Follina (CVE-2022-30190): No major attack wave, but campaigns on EU/US and other targets

Posted on 2022-06-07 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]A 0-day vulnerability CVE-2022-30190 (Follina) in Windows has been known since the end of May 2022. Yesterday, a tip from a security researcher came to my attention, who has not yet found any active exploitation via manipulated Office documents. On the other hand, Proofpoint reports that they have just stopped a phishing campaign attacking customers at EU and US government agencies. State actors are suspected to be behind the action. An attack was also observed in the South Pacific, originating from servers in Palau. In the process, a digital certificate from a company was misused for signing. The CERT-UA also warns of attacks on government targets in Ukraine. Time for a brief stocktake around the exploitation of Follina.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Palermo/Sicilia: IT systems offline after ransomware attack

Posted on 2022-06-07 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]On the Friday (June 3, 2022) before Pentecost, the news made the rounds on Twitter that there had been a cyberattack on Palermo's IT systems. It was speculated quite quickly that it was likely to be a ransomware attack. It seems that the administration of Palermo (Sicily, Italy) has now been completely shut down after a successful ransomware attack.

Continue reading

Posted in Security | Tagged | Leave a comment

Help with OneDrive issues on Windows

Posted on 2022-06-06 by guenni

[German]Users of Microsoft's OneDrive client for Windows sometimes have problems with the software. The desktop app does not start or suddenly throws error messages. But there are various Microsoft pages that offer help and advice. There are also some third-party websites. There you may find the information you need.

Continue reading

Posted in Cloud, Windows | Tagged , | Leave a comment

46,000 people lose US$1 billion to cryptocurrency fraud since 2021

Posted on 2022-06-06 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Cryptocurrency is in the focus of the public and people sometimes try to make a "quick mark". But where profits beckon, fraud and risk are not far behind. The U.S. Federal Trade Commission (FTC) has just released a report that some 46,000 investors have reported a record $1 billion as a loss due to cryptocurrency investment fraud since the start of coverage in 2021.

Continue reading

Posted in Security | Tagged | Leave a comment

Microsoft account lockout due to bug when redeeming Microsoft Rewards Points (June 3, 2022)

Posted on 2022-06-05 by guenni

Stop - Pixabay[German]Another small addendum (almost a warning) to owners of Microsoft accounts. It seems that there was a bug in the account management that caused the account in question to be locked when its owner tried to read in so-called Reward Points. Then the stress started for some people, because they connected their digital life to the Microsoft account and couldn't access their mails or their files stored on OneDrive anymore. Skyping or other applications like Office 365 as well as Windows 8.1/10/11 may also be affected. However, the bug has already been fixed by Microsoft on June 3, 2022 – but affected users can run after Microsoft to get the account back.

Continue reading

Posted in Cloud, issue, Office, Windows | Tagged , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Canon PIXMA/MAXIFY printers (MX492 etc.): Manual firmware update fixes restart loop

Posted on 2022-06-05 by guenni

Canon MX492[German]There are numerous reports from owners of a Canon all-in-one printer that the device is unusable for printing, scanning, faxing, because it constantly restarts and can no longer be operated. Various Canon PIXMA and MAXIFY models are affected. After my reporting, Canon has confirmed the problem in a support post. The remedy is a manual firmware update of the Canon all-in-one multifunction device.

Continue reading

Posted in devices, issue, Update | Tagged , , , , | 10 Comments

Edge 102.0.1245.33 with bug fixes

Posted on 2022-06-05 by guenni

EdgeMicrosoft has updated the Chromium Edge browser to version 102.0.1245.33 as of June 3, 2022. This is a maintenance update that fixes various bugs and performance issues for the Extended Stable and Stable versions, according to the release notes. However, Microsoft doesn't seem to have published any details yet (this page doesn't take the update into account yet). It is currently unclear whether the new version fixes the bug described in the article Microsoft Edge 102.0.1245.30 has issues with PDF printing.

Posted in browser, Software, Update | Tagged , | Leave a comment

Large collection of Windows exploits on GitHub

Posted on 2022-06-05 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Microsoft patches numerous vulnerabilities in Windows (and other products) every month. Often known vulnerabilities, but not closed by updates, are used in attacks. The other day I came across a large collection of Windows vulnerabilities that can be exploited by various tools to manipulate privileges if necessary.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Cyberattacks on industrial facilities cost an average of 2.9 million euros

Posted on 2022-06-05 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Cyberattacks on industrial plants or their control and regulation systems are an increasing threat. Trend Micro states that 90 percent of German companies in the power, oil and gas, and manufacturing sectors were affected by cyberattacks in the last twelve months. The average damage caused by these attacks was 2.9 million euros.

Continue reading

Posted in Security | Tagged | Leave a comment

Palo Alto Networks Attack Surface Threat Report: The unmanaged attack surface is too complex at many companies

Posted on 2022-06-04 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Administrators and people who deal with the subject have known or suspected it for some time. The unmanaged attack surface of IT components is too complex at many companies. This makes it easier for cybercriminals to attack corporate IT, while the companies themselves have increasing difficulty in patching through the systems cleanly. Interesting information has come to my attention in this regard from Palo Alto Networks.

Continue reading

Posted in Security, Software | Tagged | Leave a comment