[German]As of July 5, 2022 (first Tuesday of the month), Microsoft has released non-security updates for versions of Microsoft Office that are still supported. This month, however, there are only updates for Microsoft Office 2016, again fixing Access issues and bugs in SharePoint 2010. Here is a brief overview.
[German]Users who have upgraded Microsoft Office 365 as a Click-2-Run variant to version 2206.15330.20196 (released June 29, 2022) report a strange bug. In Microsoft Excel, the contents of cells (rows and/or columns)in a spreadsheet are no longer displayed, but are overlaid in white. Currently only the rollback to a previous version remains. Microsoft already knows about this bug and has documented it under OP396850 in the status area.
[German]Microsoft had recently pointed out the end of support for Windows Server 2012 / R2 (from October 2023). Seemingly still plenty of time to replace this server version, especially since there will still be purchasable Extended Security Update support (ESU) until 2026. But as of August 31, 2022, the danger lurks that Azure AD Connect Sync will no longer work. Anyone still running Windows Server 2012 / R2 in this environment needs to take immediate action.
[German]Strange things are happening at the moment. The threat actor behind the lesser-known AstraLocker ransomware seems to want to stop its activities. The actor plans to switch to cryptojacking and has published an archive of AstraLocker decryption programs. I'll try to summarize the facts I know, although much is unclear, even though the actor has probably also contacted my English-language blog.
[German]Google has released the Google Chrome 103.0.5060.114 update for Windows on the desktop in the stable channel as of July 4, 2022. The security update closes 4 vulnerabilities that are rated as high. For Android, there is version 103.0.5060.7.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]US media report that a hacker is currently trying to sell a 23 terabyte data set for the price of 10 bitcoins (around 195,000 euros). The dataset is said to contain 1 billion personal data of the population from a police database of the Chinese city of Shanghai.
[German]Security researchers from ReversingLabs have tracked down a relatively unknown malware, which they have named AstraLocker. In version 2.0, the attackers have taken to loading the malicious payload directly from a Word document that is included as an attachment to a mail. This is unusual in that cyber attackers usually try to disguise the attack. Security researchers believe the group has limited cyber-attack capabilities, but gears its campaigns toward destruction.
[German]At the end of June 2022, Microsoft indicated that support for products such as Windows Server 2012, Windows Server 2012 R2, and Microsoft SQL Server 2012 will end in the foreseeable future. SQL Server 2012 is due for its next patchday in July 2022 and will no longer receive updates in the future. With Windows Server 2012/2012 R2, administrators still have some grace, but the whole thing can be extended via ESU until October 2023.
The use of virtualized containers with functions is in vogue. Orchestration solutions, such as Kubernetes, are used to manage the containers. However, if this solution is compromised, this affects all managed containers. The question therefore arises about the security of Kubernetes and what pitfalls there are. I have received some information on this from Check Point, which I am posting here.
[German]Partial success for Maastricht University, following a ransomware attack in 2019. Investigators have managed to seize part of the Bitcoin ransom payments. Due to price increases, this amount is now worth more than the entire ransom at the time. The university plans to put the amount into a fund for students. Here is some information about an incident that is ending with a profit for the university.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
