[German]Co-operative Swedish supermarket chain Coop was forced to close its 800 affiliated stores Friday evening and Saturday after a ransomware attack on a service provider responsible for billing and point-of-sale systems. The whole thing is directly related to the supply chain attack on RRM Kaseya VSA and the follow-up cyber attack on at least eight major US managed service providers (MSPs).
[German]It is once again a nightmare come true for the IT landscape. The REvil ransomware group has succeeded in an attack via management service providers (MSPs). As a result, the servers of 200 companies were encrypted by the ransomware. It looks like the Kaseya IT management platform has been compromised. The whole thing is something like the SolarWinds supply chain attack, only this time it was ransomware.
[German]There is a remote execution vulnerability in the Windows Printer Spooler service that primarily threatens Windows Server systems and is already being actively exploited. So far, Microsoft has only confirmed the vulnerability and provided information on how to mitigate the problem by disabling the Windows Printer Spooler service until a security update is available. Now ACROS Security has presented a free 0Patch solution for various Windows Server versions that prevents exploitation of the vulnerability.
[German]A brief update on the RCE vulnerability CVE-2021-1675 in the Windows Print Spooler known as PrintNightmare. US-CISA warns and recommends disabling the Print Spooler service on servers that are not used for printing. And as of July 1, 2021, Microsoft has confirmed that the RCE vulnerability known as PrintNightmare, CVE-2021-1675, is still unpatched and is even currently being exploited.
[German]Does anyone manage their Windows clients via Configuration Manager (ConfigMgr) and also use Bitlocker? There is a PowerShell script Invoke-MbamClientDeployment.ps1 to supposedly upload the keys. However, Microsoft writes that this PowerShell script is not supported for use with BitLocker Management in Configuration Manager – so it must not be used in this scenario under any circumstances.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]Security researchers have published proof-of-concept (PoC) code for a remote code execution (REC) vulnerability in the Windows Print Spooler. The POC code was immediately deleted, but it is assumed that copies were pulled. The CVE-2021-1675 vulnerability allows an attacker to gain remote access to and take over a Windows Domain Controller.
[German]As of June 29, 2021, Microsoft has released a special update (D-Week) for Windows 10 versions 2004, 20H2 and 21H1. This update, which is not rolled out via Windows Update, is intended to fix possible problems with opening and rendering PDF files in Internet Explorer 11 or in apps.
[German]At the beginning of April 2021, 500 million user records of LinkedIn users were offered for sale in an underground forum (see Data leak: 500 million LinkedIn user data for sale in underground forum). Now a new data leak has been revealed, as 700 million LinkedIn user records were again offered for sale in an underground forum in mid-June 2021. As it looks, the LinkedIn user data was accessed via the API of the Microsoft-operated social network, which is used by many users for professional purposes.
As of June 29, 2021, there has been a disruption with Microsoft Intune. Users with Microsoft Intune-registered Android devices may not receive Wi-Fi profiles. Here is an excerpt from the IT265315 incident report.
[German]After the massive uncertainty regarding the minimum system requirements for systems with Windows 11, Microsoft has published an update about these requirements on the Windows blog just in time for the release of the first Insider Preview. There, Redmond explains why certain requirements are set, but leaves some questions, for example about CPU support, unanswered.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
