[German]Small addendum: Oracle's developers have already released Virtualbox version 6.1.26 on July 28, 2020. It is a maintenance update that is supposed to fix bugs of previous versions.
[German]Unknown thread actors are scanning the Internet for Microsoft Exchange servers that are updated to March 2021 and are not protected against the ProxyLogon vulnerability. CERT-Bund warns, and calls for patching. Meanwhile, there are advanced Sigma rules for administrators to defend against attacks. And there is a script that administrators can use to check whether their own Exchange servers are vulnerable. Below I have summarized some information around this topic.
[German]Question: Has anyone experienced problems with Google Chrome 92 or its Edge counterpart when the called domain starts with the letter a (Amazon, Autodesk, etc.)? The tentatively rolled out CECPQ2 may be clashing with Fortigate 6.4.5 and the overarching Palo Alto solutions.
Continue reading
[German]The ncccgroup released a Technical Advisory as of August 5 warning of the RCE vulnerability CVE-2021-22937 in Pulse Connect Secure. The Pulse Connect Secure appliance suffers from an uncontrolled archive extraction vulnerability that allows an attacker to overwrite arbitrary files, resulting in remote code execution as root. This vulnerability is a workaround to patch for CVE-2020-8260.
[German]If you need to setup Windows or needs to transfer to another machine, the necessary drivers are required. Windows already comes with a set of Microsoft drivers that are installed during setup. The rest of the drivers you obtain from the manufacturer and install specifically. Wouldn't it not be cool to be able to export the drivers installed on a perfectly set up system to a folder as a backup? And how can you read back (install) the drivers from the backup folder?
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]The timely installation of security updates is a building block to protect Windows systems from the cyber threats of this time. Microsoft therefore once again advertises to its clientele that it implements or achieves a "first-class monthly Windows patch efficiency". Here, in principle, one would nod immediately if it weren't for the teeny-tiny flaw of often unreliable updates, which, unfortunately, are recurrently notable for significant collateral damage. Here's a blog post that tries to illuminate the two different worlds between Microsoft's own view and the user community's experience.
[German]Are we soon seeing a second hafnium disaster, in which Exchange servers are attacked and taken over via vulnerabilities? At the BlackHat 2021 conference, security researcher Orange Tsai spoke about new vulnerabilities in Microsoft Exchange and, in addition to old (and patched) security issues, and he lso hinted at new attack vector via known and new vulnerabilities. What has been patched so far is only the tip of an iceberg, he hinted. In addition, there are plenty of Exchange servers that are accessible via the Internet but are at a March 2021 patch level. Ingredients that could potentially bring us the next disaster with cyber attacks on Exchange servers.
[German]Microsoft has announced this week plans how to refresh its OneNote software. There is, after all, an app for Windows 10 and there is still the classic OneNote 2016 application for the desktop, which was installed with Microsoft Office. Over the next 12 months, a series of updates are expected to bring improvements.
[German]Most Windows insiders have come across the RunOnce key in the registry. Programs and services can enter a command there, which is executed once at the next Windows start and then deleted. However, Windows supports various options to force the key to be evaluated in safe mode or to prevent the entry from being deleted if the command isn't executed.
[German]Taiwan-based motherboard manufacturer GIGABYTE has fallen victim to a ransomware attack by the RansomEXX group. The RansomEXX gang is now threatening to make captured files in the amount of 112 GBytes public unless a ransom is paid.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
