[German]Small article at the end of the week, concerning the US vendor Kaseya. After the supply chain attack on Kaseya RMI software and encryption of numerous customer systems, a decryption key has surfaced in an underground forum. In addition, a blog reader alerted me to an update that closes various security holes in a Kaseya product.
[German]I'm bringing this up again before the weekend, even though the readership of this blog is probably well informed and keeps the Exchange servers up to date with the latest patches. It's Friday the 13th and we're about to hit the weekend. And it looks like the wave of attacks on Microsoft Exchange Servers via the ProxyShell vulnerability is rolling in now. All Exchange Servers still running on the March 2021 patch level and accessible via the Internet are vulnerable to these attacks and can be taken over.
[German]Microsoft has closed a number of vulnerabilities with updates on patchday (August 10, 2021). I have an overview that I am posting for the sake of completeness. In addition, Microsoft has distributed two security update revisions in the days in mails, which I also publish here. Maybe this is of interest for someone.
[German]Both Microsoft and the vendor Tenable have addressed the question of how to better protect corporate environments against cyberattacks and ransomware infections in blog posts. I have summarized the relevant information in the following post.
[German]It happened, there is the first case of a ransomware gang using the Windows PrintNightmare vulnerability to attack Windows servers. In July 2021, security vendor Crowdstrike was able to thwart a ransomware attack against a target in South Korea. During the evaluation, the security researchers found that the Magniber ransomware gang attempted to exploit the vulnerability (CVE-2021-34527)
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Another small addendum from the August 2021 patchday regarding the PrintNightmare print spooler service vulnerability. Microsoft did release a patch that is supposed to fix the vulnerability. But I had already pointed out in my Patchday blog posts that this patch was not sufficient. Now Microsoft has set a new CVE-2021-36958 (Windows Print Spooler Remote Code Execution Vulnerability) as of 8/11/2021.
[German]NortonLifeLock and Avast are planning a merger that could be worth up to $8.6 billion, as The Verge reports. NortonLifeLock CEO Vincent Pilette made the announcement in this short note. NortonLifeLock is expected to acquire all of Avast's shares, which would create a large cybersecurity vendor. With this merger, the officials hope to strengthen the cybersecurity platform and make it available to more than 500 million users. NortonLifeLock CEO says, "We'll also be able to further accelerate innovation to transform cybersecurity." The merger should result in antivirus products that combine the benefits of Avast's focus on data protection and NortonLifeLock's expertise in identity. The hope is to be well positioned for consumers and businesses in the age of ransomware.
[German]The IT consulting company Accenture has probably become a victim of a cyber attack with the Lockbit ransomware. The company has now admitted to the attack. Data also appears to have been siphoned off in the ransomware attack. Here is some information on what is now known.
[German]On August 10, 2021 (second Tuesday of the month, Microsoft Patchday), Microsoft has released several security-related updates for still supported Microsoft Office versions and other products. Here you can find an overview of the available updates.
[German]The developers of the Thunderbird email client have released Thunderbird 78.13.0 on August 10, 2021. This is a maintenance and security update for the 78 development branch that should fix several bugs and vulnerabilities.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
