LastPass says hackers has stolen encrypted Vault database backup with user data

Posted on 2022-12-23 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The next serious security incident that the provider LastPass has to admit. LastPass just announced that a threat actor had stolen a backup copy of its customers' encrypted vault data (Vault Data). The coup was accomplished using cloud storage keys stolen from a LastPass employee in August 2022. Should the attacker be able to crack the encryption, access to the stored user access data would be possible – the absolute GAU.

Continue reading

Posted in Security | Tagged | Leave a comment

Windows Server 2019: Container feature cannot be installed (0x800F0831, 0x80073701)

Posted on 2022-12-23 by guenni

Windows[German]Around the out-of-band update for the Hyper-V issue with Windows Server 2019/2022, a blog reader contacted me. He is experiencing an issue where the Container feature cannot be installed as a role on Windows Server 2019. The installation attempt aborts with error 0x800F0831. Here is some information about the problem and possibly workarounds (there is an article from Microsoft about this as of Oct 28, 2022).

Continue reading

Posted in issue, Virtualization, Windows | Tagged , , | Leave a comment

Chrome 110 will be released as a staged rollout

Posted on 2022-12-23 by guenni

[German]Google plans a staged roll out of the Google Chrome from version 110. Some users will get the browser immediately, and the rest will get the update a week later. Version 110 is supposed to start on February 1, 2023, where a small group of users will get the Google 110. Then a week later, on February 7, 2023, the broad rollout to other user groups will begin. By releasing the stable version early to a small percentage of users, Google hopes to be able to monitor and bug check this version before releasing it to all of our users. If a noticeable issue is discovered, it can be fixed before the wide rollout, so the impact is relatively small, Google writes in this post. (via)

Posted in browser | Tagged | Leave a comment

Thunderbird 102.6.1

Posted on 2022-12-22 by guenni

[German]The developers of Thunderbird have released another update of the email client to20. December 2022 another update of the email client to version 102.6.1 released. It is a bug-fix update, which should fix some problems. In addition, a vulnerability that was rated as high has been closed. Just updated the client on my end.

Continue reading

Posted in Software, Update | Tagged | Leave a comment

British "The Guardian" victim of a cyber attack (Dec, 20, 2022)

Posted on 2022-12-22 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The British newspaper "The Guardian" has fallen victim to a cyberattack. The publisher suspects a ransomware attack, but is probably still able to continue its work and produce the paper online. Employees are being asked to work from the home office.

Continue reading

Posted in Security | Tagged | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Windows Server 2022: Microsoft Office display issues on RDS

Posted on 2022-12-22 by guenni

Windows[German]It's a strange bug that a blog reader just reported to me in the terminal server environment with Office. In a constellation under Windows Server 2022, reproducible display errors occur under Microsoft Office during an installation with Remote Desktop Services (RDS). In certain display constellations all text characters in a Word window disappear after some time. But there is a workaround, so I'll post it in the blog, maybe there are more affected people.

Continue reading

Posted in General | 13 Comments

Boxcryptor: Free accounts will be deactivated on January 31, 2023

Posted on 2022-12-22 by guenni

[German]The German encryption service Boxcryptor is being over taken by Dropbox. New customers are already no longer accepted – subscriptions expire and the service has done itself in as an "encryptor" for cloud uploads. A German blog reader informed me, that Boxcryptor has begun to inform users, that free ccounts will be shut down on January 31, 2023.
Continue reading

Posted in Cloud, Software | Tagged , | 1 Comment

Microsoft Exchange: New OWASSRF exploit method (ProxyNotShell) used by play ransomware

Posted on 2022-12-21 by guenni

Exchange Logo[German]Security researchers at CrowdStrike have discovered a new exploit method for the NotProxyShell vulnerabilities CVE-2022-41080 and CVE-2022-41082 while analyzing several Play ransomware cases. The ransomware uses a new exploit method to bypass Microsoft's URL rewrite rules (in response to ProxyNotShel) for Autodiscover. The exploit allows remote code execution (RCE) via Outlook Web Access (OWA) and is then used to infect vulnerable Exchange servers. The new exploit method is referred to as OWASSRF. Addendum: CERT-EU has added the new exploit method to it's 0-day Exchange exploit list.

Continue reading

Posted in General | Leave a comment

Cyberattack on H-Hotels.com (Dec. 11, 2022)

Posted on 2022-12-21 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The hotel chain H-Hotels has fallen victim to a cyber attack. As a result, the hotel chain's internal and external communication is currently only available to a limited extent. However, bookings and hotel operations of the group should continue to be possible. So far, the company assumes that no customer data has been leaked in this attack, which took place over the weekend. Addendum: The Play ransomware group took responsibility and has published a statement.

Continue reading

Posted in Security | Tagged | Leave a comment

Windows Server 2019/2022: Out-of-Band Updates fixes Hyper-V Issue (Dec. 20, 2022)

Posted on 2022-12-21 by guenni

Windows[German]The security updates rolled out by Microsoft on the December 2022 patchday lead to problems with Hyper-V in certain constellations. New VMs can no longer be created, existing VMs have problems with Ethernet connections, etc. Microsoft has now released a special update (out-of-band update) for Windows Server 2019 as well as Windows Server 2022 to fix the problem.
Continue reading

Posted in issue, Update, Virtualization, Windows | Tagged , , , | Leave a comment