Microsoft Teams Bugs: Blocks Emergency calls, unpatched phishing vulnerability since March 2021

Posted on 2021-12-23 by guenni

Teams[German]Another collective article on Microsoft Teams, which is widely used, but has a somewhat idiosyncratic implementation and above all is teeming with bugs and attracts negative attention in this regard every now and then. Today on offer: Since March 2021, Microsoft has been aware of four vulnerabilities in Teams that allow phishing via the link preview. And on Android, it can happen that Microsoft Teams blocks emergency calls. Here's a quick overview.

Continue reading

Posted in issue, Security, Software | Tagged , | Leave a comment

WordPress: 800,000 websites compromisable by All in One SEO plugin

Posted on 2021-12-23 by guenni

[German]The popular WordPress plugin All in One SEO has two vulnerabilities (CVE-2021-25036 and CVE-2021-25037), which make the corresponding installations vulnerable. Since the plugin is quite popular, you should immediately look to get an updated version. Otherwise, the WordPress instance will be hacked sooner or later.n sofort schauen, dass man eine aktualisierte Fassung erhält. Sonst wird die WordPress-Instanz früher oder später gehackt.

Continue reading

Posted in Security | Tagged , | Leave a comment

Microsoft warns against Active Directory domain takeover due to unpatched vulnerabilities

Posted on 2021-12-22 by guenni

Windows[German]Microsoft warned of a new threat in a Techcommunity post on December 20, 2021. In November 2021 patchday, vulnerabilities CVE-2021-42287 and CVE-2021-42278 were fixed by Windows updates. Since December 2021, a proof of concept (PoC) has been available that abuses these vulnerabilities to take over an Active Directory domain. Here's some information – and at the same time I can help cover a topic that has been awaiting publication here for a few days.

Continue reading

Posted in Security, Update, Windows | Tagged , | Leave a comment

Dell BIOS update causes (boot) issues with notebooks and desktop systems (12.2021)

Posted on 2021-12-22 by guenni

Stop - Pixabay[German]Any of you with more recent Dell notebooks or desktop systems? Then you might want to be a little cautious with recent BIOS (UEFI) updates and read this post beforehand. There is evidence that a BIOS update from Dell can prevent notebooks or desktop systems from booting. Affected are Dell Latitude notebooks (5320 and 5520), as well as the Dell Inspiron 5680 and the Alienware Aurora R8 desktops. Here is a rough overview of what is known.

Continue reading

Posted in devices, issue, Update | Tagged , , , , , | 1 Comment

Backdoor CVE-2021-40859 in Auerswald PBX systems (e.g. COMpact 5500R 7.8A & 8.0B) fixed

Posted on 2021-12-21 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Auerswald s a German manufacturer of telephone systems for corporate use. Security researchers have discovered backdoors in the firmware of Auerswald telephone systems (e.g. COMpact 5500R) that could be used to reset the administrator password. This was disclosed on 20.12.2021. Here is some information about it. The backdoor has been removed in firmware versions 7.8A & 8.0B.

Continue reading

Posted in devices | Tagged , | 1 Comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Ransomware attacks on CompuGroup Medical SE & Co. KGaA

Posted on 2021-12-21 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]CompuGroup Medical SE & Co. KGaA, a major medical services provider, has been the victim of a cyberattack. The Koblenz-based medical services provider admitted as much on Monday, Dec. 20, 2021. The internal IT systems are likely affected, which should affect some doctors, pharmacies, labs and clinics if they want to contact the company. Here is some information on what is known.

Continue reading

Posted in Security | Tagged | Leave a comment

Vulnerabilities CVE-2021-3922, CVE-2021-3969 in ImController of Lenovo Notebooks

Posted on 2021-12-21 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Lenovo notebooks and devices that use the ImController service are vulnerable to a privilege escation vulnerability. This can allow attackers to execute commands with administrator privileges on the devices. However, there is an update to address both vulnerabilities.

Continue reading

Posted in devices, Security | Tagged , | Leave a comment

Belgian Ministry of Defense affected by Log4j?

Posted on 2021-12-21 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The vulnerability CVE-2021-44228 in the JAVA library log4j is drawing wider circles. The Belgian Ministry of Defense may have shut down its networks after a serious cyberattack, admitting as much in the night from Sunday to Monday. Reports suggests that it was related to the log4j vulnerability CVE-2021-44228. Continue reading

Posted in Security | Tagged | Leave a comment

Thunderbird 91.4.1

Posted on 2021-12-20 by guenni

[German]The developers of the Thunderbird email client have released Thunderbird 91.4.1 on December 17, 2021. This is a maintenance update for the 91 development branch, which makes numerous fixes. Here is a brief overview.

Continue reading

Posted in Software, Update | Tagged , | Leave a comment

Firefox 95.0.2 released

Posted on 2021-12-20 by guenni

Mozilla[German]On December 19, 2021, Mozilla developers released version 95.0.2 as a maintenance update of the Firefox browser to correct a bug with AMD CPUs. According to the release notes, there is only one bug fix: Fixes frequent crashes for users with C/E/Z-Series AMD "Bobcat" CPUs on Windows 7, 8 and 8.1. The new Firefox can be updated via update in the browser or downloaded from this website for various platforms (the variant has to be selected via the displayed list boxes).

Posted in browser, Software, Update, Windows | Tagged , | Leave a comment