Trend Micro Exposes Void Balaur Cyber Mercenary Group

Posted on 2021-11-14 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]It's a trend that's been around for a while: fit IT professionals are hiring cyber mercenaries to carry out cyber attacks. Trend Micro has now exposed a cyber mercenary group called "Void Balaur." New research details the modus operandi of the contract hacking group. Motivated by espionage and financial interests, these contract hackers have targeted more than 3,500 companies and individuals since 2015.  Among the victims are human rights activists, journalists, politicians, and technical executives in telecommunications companies.

Continue reading

Posted in Security | Tagged | Leave a comment

FBI email server hacked, distributes fake cyberattack warnings

Posted on 2021-11-14 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]It's been going around Twitter for a few hours now: the Federal Bureau of Investigation's (FBI) email servers were hacked. The attackers then sent out hundreds of thousands of urgent warnings about alleged cyberattacks to numerous recipients. Administrators struggled to deal with these emails, which carried the FBI as the sender but were easily identifiable as SPAM. Here's a brief overview.

Continue reading

Posted in Security | Tagged | Leave a comment

Booking.com hack from 2016 probably by US intelligence agency employees

Posted on 2021-11-14 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]In 2016, the hotel reservation platform booking.com, which is also quite popular in Germany, suffered a data protection breach caused by a hack, for which the platform was not responsible (access data of hotel employees was stolen). Because the incident was reported too late, the Dutch data protection regulator imposed a fine. Now it turns out that the hack at Booking.com was probably carried out by an employee of the US Secret Service. They wanted to get the booking data of hotels in Arab countries.

Continue reading

Posted in Security | Tagged | Leave a comment

Backup and update your central Windows ADMX store

Posted on 2021-11-14 by guenni

Windows[German]I'm going to post a topic here on the blog that affects administrators of Windows systems in companies. How do you actually make sure that the central ADMX store for Windows group policies always stays up to date and can be restored in case of corruption? Without up-to-date ADMX files in the store, group policies can't really be used efficiently.

Continue reading

Posted in Windows | Tagged , , | Leave a comment

Azure PowerShell update announced for December 7, 2021

Posted on 2021-11-14 by guenni

[German]The Azure PowerShell team plans to release a major upgrade to the Azure (Az) PowerShell module Dec. 7, 2021. This will include support for Microsoft Graph.

Continue reading

Posted in Cloud | Tagged , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Microsoft, sustainability and Windows 11 as an environmental disaster

Posted on 2021-11-14 by guenni

[German]Let's take a closer look at  Microsoft and the promise to become sustainabile. I just saw an announcement for a Microsoft Sustainability Kick-Off event. Microsoft say it's working to protect the environment. On the other hand, there are Surface models that score 1 or 2 out of 10 possible points in the repairability index. In addition, there is the matter of the just released Windows 11. 50 percent of the current devices do not meet the minimum requirements for Windows 11. In January 2023, all devices with Windows 7 ESU and Windows 8.1 will be removed from support – and support for Windows 10 will end in October 2025. Millions of tons of electronic waste will be generated worldwide by PCs that are not suitable for the next Windows generation. Is that sustainability in practice?

Continue reading

Posted in devices, General, Windows | Tagged , , , | 1 Comment

Kisters AG victim of ransomware attack (Nov. 10/11, 2021)

Posted on 2021-11-13 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The medium-sized an German based company Kisters AG, which develops software solutions for sustainable resource management and now has numerous branches worldwide, has fallen victim to a ransomware attack. Following the attack on November 10/11, 2021, all systems are now down and the website is not accessible. Here is a brief overview of what is known. Furthermore, the Bucher community vehicle division (Switzerland) are victims of a ransomware attack.

Continue reading

Posted in Security | Tagged , | Leave a comment

0patch fixes LPE Vulnerability (CVE-2021-34484) in Windows User Profile Service

Posted on 2021-11-13 by guenni

Windows[German]There is an incompletely patched Local Privilege Escalation vulnerability (CVE-2021-34484) in the Windows User Profile Service. Although there has been an update for all Windows versions since August 2021, it does not fully patch the vulnerability. ACROS Security has therefore developed a free 0patch solution to mitigate this vulnerability.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

CERT warning: Compromised Exchange servers are misused for email attacks (Nov. 2021)

Posted on 2021-11-13 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researcher, and the Federal Office for Information Security (BSI), and CERT-Bund have issued a warning. These organizations are currently (Nov. 2021) observing a significant increase in e-mail attacks. The two organizations assume that these e-mails are sent from compromised Exchange servers. Malware (Qakbot etc.) is being sent with the emails.

Continue reading

Posted in Security, Software | Tagged , | Leave a comment

14 Vulnerabilities in BusyBox

Posted on 2021-11-12 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researchers from JFrog and Claroty Team82 have found 14 vulnerabilities in the popular BusyBox tool. All vulnerabilities were confidentially reported to the developer of BusyBox and fixed in version 1.34.0, which was released on August 19. The vulnerabilities could have been exploited for at least a Denial of Service (DoS) attack. However, in rarer cases, information leaks and possibly remote code execution would have been possible.

Continue reading

Posted in Linux, Security | Tagged , | Leave a comment