Colonial Pipeline Attack: Wasted $5 Million and uses vulnerable Exchange Servers

Posted on 2021-05-15 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The dust is slowly lifting around the successful ransomware attack on the US utility Colonial Pipeline. In the meantime, it has become known that the company probably "wasted" a ransom of 5 million US dollars. There was a decryption key, but importing backups was faster. In addition, an audit revealed serious security flaws in the company's IT. For example, a Microsoft Exchange server had security vulnerabilities. Here is a summary of the latest findings from this case.

Continue reading

Posted in Security | Tagged | Leave a comment

DarkSide gang lost access to it's servers

Posted on 2021-05-14 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]The DarkSide cyber gang, responsible for many ransomware attacks provided "as-a-service" announced it's shutdown after they lost control of it's servers. They claim that their servers where seized and the cryptocurrency was transferred from their account to an unknown wallet. That was claimed in a message posted within he Russian OSINT Telegram channel and also on the cyber gangs web site. Addendum: An analysis showed that the gang collected $17.5 million ransome.

Continue reading

Posted in Security | Tagged | Leave a comment

Caution: E-mails with fake appointment invitations (May 2021)

Posted on 2021-05-14 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]SPAM e-mails with fake appointment invitations from unknown persons are piling up in mailboxes. The complaints about such fake invitations are raising. The scan is a clever way to steal and/or abuse data of the recipients. After I received such an appointment invitation for the first time, I'm decided to write a blog post.

Continue reading

Posted in Security | Tagged , | Leave a comment

A new version of Windows 10 SetupDiag Tool

Posted on 2021-05-14 by guenni

Windows[German]Microsoft has updated a diagnostic tool called SetupDiag. SetupDiag is a standalone diagnostic tool that can be used to obtain details about why a Windows 10 upgrade was unsuccessful. I've introduced an older version within my blog post Windows 10: Diagnose tool SetupDiag.

Continue reading

Posted in Software, Windows | Tagged , | Leave a comment

Microsoft's confirmation of a WSUS sync issue – failing to receive updates (May 11, 2021)

Posted on 2021-05-13 by guenni

Windows Update[German]As of May 11, 2021, administrators found that no Windows updates were found in the Windows Server Update Service (WSUS). After a few hours, the problem resolved. Now Microsoft has confirmed the problem nor provided some hints.

Continue reading

Posted in Security, Update, Windows | Tagged , , | 1 Comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

Patchday Microsoft Office Updates (May 11, 2021)

Posted on 2021-05-13 by guenni

[German]On May 11, 2021 (second Tuesday of the month, Microsoft Patchday), Microsoft has released several security-related updates for still supported Microsoft Office versions and other products. Here is an overview of the available updates.

Continue reading

Posted in Office, Security, Update | Tagged , , , | Leave a comment

FragAttack: Attack on WLAN devices

Posted on 2021-05-12 by guenni

Sicherheit (Pexels, allgemeine Nutzung)[German]German BSI and security researchers has issued a warning because a vulnerability called FRAGAttack allows millions of WLAN devices to be attacked locally. The vulnerability affects all WLAN standards (up to WPA3). Fortunately, this vulnerability can only be attacked if the attacker is in the WLAN's reception range. Here is some information about FRAGAttack.

Continue reading

Posted in Security | Tagged | Leave a comment

Adobe Acrobat (Reader) DC 21.001.20155

Posted on 2021-05-12 by guenni

[German]Adobe released a security update for Adobe Acrobat (Reader) DC to version 21.001.20155 on May 11, 2021. The release notes provide download addresses for the Windows and macOS installers. Security bulletin APSB21-29 states that the update to the product is intended to address several critical and important vulnerabilities. Successful exploitation could lead to the execution of arbitrary code in the context of the current user.  Adobe has received a report that CVE-2021-28550 has been exploited on a limited basis in attacks against Adobe Reader users on Windows.  (via)

Posted in Security, Software, Update | Tagged , , | Leave a comment

Patchday: Windows 7/Server 2008 R2-Updates (May 11, 2021)

Posted on 2021-05-12 by guenni

Windows[German]As of May 11, Microsoft has released various updates for Windows 7 SP1 systems that are still in ESU support. However, these security updates are also available for Windows Server 2008 R2 with ESU support. Here is some information about the Monthly Rollup and Security only updates for this operating system.

Continue reading

Posted in Security, Update, Windows | Tagged , , , , | Leave a comment

Patchday: Windows 8.1/Server 2012-Updates (May 11, 2021)

Posted on 2021-05-12 by guenni

Windows[German]As of May 11, Microsoft has released various updates for Windows 8.1. These security updates are also available for Windows Server 2012 R2. Here is some information on the Monthly Rollup and Security only updates for these operating systems.

Continue reading

Posted in Security, Update, Windows | Tagged , , , , | Leave a comment