) update KB5022360 for Windows 11 version 22H2 on January 26, 2023. There are a number of new features and especially a long list of bug fixes. Below I give an overview regarding these updates for Windows 11.

Continue reading

Posted in Update, Windows | Tagged , | Leave a comment