Cyber attack on German Oiltanking shuts down tank terminal, Dutch Shell also affected

Posted on 2022-02-01 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Oiltanking, a German company belonging to the Hamburg-based Marquard & Bahls group, has been the victim of a cyberattack. In addition, the IT of the mineral oil trader Mabanaft, which belongs to the same group, is also said to have been affected. As a result, a critical infrastructure (CRITIS) has been paralyzed, as Oiltanking's fuel loading systems are shut down. The German Shell fuel service station chain is also affected.

Continue reading

Posted in Security | Tagged | Leave a comment

QNAP: DeadBolt attacks via vulnerability patched in December 2021

Posted on 2022-02-01 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The question why NAS manufacturer QNAP recently updated its devices via forced update has now been answered. The attacks by the DeadBolt ransomware that took place in January 2022 were only possible if the NAS owners made them accessible on the Internet on the one hand and did not install any updates on the other. This is because the exploited vulnerability was patched in December 2021.

Continue reading

Posted in devices, Security, Software, Update | Tagged , , , | Leave a comment

Citrix is acquired for $16.5 billion

Posted on 2022-02-01 by guenni

Citrix, a cloud computing and virtualization company, has announced plans to be acquired by affiliates of global investment firm Vista Equity Partners and an affiliate of Elliott Investment Management called Evergreen Coast Capital Corporation. Continue reading

Posted in General, Virtualization | Tagged | Leave a comment

Windows 10/11: Systems required 2-6 hours of update connectivity for successful updates

Posted on 2022-01-31 by guenni

Windows[German]Microsoft has just released information that affects Windows 10 and Windows 11, as well as their server counterparts. In order to successfully install updates on these machines, they apparently have to be accessible online via the Internet for a longer period of time every month (at least two, sometimes up to six hours). Microsoft talks about update compliance and update connectivity – that is, a certain behavior, which is required. If this is not ensured, the system will not receive appropriate updates.

Continue reading

Posted in Update, Windows | Tagged , | 1 Comment

Windows 10: Proof of Concept for vulnerability CVE-2022-21882

Posted on 2022-01-31 by guenni

Windows[German]In January 2022, Microsoft closed the CVE-2022-21882 (Win32k Privilege Escalation) vulnerability in Windows 10/11 and Windows Server 20H2 on Patchday. However, the patch was not installed everywhere because of the many collateral damages. Now a public proof of concept (PoC) for this vulnerability is available. Administrators should check if the January 2022 fix updates can be installed to close the vulnerability. Here is a brief overview of this issue.

Continue reading

Posted in Security, Update, Windows | Tagged , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Sharepoint Migration Tool (SPMT 3.5.123.0) released

Posted on 2022-01-30 by guenni

Microsoft has released Sharepoint Migration Tool (SPMT) 3.5.123.0 in January 2022 with new features to allows users to migrate SharePoint Server 2010.

Continue reading

Posted in Software | Tagged | Leave a comment

Linux: Microsoft recommendation on enforcement mode against Active Directory takeover may cause issues

Posted on 2022-01-29 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Microsoft recommends installing the November 2021 security updates on Windows servers that operate as DCs as protection against a domain takeover caused by the vulnerabilities CVE-2021-42287 and CVE-2021-42278. And Micrsooft also recommends enabling so-called enforcement mode to protect against the exploit on all Active Directory domain controllers (in Juli 2022 this will be activated by an update). However, a blog reader now pointed out that this causes collateral damage and Linux clients are often unable to do an AD-join.

Continue reading

Posted in Linux, Security, Update, Windows | Tagged , , | Leave a comment

Over 20,000 HPE Proliant servers with outdated iLO accessible via the Internet

Posted on 2022-01-29 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Advisory for administrators of HPE Proliant servers running outdated or unpatched HPEs Integrated Lights-out versions. The Internet Storm Center (SANS ISC) warned this week that more than 20,000 HPE Proliant servers were accessible via the Internet. Wouldn't be such a problem if those servers weren't running an outdated iLO version, or hadn't patched known iLO vulnerabilities.

Continue reading

Posted in devices, Security, Software | Tagged , , | Leave a comment

QNAPs forced update after 3,600 DeadBolt ransomware infections (Jan. 2022)

Posted on 2022-01-29 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[GermanGeman]QNAP users are currently victims of the DeadBolt ransomware – I didn't have it in the blog, but within a week there were probably over 3,600 victims. The NAS manufacturer is now resorting to drastic measures and is trying to forcibly update the firmware of affected devices. However, this leads to malfunctions on some devices (iSCSI devices no longer work).

Continue reading

Posted in devices, Update | Tagged , | Leave a comment

Microsoft Microsoft Security Update Revisions (Jan. 27, 2022)

Posted on 2022-01-28 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Microsoft released last night an an email about various revisions to its security advisories. It is about a Windows DCOM server vulnerability and Defender for IoT vulnerabilities. However, everything is only of an informal nature, Microsoft has only adjusted the descriptions. I'll just post the relevant information here on the blog without comment.

Continue reading

Posted in Security | Tagged , , | Leave a comment