[German]One more quick piece of info from this week's post. Microsoft has released some security description revisions as of June 14, 2022, which I'll just post here on the blog.
Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Sign-in issues with Azure AD and Microsoft 365 services since June 2022 update
[German]Microsoft is investigating another issue related to the June 2022 updates. It is said to affect Windows clients running on the ARM platform. On these devices, logging in to certain services is no longer possible after installing the June 14, 2022 security updates. This may also affect OneDrive, Microsoft Teams and Outlook.com.
Russian RSOCKS botnet taken down in international operation
[German]In a joint action of international investigators, the Russian RSOCKS botnet was dismantled. Authorities from the United States, Germany, the Netherlands, and the United Kingdom were involved in the operation. This bot network was rented to cybercriminals for years at prices ranging from $30 to $200 per day to launch cyberattacks and phishing waves on targets around the world.
Microsoft account: Password cannot be changed …
[German]There are mixed opinions about the Microsoft accounts required for online services and Windows. If there are problems with the account, the user is locked out, especially if the account has been deactivated. Now a reader told me about a new case where he can't change the password because the confirmation mail is delivered too late.
June 2022 Patchday issues (part 2): RDP, VPN, WLAN, hotspot connection and more
[German]The security updates released on June 14, 2022, closed numerous vulnerabilitiesholes. But there are also a number of issues, for example with VMs and when using ESET security solutions. I had given a first review in the blog post June 2022 patch day review: Windows update issues, Intel vulnerability, documentation fails. But there are more problems, for example in the area of wifi, VPN, hotspot or with Outlook links. Here is some information on the topic.
Posted in issue, Office, Update, Windows
Tagged issues, Outlook, Patchday 6.2022, Update, Windows
6 Comments
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Potentially more than 770 million Travis CI API logs compromised
[German]Travis CI is a very popular service among software developers, which is used to create and test many software projects. The service is part of the software supply chain of many software solutions. Moreover, Travis CI's credentials and login information are linked to popular cloud providers such as GitHub, AWS, Docker Hub, and many others. Team Nautilus, Aqua Security's research unit specializing in the cloud-native technology stack, has now discovered a vulnerability in the free version of the Travis CI API.
Anatomy of a Hive Ransomware Attack on Exchange via ProxyShell
[German]Often, the details of a ransomware infection remain obscure to outsiders. This week, I received a briefing from security services provider Varonis, whose security team has unraveled the course of an attack using the Hive ransomware. The Hive group operates as a ransomware-as-a-service provider and has been responsible for numerous attacks. In the current case, vulnerabilities in Exchange servers were exploited.
Exchange 2016/2019 Mitigation Service Error 1008 due to expired certificate
[German]Today another piece of information for administrators of Microsoft Exchange servers who this week suddenly receive an Error 1008 on Exchange 2016 or 2019 in the event logs, which is triggered by the Mitigation Service. A blog reader brought this to my attention the other day because he suddenly experienced the issue on Microsoft Exchange Server 2019. The background is a Microsoft "Microsoft Exchange XML Signing" certificate that expired on June 9, 2022. The problem should have been fixed by Microsoft in the meantime.
Interpol arrests 2,000 cyber fraudsters in Operation "First Light 2022"
[German]Internet fraud through social engineering has now reached massive proportions and is having a negative impact on some societies. As a result, Interpol and national police agencies have been cracking down on Internet fraudsters in an international operation called "First Light 2022." In the process, thousands of social engineering fraudsters were identified and arrested. The operation was carried out in 76 countries and included the seizure of criminal assets.
Adobe Acrobat (Reader) DC 22.001.20142
Adobe has released an update to Adobe Acrobat (Reader) DC to version 22.001.20142 (Windows) and (Mac) as of June 14. This update fixes some bugs according to this description. Download links are provided on the relevant Release Notes page for the Windows and Mac versions. (via)