NSO Group's Pegasus spyware on many smartphones

Posted on 2021-07-19 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]It started with a leaked list of about 50,000 phone numbers. Investigative research by the media then shed light on the surveillance of smartphone users by governments and private organizations. Numerous people around the world were spied on using Pegasus spy software from Israel's NSO Group. The company seems to provided authoritarian states with the opportunity to surveil journalists, human rights activists and members from NGOs.

Continue reading

Posted in Security | Tagged , , | Leave a comment

Reading: What was learned when Microsoft switched to a zero trust network architecture

Posted on 2021-07-18 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Zero Trust is a timely approach to addressing the cybersecurity challenges posed by the rise of telecommuting, the proliferation of personal devices and outdated physical security perimeters. At Microsoft, they have taken this step and learned various lessons, which Abbas Kudrati, Cloud & Cybersecurity Strategist, summarized in an article.

Continue reading

Posted in Security | Tagged | Leave a comment

Security Settings for Failover Clustering

Posted on 2021-07-17 by guenni

[German]Security is at the forefront of many administrator's minds and with Failover Clustering. Microsoft did some improvements with Windows Server 2019 and Azure Stack HCI with regards to security.

Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Exchange security updates from July 2021 breaks ECP and OWA

Posted on 2021-07-17 by guenni

Update[German]As of July 13, 2021, Microsoft has released security updates for Exchange Server 2013, Exchange Server 2016 and Exchange Server 2019. These July updates are intended to address vulnerabilities reported by external security partners and found by Microsoft's internal processes on Exchange Server on-premises installations. However, on some systems, installing the security updates causes the Exchange Control Panel (OWA) and Outlook Web App (OWA) to stop working. Microsoft has since confirmed the issue (seems an OAuth certificate thing).

Continue reading

Posted in issue, Security, Software, Update | Tagged , , , | Leave a comment

Microsoft Defender for Identity can detect PrintNightmare attacks

Posted on 2021-07-17 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]Microsoft Defender for Identity (formerly Azure Advanced Threat Protection or Azure ATP) has been given the ability by Microsoft to detect and defend against attacks via the PrintNightmare vulnerability. This primarily affects exploitation of vulnerabilities in the Windows Print Spooler service (including the actively exploited CVE-2021-34527).

Continue reading

Posted in Security, Windows | Tagged , , | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Google Chrome 91.0.4472.164 fixes 0-day vulnerability

Posted on 2021-07-17 by guenni

[German]Google has released Google Chrome 91.0.4472.164 for Windows, Mac and Linux on July 15, 2021. It is a security update that fixes 7 vulnerabilities in older browser versions at once. The browser should be patched quickly, as a 0-day vulnerability CVE-2021-30563, rated as high, is already being exploited in the wild.

Continue reading

Posted in browser, Security, Software, Update | Tagged , , | Leave a comment

Windows vulnerability PrintNightmare: It's not over yet (July 15, 2021)

Posted on 2021-07-16 by guenni

Windows[German]Bad news for Windows users, because the issue known as PrintNightmare, which vulnerabilities in the Print Spooler service can lead to privilege escalation, still exists. The special updates of July 6 and 7, as well as the regular security updates of 7/13/2021, leave more vulnerabilities open. On Twitter, someone demonstrated how to install printers as a standard user on a fully patched system. And Microsoft released a new security advisory earlier in the day.

Continue reading

Posted in Security, Windows | Tagged , | 1 Comment

Windows 10 21H2 announced and first Insider Preview released

Posted on 2021-07-16 by guenni

Windows[German]Microsoft has announced the next Windows 10 feature update to version 21H2 on July 15, 2021. This is supposed to be generally released in the second half of 2021 – I assume in October. Currently, the first preview is available for Windows Insiders to test. The new version will again be distributed as a small feature update. In addition, an LTSC version based on 21H2 with five years of support and an IoT version with 10 years of support are planned. Here is an overview of what is known.

Continue reading

Posted in Windows | Tagged | 1 Comment

SQL- and Windows Server 2012 get Extended Support (ESU)

Posted on 2021-07-16 by guenni

Update[German]It's still a few days away until support for Windows Server 2012 R2 changes as scheduled. But at the Ignite 2021 partner conference, Microsoft announced that there will be an Extended Support Program for this software product. Here's a quick overview for administrators in terms of end-of-life dates for Windows Server 2012 and SQL Server 2012.

Continue reading

Posted in Security, Update, Windows | Tagged , | 1 Comment

Windows 365: The cloud PC presented at Inspire

Posted on 2021-07-15 by guenni

[German]The rumors have been around for a while, I had reported the week in the article News from Microsoft's Cloud PC still about it and something to 14/15 July 2021, on the occasion of the Inspire partner conference expected. Now Microsoft has presented Microsoft Inspire Windows 365 at its global partner conference. It is a cloud service that opens up new possibilities for companies of any size to use Windows 10 or Windows 11. Windows 365 moves the entire operating system, including applications, data and settings, to the Microsoft cloud, where it will be usable on private or corporate devices. 

Continue reading

Posted in Cloud, devices | Tagged , | Leave a comment