[German]
Security researchers from AhnLab have come across a campaign in which attackers install a backdoor on poorly secured Microsoft SQL and MySQL servers. This is the remote access Trojan Gh0stCringe. It is suspected that the infection occurs via cracked admin access to the servers. Here is some brief information about it.
[German]The international sanctions against Russia are forced a withdrawal of US cloud providers, who are cancelling services for Russian customers. Now an IT crisis is looming in Russia, because the country is running out of storage for data. In an estimated two months, it will run out of cloud storage capacity – the Russian government is currently looking for alternatives.
[German]OpenSSL has released a security update to close a vulnerability in the library. The BN_mod_sqrt() function used to compute a modular square root contains an a flaw that could cause an infinite loop to be run for non-primary moduli. The vulnerability, if exploited, would lead to denial of service loops. This is according to this OpenSLL security alert. Internally, this feature is used when parsing certificates that contain elliptic curve keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by creating a certificate that contains invalid explicit curve parameters.The update is intended to fix the vulnerability. In addition to the notes in the security alert above, the colleagues at Bleeping Computer have published this post about it.
[German]Google has released updates to Google Chrome 99.0.4844.74 for Windows and Mac on the desktop as of March 15, 2022. There is also Chrome 98.0.4758.132 in the Extended Channel and the Android browser has been updated to version 99.0.4844.73. Thanks to the reader for the tip. Here's a quick overview.
[German]The Irish Data Protection Authority (DPC) has just fined Meta (formerly Facebook) €17 million. This fine stems from several data protection breaches by Facebook in the past.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Once again a topic, which I have to address again: Microsoft has started displaying ads for various of its own products in Windows Explorer. This affects Windows 11 users who are testing the current Windows Insider builds. That's what various US media are reporting, though it's probably some kind of A/B test, so not every Insider gets to see these ads.
[German]Since the release of Windows 11, there has been a compatibility problem with the virtualization software Virtualbox that prevented its use. Microsoft has now announced that this problem has been solved "externally". The developers, who now belong to Oracle, seem to have found the problem and corrected it. This means that Virtualbox can be used under Windows 11.
[German]Can antivirus products from the Russian based company Kaspersky be used in companies and government agencies without risk? After Russia's invasion of Ukraine, this question has becomehot. After hesitating for some time, the German Federal Office for Information Security (BSI) has now issued a recommendation. In short, the BSI recommends replacing applications from the Kaspersky anti-virus software portfolio with alternative products.
[German]Mozilla Mozilla developers released versions 98.01 and ESR91.7.1 of the Firefox browser on March 14, 2022. This is a maintenance update which, according to the release notes this updates removes Yandex and Mail.ru as optional search providers from the drop-down search menu in Firefox. Thanks to deoroller for pointing this out. The new Firefox and the ESR variants can be downloaded from this website for various platforms (the variant is to be selected via the displayed list boxes).
[German]Security vendor Check Point has come across a new type of malware that enables a complete takeover of systems through a backdoor. In addition, the malware can take control of social media accounts from Facebook, Google and Sound Cloud. The malware was spread via games offered for download in the official Microsoft Store. And the tragic thing is that virus scanners like Microsoft Defender did not detect this malware.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
