[German]FortiGuard Labs reported a critical vulnerability CVE-2022-42475 in FortiOS on December 12, 2022, which arguably allows remote code execution over SSL VPN. The bad thing is that this vulnerability is already being exploited in the wild. The vendor has since released FortiOS security updates for the affected versions.
[German]Quick survey or note to administrators who use Sophos security solutions (ATP). Currently it looks like the Sophos security products are misclassifying the Cloudflare IP address 188.114.97.3 as ATP C2/Generic-A. After a blog reader informed me via a private Facebook message, some information on what I've found out so far.
[German]cecurity tools such as virus scanners claim to protect systems from threats. But malfunctions or vulnerabilities can unintentionally expose systems to particular risks. A security researcher recently demonstrated in a proof-of-concept (POC) that anti-malware solutions can be tricked into selectively deleting files on a system. The researcher called this approach "aikido" – derived from the Japanese martial art of using an opponent's attack against the opponent himself.
[German]A short note for administrators and users who use the Jabra Engage 75 headsets in a corporate environment. There are currently massive problems in connection with Microsoft Teams. The headsets crash as soon as Microsoft Teams calls arrive. However, it looks like there is a workaround. I'm compiling the information I received via a Facebook group – maybe someone else is affected.
[German]The countdown from when the USB-C port becomes mandatory in European Union for mobile devices as a charging port has begun. The EU has set December 28, 2024 as the start date from which this obligation will apply. This implements a decision by the EU Parliament in October 2022 to introduce the USB-C interface as a common charging port for a wide range of electronic devices.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[English]Alphabet subsidiary Google must remove links from its search engine if requested to do so by users from Europe who can prove that the linked pages contain false information. That's according to a December 8, 2022 ruling by the European Court of Justice (ECJ).
Continue reading
[German]Microsoft has just released Edge version 108.0.1462.46. In the Microsoft Edge browser, Microsoft "removed" the "Next" button (Forward button) some time ago (from version 102). But there is a way to reactivate this button. And, if not yet known: Support for Windows 7 and Windows 8.1 is removed as of Microsoft Edge version 110.
[German]Security researchers at Google Threat Analysis Group (TAG) have published details of a (then 0-Day) vulnerability in Internet Explorer's JavaScript engine that was discovered on October 31, 2022. This 0-Day was probably actively exploited by North Korean hackers to attack targets in South Korea via compromised Word documents. The CVE-2022-41128 vulnerability will be closed with Microsoft's security updates for Windows on November 8, 2022 (Patchday).
Continue reading
[German]Brief information for users of Windows 11 22H2. Microsoft has distributed the Secure Boot DBX update KB5012170 probably again on December 6/7, 2022 for Windows 11 version 22H2. This update had been released on Patchday, August 9, 2022 to fix issues in Secure Boot DBX. However, this update caused significant problems with Bitlocker for some users, up to systems no longer booting. There may also be problems with the current update.
[German]Modern vehicles are equipped with a lot of electronics and software so that they can access various functions as conveniently as possible. However, security researchers have identified serious weaknesses in vehicles from Honda, Nissan, Infiniti and Acura. In the U.S., the vehicle number (VIN) visible in the windshield is sufficient to crack such vehicles remotely, open them and then drive off with them.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
