[German]Microsoft patches numerous vulnerabilities in Windows (and other products) every month. Often known vulnerabilities, but not closed by updates, are used in attacks. The other day I came across a large collection of Windows vulnerabilities that can be exploited by various tools to manipulate privileges if necessary.
[German]Cyberattacks on industrial plants or their control and regulation systems are an increasing threat. Trend Micro states that 90 percent of German companies in the power, oil and gas, and manufacturing sectors were affected by cyberattacks in the last twelve months. The average damage caused by these attacks was 2.9 million euros.
[German]Administrators and people who deal with the subject have known or suspected it for some time. The unmanaged attack surface of IT components is too complex at many companies. This makes it easier for cybercriminals to attack corporate IT, while the companies themselves have increasing difficulty in patching through the systems cleanly. Interesting information has come to my attention in this regard from Palo Alto Networks.
[German]Security researchers from Volexity discovered an actively exploited 0-day vulnerability (CVE-2022-26134) in Atlassian Confluence Server software last weekend. Now Atlassian Confluence has named the affected software versions while providing security updates to close the vulnerability. Administrators should install the security updates immediately. Addendum: There is now a public exploit. Continue reading
[German]A few days after the nationwide outage of Verifone H5000 card terminals in Germany (since May 24, 2022, still ongoing) for cashless payment (there is rumor that an expired certificate could be the root cause) there is the next case. The podcast platform Megaphone, which was bought up by Spotify, went offline for 8 hours on May 31, 2022 due to an expired certificate. Was silly for people who want to monetize podcasts through this platform. However, the incident again shows the problem of expiring certificates, so I'll take up the specific case and the basic issue.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Three Nigerians suspected as masterminds of global online fraud have now been arrested by Nigerian police in INTERPOL's Operation Killer Bee. The operation is an INTERPOL effort to combat malware cyber fraud across Southeast Asia. The BEC fraudsters used the remote access Trojan (RAT) Agent Tesla, among other malware. The air for cybercriminals is getting considerably thinner in African countries like Nigeria.
[German]Tt has been rumored for some time whether there would be a successor to Microsoft Exchange Server 2019, which was released on October 22, 2018. The subscription-based successor announced for 2021 never appeared. Speculation that customers would be forced from on-premise Exchange solutions to the cloud solution Exchange Online has now been put to rest. Microsoft has just unveiled the roadmap for Exchange Server in the tech community. Exchange Server vNext is coming in 2025.
[German]Security researchers from Volexity discovered a 0-day vulnerability (CVE-2022-26134) in Atlassian Confluence software over the weekend. This vulnerability is being actively exploited – this is what brought the issue to the attention of the security researchers. Currently, the urgent advice to administrators responsible for maintaining Atlassian Confluence software (server, data center) is to ensure that this product is not accessible via the Internet – or, if in doubt, shutdown the server. Addendum: A fix is available. And there is now a public exploit.
[German]Microsoft has released the optional cumulative (preview) update KB5014023, scheduled for May 2022 (D-Week), on June 2, 2022 (severely delayed). This is supposed to fix numerous bugs in Windows Server version 20H2 as well as Windows 10 version 21H1 – 21H2. Below I provide an overview regarding these updates for Windows 10.
[German]Microsoft Edge 102.0.1245.30, released on May 31, 2022 is a security update to close a number of vulnerabilities. But I got reports that this Edge version breaks PDF printing in Windows 10/11. It's simply no longer possible for some users to print PDF documents. Only a downgrade helps. And there is a workaround developed by blog readers, using GPO settings. So administrators in companies probably should delay the rollout and test it intensively.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
