[German]Security researchers from threadfabric.com have come across a new Android banking Trojan in February 2022, which is distributed via the Google Play Store and targets the customers of 56 European banks. An infected cleaner app was downloaded more than 50,000 times from the Play Store.
As of Feb. 22, 022, WordPress version 5.9.1 has been released. It is a maintenance update that is supposed to fix 82 bugs. In the release notes talks about 33 bug fixes in the WordPress core and 52 bugs in the blog editor. Here I have been able to update two blogs without any problems.
[German]Today, another short post for administrators who are using Microsoft Defender Application Control (WDAC) in a Windows 10 Enterprise environment or on Windows 11 Enterprise or Windows Server counterparts from 2016 to 2022 and are annoyed by unwanted restarts. These unwanted restarts are caused by a policy setting, as one MVP found out. I'll post the information here on the blog, maybe it will help.
[German]There is always a discussion about how quickly or how slowly vulnerabilities are patched by developers. Google's Project Zero has therefore taken a look at how quickly security vulnerabilities are closed in Linux or in products from Microsoft (Windows) and Apple (macOS). It is about vulnerabilities reported by Project Zero to the manufacturers/developers between 2019 and 2021. The result: Linux developers are patching by far the fastest.
[German]Brief note for people dealing with security cameras from vendor Axis. A German blog reader informed me, that the website of this vendor is currently down. There seems to be massive technical issues causing a major outage. Whether it is the result of a cyber attack, or just the technology, I can not currently answer. Means that customers (banks, supermarkets, etc.) can no longer access their security cameras remotely because the cloud is down. Here is some information. Addendum: It looks like a cyberattack – because after my inquiry on Twitter, there is a new reference to an "IT-related intrusion" on the status page – see addendum in the text. Addendum 1: It's was a cyberattack that has taken place.
[English]Microsoft offers the possibility to reset a system with Windows 10 or Windows 11 to factory settings locally or remotely (via Intune). There is also the option to remove the user files. This is desirable if a machine is perhaps to be passed on to another user. MVP Rudy Ooms has now discovered that resetting Windows including removing the user files does not work under Windows 10 and Windows 11 in version 21H2. Addendum: Note about OneDrive client als a root cause added. Addendum 2: The issue has been confirmed by Microsoft.
[German]The vendor zebNet has discovered a critical vulnerability in various products that allow a man-in-the-middle attack (MITM) in the update process of the affected application. The night I was then contacted by the manufacturer by mail and asked to publish the whole thing here in the blog. The background: Informing customers about the vulnerability is proving difficult.
[German]Cisco has released security updates this week to close a highly classified vulnerability (CVE-2022-20653) in its email security appliances. Attackers were able to crash the e-mail security appliances via prepared e-mails and thus virtually launch a DoS attack. Affects Cisco AsyncOS software versions 14.0, 13.5, 13.0, 12.5 and older on Cisco ESA devices when DANE is enabled.
[German]Interesting findings from a survey of 1,100 security specialists as part of a study with regard to the security of industrial systems and critical infrastructure in Europe. The message of the study was that industrial control systems and operating technology in Europe were attacked by ransomware almost as frequently as IT systems. One in two victims experienced significant disruption as a result of these attacks.
[German]Microsoft is once again experimenting a lot with the online requirement for upcoming Windows versions. The cat was let out of the bag in the Insider Preview of Windows 11: An Internet connection is mandatory for installation in the OOBE phase. And only Microsoft accounts are then provided for setting up user accounts. By the way, this refers to the Windows 11 Pro variants. This means that scenarios that have been feared time and again are slowly becoming reality.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
