[German]Microsoft has disclosed some information about cyberattacks on facilities in Ukraine as of February 28, 2022. According to the U.S. vendor, the cyberattacks began hours before Russian troops entered Ukraine, as they were detected via their own telemetry. Microsoft notified the government of Ukraine of these attacks and within three hours updated Microsoft Defender signatures to detect malware in use.
[German]The Russian invasion of Ukraine has had an unexpected effect on cyber security. First there were serious cyberattacks on facilities in Ukraine. Then the Conti ransomware gang claimed responsibility for the Russian government and threatened retaliation for cyberattacks on Russian facilities. Now, a hacker from Ukraine who has access to the chat server has made more than 60,000 chats public and plans to publish more material.
[German]Frequent users of Microsoft Office 2021 and Office 365 have probably already noticed this. The AutoSave function now only saves files from Word, Excel and PowerPoint in the cloud (on OneDrive or SharePoint). A local storage is probably no longer supported.
[German]The security updates rolled out by Microsoft on January 11, 2022, may cause an issue on Windows Server. Certain applications or devices may no longer be able to make Netlogon Secure Channel connections to Windows Servers after installing these security updates. This affects various server versions, Microsoft announced in a statement.
[German]Windows 11 users complain about Windows Explorer crashes as soon as the Win+X context menu is opened via right-click. The whole thing probably refers to the Insider Preview Windows 11 build 22563.1, but Explorer crashes have been part of users' everyday life since the release of Windows 11. However, there is a workaround that can prevent these crashes with the help of a third-party tool.
[German]The manufacturer of graphics cards and chips, Nvidia, has probably fallen victim to a cyber attack. Currently, the manufacturer is still investigating the details that affected parts of its internal network. According to my information, it was an attack classified as relatively minor, which is currently still being investigated in terms of its impact. The internal operation of Nvidia's IT was affected for two days, and it is currently unclear whether data was leaked. In addition, the Snatch cyber gang is claiming an attack on McDonald in the US.
[German]In Windows 10 and Windows 11, there is an issue with certain builds when resetting the operating system. Even if the option to delete all files with was selected, these (user) files remain under certain scenarios – if OneDrive was used. I had recently addressed this in a blog post. Now Microsoft has confirmed this bug for various versions of Windows 10 as well as for Windows 11.
[German]Microsoft's fix for vulnerability CVE-2022-21920 may block NTLM authentication if Kerberos authentication is not successful. A German blog reader has notified me in January 2022 about issues with Advanced Group Policy Management (AGPM). After installing January 2022 security updates , there are problems to reach the AGPM server. Microsoft has now confirmed these issues and a workaround is possible.
[German]Another small addendum from this week. Users who install Windows 11 with a trick on hardware that does not support the minimum requirements suddenly get a corresponding notice as a watermark on the desktop. Seems to be a a/b test with insider, but there is an option to hide this watermark so far.
[German]Do you use the network monitoring system Zabbix? A few days ago two vulnerabilities CVE-2022-23131 and CVE-2022-23134 became public. And there is a Zabbix update to fix these vulnerabilities. Now CISA warns that the two vulnerabilities are already being actively exploited in attacks. I had a look, even in Germany a three-digit number of Zabbix servers is probably accessible via the Internet – at least that's what Shodan says.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
