[German]Security researchers at Guardicore have discovered a design flaw in Microsoft Exchange autodiscover protocol that allows attackers to use external autodiscover domains to harvest domain credentials. This is possible because autodiscover domains outside the user's domain (but still in the same TLD) can be abused. Here are some details about this flaw.
[German]Since the patchday of September 14, 2021, when further security updates to close the PrintNightmare vulnerabilities are delivered, there are massive problems with network printers in some environments. The background is that Microsoft implemented certain security measures in August and September 2021. This post reflects the status as of September 22, 2021 and summarizes solutions as well as workarounds to resolve printing issues from various posts here on the blog.
[German]Google has released the stable version of Google Chrome 94.0.4606.54 for Windows, Mac and Linux on September 21, 2021. It is a security update that closes 19 vulnerabilities. Here's a quick overview of what to expect from the update. Continue reading
[German]Adobe has released a security update for Adobe Acrobat (Reader) DC to version 21.005.20091 on September 14, 2021, which is intended to eliminate critical errors. The problem with this is that on some systems, Adobe Reader DC 21.007.20091 cannot be used afterwards because it crashes with error 0xc0000142. I don't have a solution yet, but pull together some information. Addendum: Added more information on September 29, 2021.
[German]For patchday on September 14, 2021, Microsoft has released security updates for the supported Windows systems, which should also eliminate further PrintNightmare vulnerabilities. However, these updates cause problems so that network printers can no longer be controlled. In some cases, a simple workaround might help without having to uninstall the security update.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Healthcare facilities are likely to be the main target of ransomware attacks in 2020, as Unit 42 of security firm Palo Alto Networks found out and published in a Thread report. It is believed that cyber criminals targeted the facilities more because healthcare facilities were under tremendous pressure due to the influx of COVID-19 patients. Palo Alto Networks has therefore compiled ten approaches for better protection in this area. Continue reading
[German]For months, a number of vulnerabilities in the Windows Print Spooler service have existed in all versions of Windows, collectively known as PrintNightmare. Microsoft has been trying in vain to close the vulnerabilities completely since July 2021, but is having problems. The updates released for patchday on September 14, 2021 also cause problems, which Microsoft has now partially acknowledged. There is the advice to update the printer driver to be able to print again.
[German]Router manufacturer MikroTik has published a security advisory on how to protect its devices against a takeover by the Meris botnet. The Meris gang exploits the CVE-2018-14847 vulnerability, discovered in 2018 and patched long ago, to take over devices and then abuse them for DDoS attacks. Here is some information about it.
[German]Security researchers from Lumen's Black Lotus Labs have come across several malware samples that can infect the Windows subsystem for Linux and then switch to the native Windows environment. Experts had outlined this scenario back in 2017. Thus, the Microsoft WSL implementation creates a new attack surface for malware developers. Here's some information on the topic.
[German]Small news from the world of computer technology: The inventor and entrepreneur Sir Clive Marles Sinclair died yesterday, September 16, 2021 in London, at the age of 81. Born near Richmond on July 30, 1940, the British inventor is considered, among other things, the father of the Sinclair ZX81 and ZX Spectrum computers that were popular in the 1980s.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
