Cyber attack on Red Cross via Zoho vulnerability, likely by state sponsored attackers

Posted on 2022-02-17 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]In January 2022, the International Committee of the Red Cross (ICRC) announced a cyberattack on its IT system. The attack stole confidential information on more than 515,000 vulnerable people. Now the ICRC has released more details of its internal investigation. The attack was carried out via an (unpatched) Zoho vulnerability, using specially designed attack methods. This suggests that the attack was carried out by state actors to obtain confidential information on vulnerable individuals. The attackers were able to move around the system undetected for 70 days. The case is one of the rare occasions where more details about the attack came to my attention, so I'm reposting that here for review.

Continue reading

Posted in Security | Tagged | Leave a comment

Edge 98.0.1108.55

Posted on 2022-02-17 by guenni

Edge[German]Microsoft has updated the Chromium Edge browser to version 98.0.1108.55 as of February 16, 2022 (thanks to the reader for pointing this out). This is a maintenance update that fixes vulnerability CVE-2022-0609, according to the release notes. In addition, the vulnerabilities listed in the blog post Chrome 98.0.4758.102 fixes 0-day vulnerabilities. The browser should update automatically, but can also be downloaded here.

Posted in browser, Security, Update | Tagged , | Leave a comment

VMware closes critical vulnerabilities

Posted on 2022-02-17 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]VMware has released security updates for various products. These should close vulnerabilities that are rated as critical. It affects the products VMware ESXi, VMware Workstation, VMware Fusion and VMware Cloud Foundation. The vulnerabilities could be exploited to execute arbitrary code and cause a denial of service (DoS) condition.

Continue reading

Posted in Security, Software, Update, Virtualization | Tagged , , | Leave a comment

Windows 10: Update KB5001716 for update service components (Feb. 2022)

Posted on 2022-02-16 by guenni

Windows[German]Microsoft has released the update KB5001716 for machines with older Windows 10 versions. The update updates the Update Service components so that the machine can be updated to a newer Windows 10 build. Here's a brief overview of what the update does and how it gets onto machines.

Continue reading

Posted in Update, Windows | Tagged , , | 17 Comments

Thunderbird 91.6.1

Posted on 2022-02-16 by guenni

[German]The developers of the Thunderbird email client have released Thunderbird 91.6.1 on February 15, 2022. This is a maintenance update for the 91 development branch that makes fixes. Here is a brief overview.

Continue reading

Posted in Security, Software, Update | Tagged | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Google brings Chrome OS Flex to old PCs and Macs

Posted on 2022-02-16 by guenni

[German]Smart move (since invention of sliced bread) by Google compared to Microsoft. Google has just made available a first version of its "Chrome OS Flex" operating system for PCs and Macs. The OS is meant to promote sustainability by allowing existing devices to be upgraded to an easy-to-manage, fast and secure Chrome OS operating system. That's a clear sideswipe and attack on Microsoft's bloated Windows 10/11 concept.

Continue reading

Posted in Software | Tagged , , | 1 Comment

Windows 11 / Windows Server 2022 Preview Update (Feb. 15, 2022)

Posted on 2022-02-16 by guenni

Windows[German]Microsoft has released optional cumulative (preview) updates as of February 15, 2022 (C-Week). These are intended to fix various bugs in Windows 10, Windows 11 and in the corresponding Windows Server versions. For Windows 11, a number of new features were added with the update. Below I give an overview regarding these updates for Windows 11 and Windows Server 2022.

Continue reading

Posted in Update, Windows | Tagged , , | Leave a comment

Windows 10 / Windows Server Preview Updates (Feb. 15, 2022)

Posted on 2022-02-16 by guenni

Windows[German]Microsoft has released optional, cumulative (preview) updates on February 15, 2022 (C-Week). These are intended to correct various bugs in Windows 10, Windows 11 and in the corresponding Windows Server versions. Below, I provide an overview regarding these updates for Windows 10 and the Windows Server versions.

Continue reading

Posted in Update, Windows | Tagged , | Leave a comment

Windows Update Error 0x8024001E

Posted on 2022-02-16 by guenni

Windows[German]It happens again and again that the update installation under Windows 10, Windows 11 or the Windows Server counterparts suddenly aborts with the installation error 0x8024001E. Then, of course, good advice is expensive and the question arises as to the cause of the error or a workaround for the installation abort. Since this error has been encountered again by users during the February 2022 patchday, here is a short explanation of what you should know.

Continue reading

Posted in issue, Update, Windows | Tagged , , , , , | Leave a comment

Magento: Emergency-Update fixes vulnerability CVE-2022-24086 (Feb. 13, 2022)

Posted on 2022-02-15 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]No idea if there are readers are responsible for online stores powered by the Magento open source software or the Adobe Commerce solution. Adobe has released an unscheduled special update on February 13, 2022 to address the already exploited CVE-2022-24086 vulnerability in its products. This vulnerability has already been used to hack numerous online stores using Magento or Adobe Commerce open source software in late January 2022. The attackers used the vulnerability to inject malware into the store systems.

Continue reading

Posted in Security, Software, Update | Tagged , , | Leave a comment