Microsoft has fixed the (PetitPotam) NTLM Relay Vulnerability (CVE-2022-26925) with Windows May 2022 Update

Posted on 2022-05-15 by guenni

Windows[German]Another addendum from this week: On patchday, Microsoft closed some vulnerabilities with its security update for Windows on May 10, 2022. One vulnerability (CVE-2022-26925, Windows LSA Spoofing) affects NTLM relay attacks on systems. The updates are another fix to the PetitPotam vulnerability disclosed in 2021. In the meantime, the vulnerability is being exploited for attacks against Active Directory. It should be patched in a timely manner – but update collateral damage is getting in the way in some cases.

Continue reading

Posted in Security, Update, Windows | Tagged , , , | Leave a comment

Info stealer campaign targets German Car Dealerships and Manufacturers

Posted on 2022-05-15 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security specialists from Check Point Software Technologies have come across an one years-long running cyber attack campaign that targeted German car dealerships and makers as a cover. The goal of the attacks was to use various types of malware to steal information. The actors behind the campaign initially registered several similar-looking domains, all of which imitated existing German car dealerships. The domains were later used to send phishing emails and host the malware infrastructure. Check Point traced the malware and came across an Iranian website that was being used as a hosting site and was not run by a government.

Continue reading

Posted in Security | Tagged | Leave a comment

Microsoft Edge 100.0.1185.60/ 101.0.1210.47

Posted on 2022-05-14 by guenni

EdgeMicrosoft has updated the Chromium Edge browser in the stable channel to version 101.0.1210.47 as of May 13, 2022. This is a maintenance update that closes vulnerabilities fixed in the Chromium browser, according to the release notes. In addition, various bugs and performance issues have been fixed in the Extended Stable by updating to version 100.0.1185.60. The browser should be updated automatically.

Posted in browser, Security, Software, Update | Tagged | Leave a comment

Chrome 101.0.4951.67, Browser Updates fails in Russia for Android users

Posted on 2022-05-14 by guenni

[German]Google has released the update of Google Chrome 101.0.4951.67 for Windows and Mac on the desktop in the Stable Channel as of May 12, 2022. Furthermore, the update to version 96.0.4664.208 for Windows and Mac was released in the Long Term Support Channel. Chrome for Android has already been updated to 103.0.5055.0 in the Developer Channel on May 12, 2022. And in Russia, updates for Chrome on Android fails.

Continue reading

Posted in browser, macOS, Update, Windows | Tagged | Leave a comment

Report: Apple tests iPhones with USB-C port

Posted on 2022-05-14 by guenni

[German]Anonymous sources reported to Bloomberg, Apple is testing future iPhone models that replace the current Lightning charging port with the more widespread USB-C port. This would be an absolute paradigm shift for Apple and its customers.

Continue reading

Posted in devices, ios | Tagged | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

China bans Mac, Windows and foreign PCs for government agencies and state-owned enterprises

Posted on 2022-05-14 by guenni

The Chinese government has decided to free itself from dependence on foreign suppliers within two years. To this end, Apple products, Windows and foreign PCs, especially from Dell and HP, are to be replaced by domestic solutions/products in all government agencies and state-owned enterprises.

Continue reading

Posted in devices, macOS, Windows | Tagged , , | Leave a comment

SonicWall Security Advisory: Patch SSLVPN SMA1000 vulnerabilities immediately

Posted on 2022-05-14 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]SonicWall has issued a security alert urging customers to immediately patch several vulnerabilities that are considered high-risk. The vulnerabilities could allow attackers to bypass authorization and potentially compromise unpatched appliances.

Continue reading

Posted in Security | Tagged | Leave a comment

Zyxel firewalls with critical vulnerability CVE-2022-30525 – patch urgently

Posted on 2022-05-13 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]In addition to the vulnerabilities in F5 BIG-IP network devices mentioned in the blog post Destructive attacks via critical F5 BIG-IP vulnerability, Zyxel is also dealing with an Unauthenticated Remote Command Injection vulnerability CVE-2022-30525 in its firewalls. Operators of corresponding Zyxel firewalls should immediately install the provided updates to close the serious vulnerability.

Continue reading

Posted in Security | Tagged | Leave a comment

Windows 10: Microsoft tests preview update KB5014023 with insiders

Posted on 2022-05-13 by guenni

Windows[German]Brief message at the end of the week – after the "very successful" patchday on May 10, 2022 with numerous collateral damages, Microsoft is on its way to new shores. On May 12, 2022, they released the preview update KB5014023 for Windows Insiders. I haven't found details about the update yet (it's not listed on the Windows 10 update history page, of course) – it's just mentioned here and here.

Posted in Update, Windows | Tagged , , , | 1 Comment

BIOS updates fix critical vulnerabilities in HP's business and consumer models and Intel CPUs (May 2022)

Posted on 2022-05-13 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Hewlett Packard (HP) has recently published a security advisory. This warning addresses two vulnerabilities in the firmware of over 200 HP models (business and consumer variants) that allow the firmware to be overwritten. The vulnerabilities have been given a security score of 8.8 – updates are available. Furthermore, Intel has issued a security advisory for a vulnerability in the BIOS of Intel systems, which also have a score of 8.2 and allow privilege escalation.

Continue reading

Posted in devices, Security | Tagged , | 1 Comment