[German]The vulnerability CVE-2021-44228 in the JAVA library log4j is drawing wider circles. The Belgian Ministry of Defense may have shut down its networks after a serious cyberattack, admitting as much in the night from Sunday to Monday. Reports suggests that it was related to the log4j vulnerability CVE-2021-44228. Continue reading
[German]The developers of the Thunderbird email client have released Thunderbird 91.4.1 on December 17, 2021. This is a maintenance update for the 91 development branch, which makes numerous fixes. Here is a brief overview.
[German]On December 19, 2021, Mozilla developers released version 95.0.2 as a maintenance update of the Firefox browser to correct a bug with AMD CPUs. According to the release notes, there is only one bug fix: Fixes frequent crashes for users with C/E/Z-Series AMD "Bobcat" CPUs on Windows 7, 8 and 8.1. The new Firefox can be updated via update in the browser or downloaded from this website for various platforms (the variant has to be selected via the displayed list boxes).
[German]The erotic mail order company Amorelie has just informed its customers about a data protection incident. Customer data from orders for seven years had been accessible to unauthorized third parties through a vulnerability frome March up to November 2021. There had allegedly been no misuse. Here is some information on the state of affairs.
[German]Within this blog post I will outline the risk, users are facing by trusting anti virus scanners. Security expert Stefan Kanthak outlined a case to me, that shows, that you can't trust most virus scanners. Sometimes the don't detect malicious software – but in many cases they are reporting false positives. Stefan Kanthak demonstrated this to me with his tool CPUID Enumerator and Decoder.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Users of Dell systems are still at risk of having their Windows systems compromised via Dell drivers through kernel attacks. The problem was supposed to be fixed by updates as early as May 2021. However, security researchers from Rapid7 are now sounding the alarm that these security updates have not closed all vulnerabilities. However, security researchers from Rapid7 are now sounding the alarm that these security updates have not closed all vulnerabilities. True, administrator privileges are required to install the drivers. But it looks like this approach is being used by cyber gangs for attacks. However, there are countermeasures in the business environment.
Is this really good news? A major takeover in the healthcare sector, or rather in the area of software for healthcare, may be on the horizon. According to reports, the US company Oracle is negotiating the takeover of Cerner. This is a company that also develops software for digitalization in healthcare in Germany. The takeover is said to be worth $30 billion.
[German]Security vendor Trend Micro has published a report highlighting how threat actor TeamTNT is going about compromising Docker Hub accounts. This is a follow up article, after they wrote about compromised Docker hub account abused for crypto mining. If anyone is running Docker, you might want to take a look.
Microsoft released some Security Update revisions to vulnerabilities on December 14 and 16. I am simply posting the relevant information as an uncommented addendum on the blog for your information.
[German]The log4j vulnerability CVE-2021-44228 keeps sending shockwaves through the IT scene. Latest reports say that a majority of companies have not patched the vulnerability in their software. In addition, a new DoS vulnerability has been found in the library, for which there is no patch yet. Meanwhile, attacks continue to run to new highs. Here's an overview to close out the week.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
