[German]In these times of the coronavirus pandemic, many people are working from home offices. The increase in remote work requires new ways to keep track of employee performance and results. Problem is that if this is only done by counting keystrokes and measuring time at the desk. Unsurprisingly, a VMware study shows that employee monitoring measures can jeopardize trust in the company and increase turnover.
[German]Microsoft has updated the Edge browser to version 96.0.1054.53 as of December 10, 2021. The release notes only refer to the security page, where 14 vulnerabilities are listed as closed. The browser should be updated automatically, but can also be downloaded here. It is written here that Microsoft Edge should fight typosquatting and prevent users from entering a malicious website. In addition, according to this article, Microsoft has released a tool that is supposed to detect memory leaks in Edge. (via)
Bitdefender previously offered a free antivirus package, Bitdefender Antivirus Free Edition, for Windows. Now the provider announces that Bitdefender Antivirus Free Edition will be retiring. According to the colleagues at deskmodder.de, this is the case as of Jan. 1, 2022. However, support for existing users will continue until June 30, 2022.
[German]It has been a gut feeling of mine that Microsoft in particular is somehow on a downward spiral in terms of product quality and security. Constant bugs and problems after updates, and an increasing number of successful cyber attacks on Microsoft products speak a clear language. Now, the CrowdStrike Global Security Attitude Survey 2021 confirms this impression that trust in established IT vendors like Microsoft is declining.
[German]There is a critical unpatched vulnerability in the log4j Java library used for logging. This software is integrated in many other products. Thousands of services from Apple, Amazon, Twitter, Minecraft, etc. are vulnerable via this vulnerability. Meanwhile, the first attacks on honeypots have already been observed. Here's a brief overview of what's going on.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Android Malware has become one of the most problematic security issue in 2020/2021. Actually, I could write about malware-infected apps almost every day. Today, I'd like to share a case from a few days ago about the so-called GriftHorse malware, which has infected more than 10 million devices worldwide.
[German]Car manufacturer Volvo, or Volvo Cars Corporation, currently owned by a Chinese holding company, has fallen victim to a successful ransomware cyberattack. My report a few days ago has been confirmed, the company is sounding the alarm as data from research and development has been leaked. The Snatch Ransomware group had recently claimed a successful attack on the company. Continue reading
[German]Security vendor WordFence's Threat Intelligence team noticed a dramatic increase in vulnerability attacks on WordPress instances on December 9, 2021. In the past 36 hours, the Wordfence network has blocked over 13.7 million attacks against four different plugins and several Epsilon framework themes on over 1.6 million websites, originating from over 16,000 different IP addresses.
[German]SonicWall's Secure Mobile Access (SMA) 100-Series solution provides secure end-to-end remote access to enterprise resources hosted in on-premise, cloud and hybrid data centers. Vendor SonicWall is now urging users of its SMA 100 devices (SECURE MOBILE ACCESS 100-SERIES) to patch. Security researchers have found two critical vulnerabilities in the firmware, for which the manufacturer is providing security updates.
[German]Security researchers from SentinelLabs have discovered vulnerabilities in USB-over-Ethernet software that make cloud services such as Amazon Web Services (AWS) or other cloud services vulnerable to attack. Some of the affected providers have provided automatic security updates to address the vulnerabilities, some of which are severe – but some require manual action by the customer.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
