[German]In a concerted action by law enforcement agencies coordinated by Europol and Interpol, two suspected operators in the field of ransomware crime were arrested in Ukraine as early as September 28, 2021. The suspects are accused of infecting companies in Europe and the United States with ransomware and then extorting ransom money.
[German]IBM warns that QRadar Azure warn is vulnerable to remote attacks via the OMIGOD vulnerability CVE-2021-38647. Remote attackers could execute arbitrary code. This would have a similar impact to the supply chain attack on Kaseya VSA, a remote management and monitoring (RMM) software.
[German]Ransomware groups are continuously developing their business models and also acting as service providers, offering their tools in return for a share of the profits. A new Ransomware-as-a-Service (RaaS) group is trying to simplify the cyber extortion business a bit more. Customers can book the services for a fixed price.
[German]A brief note for administrators planning to move to Windows Server 2022. Microsoft has just announced that Microsoft 365 apps will not be supported on this OS. Addendum: U-Turn from Microsoft in Sept. 2022 – see Windows Server 2022: MS 365 apps to be supported. Continue reading
[German]At the end of September 2021, security provider Cyble published an alert. Its security team have discovered a new variant of the Hydra banking Trojan that is specifically targeting European users. Commerzbank customers seem to be one of these targets, as they are being phished with a Trojan disguised as a Commerzbank app for Android.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Microsoft has released a security advisory for the Edge browser on October 1, 2021, updating the browser to version 94.0.992.38. The update also closed Chromium team-reported security vulnerabilities.
[German]Microsoft has announced the availability of Office 2021 and Microsoft 365, as well as the pricing for these packages and subscriptions. Microsoft Office 2021 one-time license packages are scheduled to go live on October 5.
[German]Another brief post in which I revisit a topic from last week. I had reported that there is a vulnerability in the Autodiscover protocol, which is used by Microsoft Exchange, that reveals passwords. In the meantime, Microsoft is trying to get register the abusable Autodiscover domains, based on the reporting. However, it has now become known that this weakness has been known at Microsoft for at least 5 years without anything happening.
[German]Microsoft has released preview update KB5005611 for Windows 10 version 2004 – 21H1 on Sept. 30, 2021. The preview update is optional and is intended to fix various issues (including with Outlook add-ins).In addition, updates KB5005539 (.NET) and KB4023057 (reliability update for update service components) were released. Here is an overview of this update.
[German]Google has surprisingly released an update to Google Chrome 94.0.4606.71 for Windows, Mac and Linux on September 20, 2021. It is a security update that closes vulnerabilities rated as high. Some of the vulnerabilities are being exploited – here's a brief overview.
-
MVP:
2013 – 2016
WIMVP:
2017 – 2020
