[German]Another short addendum concerning security, which came to my attention the other day. Security researchers at HP Thread-Research have discovered a loader written in JavaScript that installs Remote Access Trojans (RATs) on Windows systems. The developer now appears to be working with eight malware groups.
[German]Short message for administrators who are already productive with Windows Server 2019 or even Windows Server 2022 and use Microsoft Defender for Endpoint as virus protection. Microsoft has admitted that after installing certain updates on these Windows Server versions, problems can occur and Defender no longer starts.
[German]Attackers are exploiting a now-patched CVE-2021-40444 vulnerability in Microsoft's MSHTML routines to attack Windows systems. And the 0-day vulnerability in Windows Installer that I addressed here on the blog the other days is being exploited by malware for privilege escalation. Here's an overview of the threats to Windows users via these two rails.
[German]A few days ago, the US registrar and hoster GoDaddy made public a major hack in which the attacker had access to 1.2 million customer records. My mind immediately went "is HostEurope as a subsidiary also affected". In the meantime, I read reports that HostEurope was also affected. A request to the support has the night adhoc nothing, but the answer of the specialist department is still pending.
[German]November 26, 2021 is Black Friday – almost everything is free – and some people's brains are also out. This also attracts cyber criminals, who increasingly attack consumers with online shopping scams. The telemetry data from Bitdefender Labs also documents an increased incidence of shopping spam messages in Germany in November. Further highlights of such mailings can be expected for Black Friday and for Cyber Monday, which is also becoming increasingly popular in Germany. I am posting the information provided by Bitdefender here on the blog.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Do any of you use the User State Migration Tool to transfer data in the profile to other machines? It looks like the User State Migration Tool (USMT) corrupts the start menu settings in the user profile. Has anyone made any observations to this effect?
[German]Something is escalating right now. The Irish data protection authority DPC demanded that the Austrian organization noyb draw up and sign a "non-disclosure agreement" (NDA) within one working day. Otherwise, the complainant would no longer be heard. Max Schrems reported the DPC or the incident to the Austrian Public Prosecutor's Office for Corruption via the organization noyb.
[German]Security researchers from Check Point have discovered a vulnerability in an Android APU, the APU is the AI Processing Unit in MediaTek chips. The security researchers warn that users can be eavesdropped via the audio processor. The Mediatek chips are installed in 37% of all Android devices. The incident is reminiscent of the vulnerability in Qualcomm chips.
[German]As of November 19, 2021, Microsoft has released the cumulative preview update KB5007289 for .NET Framework 3.5 and 4.8 for Windows 10, version 2004, Windows Server, version 2004, Windows 10, version 20H2, Windows Server, version 20H2 and Windows version 21H1. The update fixes several bugs in WPF and in SQL Connection. As a preview it is optionally available via the update search in Windows Update as well as in the Microsoft Update Catalog. Details can be found in the support article.
[German]Today a short info splitter for tinkerers among the blog readership. With YARP (stands for Yet Another Reverse Proxy) a free framework is available to generate a reverse proxy. The framework has been provided by Microsoft teams.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
