[German]Security vendor Proof Point observed three APT actors from India, Russia and China using a novel RTF template injection technique for phishing attachments to retrieve malicious content from a remote URL in 2021. The security researcher fear, that this technique will be misused soon by cyber criminals.
[German]Users who try to download the Google Chrome browser in the pre-installed Edge browser under Windows 11 sees problably a popup in the browser window. This popup tries to fool people into thinking that Microsoft Edge uses the same technology as Google Chrome, but that you're also getting "the trust of Microsoft" on top. It's an A/B test for some US users, but it's again a super fail.
[German]The ACROS Security team around founder Mitja Kolsek has now developed and released the third micro-patch within two weeks for a vulnerability discovered by security researchers. The current micro-patch is about a 0-day InstallerTakeOver Local Privilege Escalation (LPE) vulnerability in Windows for which there is no CVE yet. Mitja Kolsek informed me about the issue in a private message on Twitter last night. Here is some information about it.
[German]Microsoft has changed the user interface of Windows 11 and has implemented developments from the trashed Windows 10X into the new operating system. The developers and marketing people also never get tire of praising the changes to the Explorer interface. But these changes come at a price – the file manager's usability suffers. And now a blog reader has pointed out to me that Explorer is very slow under Windows 11. Seems like it's all a bit of "still under construction", this new Windows 11.
[German]I had warned here in the blog several times that unpatched Exchange servers are attacked by thread actors, and that they are abused to send spam after a takeover. A blog reader has now sent me a short info (thanks) because he found a compromised Exchange server that was compromised and sent infected spam mails.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]A quick question for administrators who use Citrix VDI/TS for virtualization and have Google Chrome or Microsoft Edge as their browser. There are reports that there are crashes in the clients. Can anything be confirmed and is a solution known? Continue reading
[German]Microsoft has updated the Edge browser to version 96.0.1054.41 on November 30, 2021. The release notes only talk about "Fixed various bugs and performance issues" without going into further details.The browser should update automatically, but can also be downloaded here. (via)
[German]Hoh hoh, folks, today we can open the second door in the Advent calendar and see what Microsoft has put in as a surprise for us. Today we find the AppX installer, which is used in Windows 10 and Windows 11 to install applications and apps. Here's a quick overview of why you shouldn't take the expression "Trusted Apps" quite so literally. Because the associated installer may well flush malware onto the system, but shows the apps as trusted due to a serious design flaw. This mechanism is abused by Emotet ransomware gang to spread a dropper.
[German]Investigations by Europol and other law enforcement agencies uncovered a network of money mules that have been identified. The money mules laundered profits from online scams such as compromising business emails and forex fraud. In a joint operation with various law enforcement agencies, Europol arrested a total of 1,803 people accused of laundering money for Internet fraud.
[German]The latest feature called Buy Now, Pay Later (BNPL), which Microsoft has added to the Edge browser for US users, seems to be causing massive anger among users. It's yet more evidence that Microsoft has lost its sense of what's important to users.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
