[German]Does anyone in the readership operate a SharePoint server that is accessible via the Internet? If so, the house may be on fire. Since yesterday, I have been receiving information that SharePoint servers have been attacked via 0-day exploits since July 18, 2025. This blog post will be updated – we have now the first patches.
[German]That was kind of quick reaction after Microsoft was caught as a kind of "with its finger in the honey pot", so to speak. A week after ProPublica's report, that Microsoft uses software engineers in China to maintain it's federal cloud, they draw back. Microsoft says it is no longer using engineers in China to maintain the US Department of Defense's (DoD) cloud systems.
[German]Anyone from the my blog readers who uses the CrushFTP program for file transfer? In the meantime, several readers have reported (thanks for that) that there are reports of a 0-day vulnerability (CVE-2025-54309) in CrushFTP server, which is probably already being exploited.
Continue reading
[German]Another small addendum or collective article on known issues that Microsoft confirmed at the beginning of July 2025 for various Windows client versions. These range from broken Emoij search to firewall problems that have not yet been resolved. And Defender also seems to be causing problems.
[German]The security vendor Trend Micro has released Trend Micro Worry Free Business (WFBS) 10.0 SP 1 – Patch 2518 on 15.7.2025. The patch contains various security fixes and is also intended to fix various bugs. OpenSSL 3.0.15 in the Apache web server is updated to improve product security.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Delegated Managed Service Accounts (dMSA) were newly introduced in Windows Server 2025. Their design enables serious attacks on Managed Service Accounts and Active Directory resources. Semperis-Research has now developed Golden dMSA, a tool that contains the logic of the attack and helps to better understand the attack mechanisms and initiate defensive measures.
[German]Microsoft has slightly adjusted its criteria for delicensing resiliency for Exchange Online tenants. Now Exchange Online tenants with fewer than 10,000 licenses can also benefit from this function. This helps administrators who remove licenses in a tenant to prevent the mailbox from immediately becoming inoperable. Instead, there is a grace period.
[German]Law enforcement authorities have dismantled the network of the Russian NoName057(16) cyber group, with the help of Europol and other institutions. The perpetrators targeted the IT infrastructure of Ukraine and supporting countries, including many EU member states.
[German]VMware by Broadcom has published a security warning on July 15, 2025 regarding various vulnerabilities in VMware ESXi, Workstation, Fusion and VMware Tools, which urgently need to be patched with security updates. It is unclear how users without a Broadcom account can access the updates.
[German]It's a "bombshell" that ProPublica has just dropped. Microsoft is using engineers in China to maintain the US Department of Defense's cloud computer systems. There is only minimal monitoring by poorly qualified American personnel. Microsoft has so far ignored all warnings that this opens the door to cyber espionage or attacks.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
