Microsoft Exchange: New OWASSRF exploit method (ProxyNotShell) used by play ransomware

Posted on 2022-12-21 by guenni

Exchange Logo[German]Security researchers at CrowdStrike have discovered a new exploit method for the NotProxyShell vulnerabilities CVE-2022-41080 and CVE-2022-41082 while analyzing several Play ransomware cases. The ransomware uses a new exploit method to bypass Microsoft's URL rewrite rules (in response to ProxyNotShel) for Autodiscover. The exploit allows remote code execution (RCE) via Outlook Web Access (OWA) and is then used to infect vulnerable Exchange servers. The new exploit method is referred to as OWASSRF. Addendum: CERT-EU has added the new exploit method to it's 0-day Exchange exploit list.

Continue reading

Posted in General | Leave a comment

Cyberattack on H-Hotels.com (Dec. 11, 2022)

Posted on 2022-12-21 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The hotel chain H-Hotels has fallen victim to a cyber attack. As a result, the hotel chain's internal and external communication is currently only available to a limited extent. However, bookings and hotel operations of the group should continue to be possible. So far, the company assumes that no customer data has been leaked in this attack, which took place over the weekend. Addendum: The Play ransomware group took responsibility and has published a statement.

Continue reading

Posted in Security | Tagged | Leave a comment

Windows Server 2019/2022: Out-of-Band Updates fixes Hyper-V Issue (Dec. 20, 2022)

Posted on 2022-12-21 by guenni

Windows[German]The security updates rolled out by Microsoft on the December 2022 patchday lead to problems with Hyper-V in certain constellations. New VMs can no longer be created, existing VMs have problems with Ethernet connections, etc. Microsoft has now released a special update (out-of-band update) for Windows Server 2019 as well as Windows Server 2022 to fix the problem.
Continue reading

Posted in issue, Update, Virtualization, Windows | Tagged , , , | Leave a comment

Amazon and EU reach agreement in competition proceedings

Posted on 2022-12-21 by guenni

Amazon[German]Amazon has reached a settlement with EU antitrust authorities in a competition case involving allegations that Amazon is hindering competition on its platform by using non-public data. Amazon has pledged to treat all sellers equally and make competitors' products more visible in Amazon's "Buy Box," which generates the bulk of purchases on the site.

Continue reading

Posted in General | Tagged , | Leave a comment

Direct Access Issues fixed with Dec. 2022 Updates

Posted on 2022-12-21 by guenni

Windows[German]The security updates from November 8, 2022 for Windows, caused Direct Access connection issues. Microsoft had already confirmed this for Windows 10 and Windows 11 as of November 13, 2022, and wrote, that preview updates from October 2022 was the root cause of the problem. As an emergency measure, the problem created by the update could be rolled back via KIR. Now Microsoft has provided a final fix with the December 13, 2002 security updates.

Continue reading

Posted in Update, Windows | Tagged , , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Thyssenkrupp: Cyber attack on Materials Services

Posted on 2022-12-20 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The materials division of thyssenkrupp AG has been the victim of a cyber attack, the company has announced. The attack was detected by the company's IT, with defensive measures currently taking place. This is because the attack is still ongoing, the company said. The materials division (Materials Services), the company's largest business unit in terms of revenue, is probably affected. A crisis team is currently trying to gain an overview.

Continue reading

Posted in Security | Tagged | Leave a comment

Keyboard Corsair K100 mysteriously auto typing characters and texts – it's not a keylogger or malware – blame the firmware

Posted on 2022-12-20 by guenni

[German]Users of a mechanical Corsair K100 keyboard complain that it "types" words or sentences by itself.  However, the fears of some users that a keylogger or a malware is causing that behavior are not true. According to the manufacturer, it is simply a firmware bug that will eventually replay texts typed by the user and find it's was into the keyboard's macro recorder.

Continue reading

Posted in devices, issue | Tagged , | Leave a comment

Windows 10: Sept. 2022 preview updates cause shell issues with taskbar, start menu, explorer

Posted on 2022-12-19 by guenni

Windows[German]Since the rollout of security update KB5018410 from Oct. 11, 2022 (or even through the Sept. 2022 preview update), issues with the taskbar, Start menu, apps and also Windows Explorer can occur under Windows 10 (20H2 to 22H2). Microsoft has just admitted this and has since released at least a partial fix in the form of a Know Issues Rollback (KIR). Here is an overview of this issue.

Continue reading

Posted in issue, Update, Windows | Tagged , , | Leave a comment

Windows 11 22H2: December 2022 update (12/13/2022) fixes Task Manager display issues

Posted on 2022-12-19 by guenni

Windows[German]The preview update from November 29, 2022, had caused a display issue in the task manager of Windows 11 22H2. Its display could hardly be read in certain display constellations – a German user notified me in a comment within the German blog. The security updates from December 13, 2022, fixed this problem, as Microsoft and also the user confirmed.

Continue reading

Posted in issue, Update, Windows | Tagged , , , , | Leave a comment

Windows 10 20H2-22H2: Update KB5021233 from 13. Dec. 2022 causes BlueScreen

Posted on 2022-12-19 by guenni

Windows[English]The security updates released on Dec. 13, 2022, are causing serious issues for some users. The .NET framework updates cause issues with graphics printing (I've addressed it within my German blog post .Net Update vom 13. Dez. 2022 verursacht Druckprobleme bei DATEV-Briefköpfen mit Grafiken). And cumulative update KB5021233 for Windows 10 22H2, I have numerous reports of BlueScreens occurring. Microsoft has just confirmed that all Windows 10 20H2 – 22Hx versions are affected and explains the cause along with advice on how to fix the problem.

Continue reading

Posted in issue, Update, Windows | Tagged , , , , | 1 Comment