[German]At the moment, there are more and more signs that Microsoft has the next "big" update for Windows 11 (22H2), which will be released on October 5, 2021, ready and will roll it out soon. There are new PCs that already contain this version – and installation ISO files have already appeared. I had already speculated in August 2022 that the Windows 11 2022 Update would be released on September 20, 2022.
[German]A nasty surprise for proud owners of an iPhone 14 Pro Max. The expensive sweetheart flops as soon as videos are recorded in apps for TikTok, Snapchat, etc. There are a number of user complaints about shaking and rattling videos using some 3rd party apps. Apple has identified the root cause and plans to deliver a fix next week via an update that should eliminate the problem.
[German]Good news for owners of Lexmark printers. The manufacturer has finally provided the firmware updates for various models. On the one hand, these are supposed to eliminate a vulnerability in more than a hundred Lexmark printer models, which Lexmark already warned about in June 2022 (the update had to be withdrawn again). Furthermore, the firmware update is supposed to fix the USB communication problem in Windows, which was caused by the July 2022 security update.
[German]Game developer Rockstar Games was hacked. Now a user on GTAForums has posted 90 video taken from a test build of Grand Theft Auto 6. The hacker also claims to have the source code of GTA 5 and 6. The hack and leak is aimed at blackmailing game developer Rockstar Games, with the hacker also claiming to be behind the attack on Uber (see Ride share service provider Uber investigates hack (Sept. 2022)).
[German]More information on the hack of InterContinental Hotels Group PLC (IHG) a few weeks ago. What was originally planned as blackmail then led to the deletion of extensive data when the blackmail went wrong. This is what a couple from Vietnam reportedly confessed to the British BBC.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Unpleasant discovery that a security researcher has made public the days. The Google Chrome browser, and also the Chromium-based Microsoft Edge browser, may transmit in some cases personal data from forms to Google and Microsoft (in the case of Edge). This also includes passwords, by the way. The Extended Spell Checker in the browser or in the MS Editor is probably responsible for this.
[German]The developers of the web-based password manager online service LastPass announced this week that attackers had access in August 2022 to internal systems for four days. Then the unauthorized access has been detected. However, the attackers probably did not succeed in gaining write access to the development environment and modifying code of the LastPass software or accessing sensitive user data.
[German]The desktop app for Microsoft Teams stores authentication tokens as plain text on the Linux, macOS, and Windows platforms. This allows attackers to access accounts using these tokens even if multi-factor authentication (MFA) has been enabled. Customers should rely on Teams web applications or monitor access to MS Teams data through processes, as Microsoft will not close this vulnerability immediately.
[German]In early September, OTORIO reported that the GhostSec hacktivist group had penetrated 55 Berghof PLC systems in Israel. Now the hacktivist group published another report claiming to have successfully penetrated more industrial control systems. OTORIA provided me with some information about these attacks, which I publish here on the blog.
[German]Small note for people who have fallen victim to LockerGoga ransomware. Bitdefender has informed me that the company has released a universal decryptor. This allows victims of all previous LockerGoga ransomware attacks to recover their encrypted files. Europol, the NoMoreRansom Initiative, the Zurich Public Prosecutor's Office and the Zurich Cantonal Police participated in the development of the decryptor, which is freely available for download.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
