Potentially more than 770 million Travis CI API logs compromised

Posted on 2022-06-17 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Travis CI is a very popular service among software developers, which is used to create and test many software projects. The service is part of the software supply chain of many software solutions. Moreover, Travis CI's credentials and login information are linked to popular cloud providers such as GitHub, AWS, Docker Hub, and many others. Team Nautilus, Aqua Security's research unit specializing in the cloud-native technology stack, has now discovered a vulnerability in the free version of the Travis CI API. 

Continue reading

Posted in Security | Tagged , | Leave a comment

Anatomy of a Hive Ransomware Attack on Exchange via ProxyShell

Posted on 2022-06-17 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Often, the details of a ransomware infection remain obscure to outsiders. This week, I received a briefing from security services provider Varonis, whose security team has unraveled the course of an attack using the Hive ransomware. The Hive group operates as a ransomware-as-a-service provider and has been responsible for numerous attacks. In the current case, vulnerabilities in Exchange servers were exploited.

Continue reading

Posted in Security | Tagged | Leave a comment

Exchange 2016/2019 Mitigation Service Error 1008 due to expired certificate

Posted on 2022-06-16 by guenni

Exchange Logo[German]Today another piece of information for administrators of Microsoft Exchange servers who this week suddenly receive an Error 1008 on Exchange 2016 or 2019 in the event logs, which is triggered by the Mitigation Service. A blog reader brought this to my attention the other day because he suddenly experienced the issue on Microsoft Exchange Server 2019. The background is a Microsoft "Microsoft Exchange XML Signing" certificate that expired on June 9, 2022. The problem should have been fixed by Microsoft in the meantime.

Continue reading

Posted in issue, Software | Tagged , | Leave a comment

Interpol arrests 2,000 cyber fraudsters in Operation "First Light 2022"

Posted on 2022-06-16 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Internet fraud through social engineering has now reached massive proportions and is having a negative impact on some societies. As a result, Interpol and national police agencies have been cracking down on Internet fraudsters in an international operation called "First Light 2022." In the process, thousands of social engineering fraudsters were identified and arrested. The operation was carried out in 76 countries and included the seizure of criminal assets.

Continue reading

Posted in Security | Tagged | Leave a comment

Adobe Acrobat (Reader) DC 22.001.20142

Posted on 2022-06-16 by guenni

Adobe has released an update to Adobe Acrobat (Reader) DC to version 22.001.20142 (Windows) and (Mac) as of June 14. This update fixes some bugs according to this description. Download links are provided on the relevant Release Notes page for the Windows and Mac versions. (via)

Posted in Software, Update | Tagged , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Patchday: Microsoft Office Updates (June 14, 2022)

Posted on 2022-06-16 by guenni

Update[German]On June 14, 2022 (second Tuesday of the month, Microsoft Patchday), Microsoft has released several security-related updates for still supported Microsoft Office versions and other products. Here is an overview of the available updates.

Continue reading

Posted in Office, Security, Update | Tagged , , , | Leave a comment

June 2022 patch day review: Windows update issues, Intel vulnerability, documentation fails

Posted on 2022-06-15 by guenni

Windows[German]The security updates released on June 14, 2022, closes numerous vulnerabilities. But there are also issues, for example with VMs and when using ESET security solutions. I've noticed also that Microsoft is becoming more and more sparse with details in its KB articles – you have to hunt down the information. Also, vulnerabilities have been quietly patched in Microsoft Azure after pressure from security researchers. Below is a summary of miscellaneous information, observations, and notices of issues for the June 2022 patch day.

Continue reading

Posted in Security, Update, Windows | Tagged , , , , | 16 Comments

Microsoft patches Follina vulnerability (CVE-2022-30190) in Windows with June 2022 updates

Posted on 2022-06-15 by guenni

Windows[German]The security updates for Windows released on June 14, 2022, also closed the vulnerability in the ms-msdt: protocol that allowed the misuse of the Microsoft Support Diagnostics Utility. The vulnerability known as Follina, CVE-2022-30190, is already being exploited in attacks. Microsoft does not write anything about this fix in the support articles for the individual updates. Therefore, I summarize the relevant information in the following post.

Continue reading

Posted in Security, Update, Windows | Tagged , , , | 1 Comment

Windows 7/Server 2008R2; Windows 8.1/Server 2012R2: Updates (June 14, 2022)

Posted on 2022-06-15 by guenni

Windows[German]Microsoft has also released security updates for Windows 7 and 8.1 as well as for the Windows Server counterparts 2008 R2 and 2012/R2 on Patchday. Here is an overview of these updates for Windows 7/8.1 and the corresponding Windows Server versions 2008 R2 and 2012/R2.

Continue reading

Posted in Security, Update, Windows | Tagged , , , , , | Leave a comment

Patchday: Windows 11/Server 2022 Updates (June 14, 2022)

Posted on 2022-06-15 by guenni

Windows[German]On June 14 (second Tuesday of the month, Patchday at Microsoft), Microsoft also released a cumulative update for Windows 11, which will be released on October 5, 2021. The update is supposed to fix various problems. In addition, Windows Server 2022 received an update. Here are some details about these updates.

Continue reading

Posted in Security, Update, Windows | Tagged , , , | Leave a comment