[German]Three Nigerians suspected as masterminds of global online fraud have now been arrested by Nigerian police in INTERPOL's Operation Killer Bee. The operation is an INTERPOL effort to combat malware cyber fraud across Southeast Asia. The BEC fraudsters used the remote access Trojan (RAT) Agent Tesla, among other malware. The air for cybercriminals is getting considerably thinner in African countries like Nigeria.
[German]Tt has been rumored for some time whether there would be a successor to Microsoft Exchange Server 2019, which was released on October 22, 2018. The subscription-based successor announced for 2021 never appeared. Speculation that customers would be forced from on-premise Exchange solutions to the cloud solution Exchange Online has now been put to rest. Microsoft has just unveiled the roadmap for Exchange Server in the tech community. Exchange Server vNext is coming in 2025.
[German]Security researchers from Volexity discovered a 0-day vulnerability (CVE-2022-26134) in Atlassian Confluence software over the weekend. This vulnerability is being actively exploited – this is what brought the issue to the attention of the security researchers. Currently, the urgent advice to administrators responsible for maintaining Atlassian Confluence software (server, data center) is to ensure that this product is not accessible via the Internet – or, if in doubt, shutdown the server. Addendum: A fix is available. And there is now a public exploit.
[German]Microsoft has released the optional cumulative (preview) update KB5014023, scheduled for May 2022 (D-Week), on June 2, 2022 (severely delayed). This is supposed to fix numerous bugs in Windows Server version 20H2 as well as Windows 10 version 21H1 – 21H2. Below I provide an overview regarding these updates for Windows 10.
[German]Microsoft Edge 102.0.1245.30, released on May 31, 2022 is a security update to close a number of vulnerabilities. But I got reports that this Edge version breaks PDF printing in Windows 10/11. It's simply no longer possible for some users to print PDF documents. Only a downgrade helps. And there is a workaround developed by blog readers, using GPO settings. So administrators in companies probably should delay the rollout and test it intensively.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Short information about a possible problem with Canon All-in-one printing devices. There are reports from users that Canon Pixma MX492 (and other Canon) printers suddenly cause issues when there is a Wi-Fi connection to a network with Internet access. Without a Wi-Fi connection (or Internet access), there are no issues. It seems that a DNS issue is the root cause of device restarts. And the question is whether anyone else is affected? Addendum: Canon provides a firmware update to fix that issue.
[German]Following the discovery of the Follina vulnerability exploit (CVE-2022-30190) via the Windows ms-msdt protocol, this bastion is being "stormed". A hacker looked at the search-ms: URI handler in Windows 10 and developed an exploit similar to Follina. With the help of Office 2019, he can open Windows Search via the protocol handler. Colleagues at Bleeping Computer have already coined the term SearchNightmare for this 0-day exploit.
She was the number 2 behind Marc Zuckerberg, the Facebook manager Sheryl Sandberg. After 14 years in the service of this social media company, Sandberg now announced that she is stepping down and leaving the company.
[German]The ACROS Security team around founder Mitja Kolsek has released a micro-patch to close the 0-click Microsoft Diagnostic Tool remote code vulnerability (CVE-2022-30190, Follina). The micro-patch is available for all customers with Windows and the 0patch agent free license. Here is some information about it.
[German]Since the weekend, a new Windows vulnerability CVE-2022-30190 in combination with Microsoft Office has been knows under the name Follina. In the meantime, the US CISA and also the BSI have warned about this vulnerability – while security researchers have observed the first attacks via this 0-day vulnerability by Chinese APTs. Meanwhile, it is also clear that this attack works without Microsoft Office. The CVE-2022-30190 vulnerabilities could become the next big thing in security if anti-virus solutions also detect infected documents. Here's an overview of the latest findings.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
