Outlook.com 'account suspensions' due to unusual sign-in activities – is Microsoft's AI running amok, or are accounts compromised?

Posted on 2022-07-18 by guenni

[German]Brief information to users who use private Microsoft accounts (i.e. no self-managed company accounts). Are you currently receiving security warnings for Outlook accounts, stating that these accounts are now blocked due to suspicious activities? Often with the note that suspicious logins to the Microsoft account have been detected. A blog reader just contacted me about this and shared a theory. After a short investigation, I found numerous reports since a few days, where people observed, that their outlook.com accounts are being synced from foreign IPs (despite 2FA). It's not clear, whether it's a service issue or a security flaw.

Continue reading

Posted in Security | Tagged , , | 12 Comments

No password protection cause of Shanghai's police database leak

Posted on 2022-07-18 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]A dashboard used to manage the database of Shanghai police authorities was not secured by a password for over a year and could be freely accessed via the Internet. This is likely the cause of the recently leaked Shanghain Police Files, which reveal data on over 1 billion Chinese visitors. The whole thing is hosted in the Alibaba Cloud, using – according to experts – outdated technology with security problems. Something rings a bell in the back of my head, some places in Europe (e.g. Switzerland) rely on the Chinese cheap cloud for data storage. Details on the above case and the open database can be found in the blog post Hacker sells 1 billion personal data from Shanghai police data base for 10 bitcoins.

Posted in Security | Tagged | Leave a comment

Is Windows Update KB5015811 causing Exchange performance issues?

Posted on 2022-07-18 by guenni

Exchange Logo[German]Quick poll to the administrators among the readership who are running a Microsoft Exchange on-premises installation on Windows Server 2019. Have you experienced any performance issues with Microsoft Exchange after installing the July 2022 update? I got a report from a blog reader who had to uninstall the security update. Continue reading

Posted in issue, Update, Windows | Tagged , , , | 5 Comments

Log4J: SMEs not aware of, DHS see problems for a decade

Posted on 2022-07-17 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The Log4Shell vulnerability in the Log4j library, which can be exploited in Java, is presumably present in many systems and software packages. The problem is likely to affect us for years to come, experts estimate, and it has not yet reached SMEs. The Department of Homeland Security (DHS) also addressed the Log4j issue again this week in a recommendation.

Continue reading

Posted in Security | Tagged | Leave a comment

ChromeOS Flex is ready

Posted on 2022-07-17 by guenni

[German]Google has announced this week that its "Chrome OS Flex" operating system for PCs and Macs is ready and released it broadly for the said devices. The OS is meant to promote sustainability by allowing existing devices to be upgraded to an easy-to-manage, fast and secure Chrome OS operating system.

Continue reading

Posted in Software | Tagged | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Sality malware infected password cracking tool distributed for industrial PLCs and ISC

Posted on 2022-07-16 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Cyber criminals are promoting a tool on social networks that can be used to crack passwords in industrial control systems (ICS, PLCs). This is certainly useful for technicians who need to access PLCs (Programmable Logic Controllers) or ICSs (Industrial Control Systems) but no longer know the access data. The problem: The advertised password cracking tool is contaminated with the Sality malware, and the attackers use it to infect the PLCs or ICS.

Continue reading

Posted in Security | Tagged | Leave a comment

Windows print and scan error due to smart card authentication change

Posted on 2022-07-16 by guenni

Windows[German]Quick note for administrators in enterprise environments. If you experience print and scan errors on your networks over the next few days, this may be related to changes in smartcard authentication that Microsoft made in July 2022.

Continue reading

Posted in issue, Update, Windows | Tagged , , | Leave a comment

Microsoft Edge 103.0.1264.62 (July 14, 2022)

Posted on 2022-07-16 by guenni

EdgeMicrosoft has updated the Edge browser in the stable channel to version 103.0.1264.62 as of July 14, 2022. It is a maintenance update. Thanks to the user for pointing this out. The release notes don't give more details about the update, but the Edge 103.0.1264.62 has issues with the July 2022 updates for Windows 10 1809. The browser should update automatically, but it can also be downloaded from the Edge page. The download bug has not been fixed (see Microsoft Edge 103.0.1264.44 download bug: .crdownload files remains).

Posted in browser, Update | Tagged | Leave a comment

Microsoft July 2022 Patchday issues (Windows, Office)

Posted on 2022-07-16 by guenni

Update[German]As of July 12, 2022 (second Tuesday of the month, patchday at Microsoft), a number of security updates for Office and Windows have been released. The security updates also eliminate 84 vulnerabilities, one of which is 0-day. Unfortunately, there is some collateral damage to report as a result of these updates. I pull together some information in this post, what came under my eyes, or what may be open problems from previous patchdays and may have been fixed.

Continue reading

Posted in issue, Office, Update, Windows | Tagged , , , , | Leave a comment

WordPress: Vulnerability in Kaswara Modern WPBakery Page Builder under attack

Posted on 2022-07-15 by guenni

ordPress users who have Kaswara Modern WPBakery Page Builder in use should act quickly. Older versions contain vulnerability CVE-2021-24284 , which allows WordPress installation takeover. The vulnerability is under attack. Details can be found at Bleeping Computer in this article

Posted in Security, Software | Tagged , | Leave a comment