Windows Vulnerability Follina (CVE-2022-30190): New findings, new risks (June 9, 2022)

Posted on 2022-06-09 by guenni

Windows[German]The unpatched Windows vulnerability CVE-2022-30190 (Follina) which has been known since late May 2022, is slowly becoming a problem. The countermeasures described by Microsoft (and here in my blogs) do not seem sufficient. And the vulnerability is now also exploited by the QakBot malware in phishing attacks. Furthermore, I have received information from Cato about the vulnerability. Here is an updated overview of the state of affairs.

Continue reading

Posted in Security, Windows | Tagged , , | Leave a comment

Workaround for Edge 102.0.1245.xx PDF printing issues

Posted on 2022-06-09 by guenni

Edge[German]Microsoft's Chromium Edge browser causes problems with PDF printing in version 102.0.1245.30, which was released on May 31, 2022. Even the bug fix update to Edge 102.0.1245.33 does not change this. However, I have a simple workaround that affected users and administrators can try.

Continue reading

Posted in browser, issue, Windows | Tagged , , | Leave a comment

Fake CCleaner search results link to malware (information stealer)

Posted on 2022-06-09 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]AVAST has discovered a malware campaign (FakeCleaner) in which cybercriminals manipulated search results for a cracked CCleaner Pro in such a way that they acted as malware launchers. If users follow the links of these hits, they download malware onto the system that steals information (Trojan or information stealer). Of course, it could also happen that a search for "CCleaner" turns up such manipulated results.

Continue reading

Posted in Security, Software | Tagged , , | Leave a comment

USB-C as a uniform charging cable standard for Europe in 2024

Posted on 2022-06-08 by guenni

[German]The European Parliament and the EU member states agreed on USB-C as a uniform charging cable standard within the European Union on June 7, 2022. This means that this standard can probably come in mid-2024. Smartphones and other small electrical devices will then have to have USB-C as a uniform charging port in order to be sold in the EU.

Continue reading

Posted in devices | Tagged | 1 Comment

Microsoft Office Updates (June 7, 2022)

Posted on 2022-06-08 by guenni

[German]On June 7, 2022 (first Tuesday of the month), Microsoft releases non-security updates for still-supported versions of Microsoft Office. This month, however, there are only updates for Microsoft Office 2016. Access issues are fixed again. Here is a brief overview.

Continue reading

Posted in Office, Update | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Microsoft Graph: Upcoming billing changes

Posted on 2022-06-08 by guenni

[German]A small note to administrators and developers who are responsible for the use of Microsoft Teams and use a data export via Microsoft Graph from Microsoft Teams. You have noticed that this export will be charged in the future? Whether this will turn into a costly locking, I cannot judge. Here is some information I came across by accident.

Continue reading

Posted in General, Software | Tagged , | Leave a comment

Follina (CVE-2022-30190): No major attack wave, but campaigns on EU/US and other targets

Posted on 2022-06-07 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]A 0-day vulnerability CVE-2022-30190 (Follina) in Windows has been known since the end of May 2022. Yesterday, a tip from a security researcher came to my attention, who has not yet found any active exploitation via manipulated Office documents. On the other hand, Proofpoint reports that they have just stopped a phishing campaign attacking customers at EU and US government agencies. State actors are suspected to be behind the action. An attack was also observed in the South Pacific, originating from servers in Palau. In the process, a digital certificate from a company was misused for signing. The CERT-UA also warns of attacks on government targets in Ukraine. Time for a brief stocktake around the exploitation of Follina.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Palermo/Sicilia: IT systems offline after ransomware attack

Posted on 2022-06-07 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]On the Friday (June 3, 2022) before Pentecost, the news made the rounds on Twitter that there had been a cyberattack on Palermo's IT systems. It was speculated quite quickly that it was likely to be a ransomware attack. It seems that the administration of Palermo (Sicily, Italy) has now been completely shut down after a successful ransomware attack.

Continue reading

Posted in Security | Tagged | Leave a comment

Help with OneDrive issues on Windows

Posted on 2022-06-06 by guenni

[German]Users of Microsoft's OneDrive client for Windows sometimes have problems with the software. The desktop app does not start or suddenly throws error messages. But there are various Microsoft pages that offer help and advice. There are also some third-party websites. There you may find the information you need.

Continue reading

Posted in Cloud, Windows | Tagged , | Leave a comment

46,000 people lose US$1 billion to cryptocurrency fraud since 2021

Posted on 2022-06-06 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Cryptocurrency is in the focus of the public and people sometimes try to make a "quick mark". But where profits beckon, fraud and risk are not far behind. The U.S. Federal Trade Commission (FTC) has just released a report that some 46,000 investors have reported a record $1 billion as a loss due to cryptocurrency investment fraud since the start of coverage in 2021.

Continue reading

Posted in Security | Tagged | Leave a comment