Survey shows declining trust in IT vendors like Microsoft

Posted on 2021-12-11 by guenni

Stop - Pixabay[German]It has been a gut feeling of mine that Microsoft in particular is somehow on a downward spiral in terms of product quality and security. Constant bugs and problems after updates, and an increasing number of successful cyber attacks on Microsoft products speak a clear language. Now, the CrowdStrike Global Security Attitude Survey 2021 confirms this impression that trust in established IT vendors like Microsoft is declining.

Continue reading

Posted in Security | Tagged , | 1 Comment

0-day CVE-2021-44228 in Java library log4j puts many projects at risk

Posted on 2021-12-11 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]There is a critical unpatched vulnerability in the log4j Java library used for logging. This software is integrated in many other products. Thousands of services from Apple, Amazon, Twitter, Minecraft, etc. are vulnerable via this vulnerability. Meanwhile, the first attacks on honeypots have already been observed. Here's a brief overview of what's going on.

Continue reading

Posted in Security, Software | Tagged | Leave a comment

Malware in Android apps (Example GriftHorse)

Posted on 2021-12-11 by guenni

[German]Android Malware has become one of the most problematic security issue in 2020/2021. Actually, I could write about malware-infected apps almost every day. Today, I'd like to share a case from a few days ago about the so-called GriftHorse malware, which has infected more than 10 million devices worldwide.

Continue reading

Posted in Android, Security | Tagged , , | Leave a comment

Volvo Cars Corporation was victim of cyberattack by Snatch ransomware group

Posted on 2021-12-10 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Car manufacturer Volvo, or Volvo Cars Corporation, currently owned by a Chinese holding company, has fallen victim to a successful ransomware cyberattack. My report a few days ago has been confirmed, the company is sounding the alarm as data from research and development has been leaked. The Snatch Ransomware group had recently claimed a successful attack on the company. Continue reading

Posted in Security | Tagged | Leave a comment

Heavy attacks on 1.6 million WordPress sites (Dec. 9, 2021)

Posted on 2021-12-10 by guenni

[German]Security vendor WordFence's Threat Intelligence team noticed a dramatic increase in vulnerability attacks on WordPress instances on December 9, 2021. In the past 36 hours, the Wordfence network has blocked over 13.7 million attacks against four different plugins and several Epsilon framework themes on over 1.6 million websites, originating from over 16,000 different IP addresses.

Continue reading

Posted in Security | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Patch critical vulnerabilities in SonicWall SMA 100

Posted on 2021-12-10 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]SonicWall's Secure Mobile Access (SMA) 100-Series solution provides secure end-to-end remote access to enterprise resources hosted in on-premise, cloud and hybrid data centers. Vendor SonicWall is now urging users of its SMA 100 devices (SECURE MOBILE ACCESS 100-SERIES) to patch. Security researchers have found two critical vulnerabilities in the firmware, for which the manufacturer is providing security updates.

Continue reading

Posted in Security, Update | Tagged , | Leave a comment

Cloud services vulnerable via USB-over-Ethernet vulnerabilities

Posted on 2021-12-10 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researchers from SentinelLabs have discovered vulnerabilities in USB-over-Ethernet software that make cloud services such as Amazon Web Services (AWS) or other cloud services vulnerable to attack. Some of the affected providers have provided automatic security updates to address the vulnerabilities, some of which are severe – but some require manual action by the customer.

Continue reading

Posted in Cloud, Security | Tagged , | Leave a comment

Microsoft Office Patchday (December 7, 2021)

Posted on 2021-12-09 by guenni

[German]On December 7, 2021 (first Tuesday of the month, Office Patchday), Microsoft releases non-security updates for still-supported versions of Microsoft Office. This month, however, there is only one update for Microsoft Office 2016. Here is a brief overview.

Continue reading

Posted in Office, Update | Tagged , | Leave a comment

Hellmann Logistics Victim of a cyber attack

Posted on 2021-12-09 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The the internationally active German Logistics company Hellmann appears to have fallen victim to a cyberattack on its IT. This attack was probably detected at an early stage and the company reacted accordingly. Currently, however, some data connections have probably been cut, so that business operations are being affected. 

Continue reading

Posted in Security | Tagged | Leave a comment

Amazon AWS cloud outage causes chaos (2021/12/08)

Posted on 2021-12-08 by guenni

[German]As of today, December 8, 2021, there was a major outage of Amazon AWS services in the US. The Amazon Cloud service was disrupted for about 8 hours, and all users who relied on this service were pretty much left looking down the tubes. No more orders, Alexa, Ring and Disney Plus were also on strike. Could have been a bigger drama for some users.

Continue reading

Posted in Cloud, issue | Tagged , , | Leave a comment