Born's Tech and Windows World

[German]I am once again taking up a difficult topic in a review, which has triggered numerous discussions within my Germanblog. It is about the German , BSI's (Federal Office for Information Security) warning against the use of products of the Russian provider Kaspersky. In the meantime, the Higher Regional Court has clarified that the BSI was allowed to warn and that this also falls within its scope. It should be clear to everyone that at least parts of the decision was also politically motivated. Now, in an article for the German broadcasting service Tagesschau, and Bavarian TV service BR has traced how difficult it was for the BSI to make its assessment.

Continue reading →

[German]Malwarebytes' threat intelligence team has identified a new, technically advanced remote access Trojan. Dubbed "Woody Rat," the Trojan has been in circulation for about a year and targets Russian organizations. Among others, Obyedinyonnaya Aviastroitelnaya Korporatsiya (OAK), an aerospace and defense company majority-owned by the Russian state, has already been targeted by Woody Rat. The Trojan exploits the so-called Follina exploit (CVE-2022-30190), a zero-day vulnerability that can be used to abuse the Microsoft Support Diagnostics utility to download malicious Microsoft Word or Excel documents from the Web.

Continue reading →

[German]A small follow-up on security for online accounts using two-factor authentication (2FA). Microsoft's security teams have encountered a large-scale AiTM phishing campaign that attempted to attack more than 10,000 organizations since September 2021. The campaign involved stealing passwords, hijacking the user's login session and skipping the authentication process. This was true even if the user had multifactor authentication (MFA) enabled. The attackers then used the stolen credentials and session cookies to access the affected users' mailboxes and conduct further business email compromise (BEC) campaigns against other targets.

Continue reading →

[German]The last few hours have seen another rash of cyber attacks on companies and government agencies. Semikron, a German manufacturer of power semiconductor components has fallen victim to a ransomware attack. Peter Berghaus GmbH, a manufacturer of traffic technology and signaling systems, may also have fallen victim to a cyber attack (fraud emails are sent in the company's name). Furthermore, the Spanish Ministry of Science has become a victim of a cyber attack and the European missile manufacturer MBDA as well. Here is a summary of various security incidents.

Continue reading →