USA, EU, NATO, Microsoft & Co. Blame China for Hafnium Exchange Hack

Posted on 2021-07-20 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]At the end of February, beginning of March 2021, there was a massive attack on Microsoft Exchange Server (see Exchange server 0-day exploits are actively exploited), in which many thousands of instances were hacked worldwide. Even then, the attacks were attributed to the Chinese hacker group Hafnium. Now the US along with its allies (UK, NATA) as well as the EU are accusing China of being responsible for this attack. The U.S. has also identified four Chinese nationals as responsible. 

Continue reading

Posted in Security | Tagged , , | Leave a comment

Microsoft explains the Windows 11 context menu and the Share dialog

Posted on 2021-07-20 by guenni

Windows[German]In fall of 2021, Microsoft will most likely release Windows 11 and then roll it out more broadly in 2022 (see Has Intel revealed the October 2021 release date and name for Windows 11?). This will include a user interface overhaul with a new Start menu and rounded windows (Sun Valley). In anticipation of the release of Windows 11, Microsoft has now explained the new context menus and the Parts dialog in more detail.

Continue reading

Posted in Windows | Tagged | Leave a comment

Has Intel revealed the October 2021 release date and name for Windows 11?

Posted on 2021-07-20 by guenni

Windows[German]Let me put it this way: For me, it has been clear since the presentation that Microsoft will release its Windows 11 so sometime in October 2021 – even though the broad rollout with a free Windows 10 upgrade is not supposed to happen until 2022. Now, Intel may have unintentionally revealed the release date for Windows 11 as October 2021.

Continue reading

Posted in Windows | Tagged | 2 Comments

Windows Hello login bypassed via infrared photo

Posted on 2021-07-20 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Security researchers from CyberArk have managed to trick Windows 10's Hello login (also included in Windows 11) in terms of logging in via facial recognition. All they needed was an infrared photo of the face in question, used on a fake usb device acting as an IR camera. Here's some information on the facts of the matter.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Firefox 90.0.1 released

Posted on 2021-07-19 by guenni

Mozilla[German]The release of Firefox version 90.0.0 lasted just a week. Now the Mozilla developers have released July 19, 2021 version 90.0.1 as a maintenance update of the Firefox browser. Here is some information about what has been fixed.

Continue reading

Posted in browser, Update | Tagged | 1 Comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

PrintNightmare: Point-and-Print allows installation of arbitrary files

Posted on 2021-07-19 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Regarding the problem, originally called PrintNightmare, that Windows systems are vulnerable via the print spooler service, there is a new warning. A remote print server that can be accessed by unauthorized parties allows arbitrary malicious files to be installed on clients via point-and-print. The US-CERT has issued a new warning about this. However, there is a possibility to mitigate this vulnerability via group policies.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

DevilsTongue spyware from Israeli company Candiru exploited Windows vulnerabilities

Posted on 2021-07-19 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]After I just reported about spy Trojans of the Israeli NSO Group on smartphones (see Pegasus spy software of NSO Group on many smartphones), I can also reveal the second case. The Israeli company Candiru exploited vulnerabilities in Windows to install their spyware called DevilsTongue. However, the vulnerabilities have been fixed in the meantime.

Continue reading

Posted in Security, Windows | Tagged , , | 1 Comment

NSO Group's Pegasus spyware on many smartphones

Posted on 2021-07-19 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]It started with a leaked list of about 50,000 phone numbers. Investigative research by the media then shed light on the surveillance of smartphone users by governments and private organizations. Numerous people around the world were spied on using Pegasus spy software from Israel's NSO Group. The company seems to provided authoritarian states with the opportunity to surveil journalists, human rights activists and members from NGOs.

Continue reading

Posted in Security | Tagged , , | Leave a comment

Reading: What was learned when Microsoft switched to a zero trust network architecture

Posted on 2021-07-18 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Zero Trust is a timely approach to addressing the cybersecurity challenges posed by the rise of telecommuting, the proliferation of personal devices and outdated physical security perimeters. At Microsoft, they have taken this step and learned various lessons, which Abbas Kudrati, Cloud & Cybersecurity Strategist, summarized in an article.

Continue reading

Posted in Security | Tagged | Leave a comment

Security Settings for Failover Clustering

Posted on 2021-07-17 by guenni

[German]Security is at the forefront of many administrator's minds and with Failover Clustering. Microsoft did some improvements with Windows Server 2019 and Azure Stack HCI with regards to security.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment