[German]Microsoft has released an optional cumulative (preview) update KB5018482 on October 25, 2022 (C-Week). This is supposed to fix numerous bugs in Windows 10 21H2-21H2. The list of blocked drivers is finally rolled out via update. Below I provide an overview regarding these updates for Windows 10.
[German]Ransomware groups continue to develop new tactics, techniques, and procedures (TTPs) to bypass protections during attacks. On the other hand, protections on endpoints and networks continue to evolve. The Microsoft Detection and Response Team (DART) published a case report the days where it was revealed how attackers use Avast Anti-Rootkit driver to perform elevation of privilege in ransomware attacks.
[English]The days I had reported about an unfixed 0-day vulnerability, Mark of th e Web (MOTOW), in Windows for which there is an unofficial fix. Now a report has come to my attention that a 0-day vulnerability in this area can be exploited by cybercriminals via JavaScript to bypass web security alerts and disguise ransomware attacks. The background is that a bug in Windows 10 prevents Windows' SmartScreen filter from kicking in when an invalid digital signature is present.
[German]Google has released the update of Google Chrome to the 107 branch in the stable channel for Mac (107.0.5304.62), Linux (107.0.5304.68) and Windows (107.0.5304.62/63) on October 25, 2022. It is a new development branch, but it also fixes bugs and vulnerabilities.
[German]A new case from a US healthcare platform showing how critical tracking pixels from social media platforms can be. Advocate Aurora Health, a large nonprofit operator of healthcare facilities in the Midwestern U.S., had to inform its patients that sensitive data may have been leaked through the use of meta-counting pixels in its own websites and online services.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Security researchers have identified a vulnerability that undermines the location data of users of WhatsApp, Signal and Threema. In a blog post, the security researchers present the results of the research and offer potential solutions to mitigate the attack vector. The operators of the messengers are investigating the problem, but Threema questions the practical exploitability in principle due to restrictions.
Microsoft plans to hold an "Ask me anything" session on Delivery Optimization & Connected Cache on October 27, 2022. The team behind Delivery Optimization and Microsoft Connected Cache wants to provide answers to questions.
[German]The support of the Chrome browser is to be discontinued for Windows 7 SP1 and Windows 8.1 from February 2023. The Google developers are reacting to the fact that ESU support for Windows 7 SP1 will end in January 2023. And Windows 8.1 will also receive security updates for the last time in January 2023 and will fall out of support in February 2023. Microsoft's Edge browser is also affected Continue reading
[German]The common European standard for charging cables for mobile devices, which is based on the USB-C interface, has been decided and can now come. Following the overwhelming approval of the European Parliament on October 4, 2022, the Council of EU member states gave its consent on October 24, 2022. New devices in the EU will have to be equipped with this interface by 2026 at the latest, but the standard will already apply from 2024.
[German]If you're a user of the WhatsApp messenger service and nothing is working right now, it's not because of your device or your account. Meta subsidiary WhatsApp is likely to experience a worldwide outage of its Messenger service today, October 25, 2022.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
