[German]In the context of the digital developer conference Ignite 2021, Microsoft also announced a new approach for installing driver and firmware updates. Windows administrators are expected to have full control over these updates at some point in the future.
[German]I already came across the information from Flashpoint a few days ago, according to which the Russian-language hacker forum Maza itself was hacked. It seems that credentials of users in other forums have been published.
[German]VMware View Planner has several vulnerabilities, that can be used for Remote Code Execution (RCE). VMware has issued a warning and also security updates for View Planner.
[German]The European Banking Authority has fallen victim to a cyber attack. Their Exchange servers were compromised via vulnerabilities patched in early March 2021. Here is some information on what I know so far.
[German]Security researchers have recently encountered a family of botnets called Gafgyt that targets D-Link, Citrix and IoT devices. It is the first malware family to attack vulnerabilities in devices via the Tor network.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[English]Redmond has added security information to the latest version of the Microsoft Support Emergency Response Tool (MSERT). The tool can now be run to detect and eliminate the latest Exchange Server threats. Specifically, the tool finds installed Web shells in Exchange instances.
[German]The Hafnium hacker group has probably managed to compromise hundreds of thousands of Exchange installations worldwide via vulnerabilities. A patch to close the vulnerabilities is available, but it may be too late. However, tools are now available from Microsoft and third parties to check Exchange instances for signs of the hack.
[German]A little shortie for the weekend. In Windows 10 there is the option to log processes or the loading of DLLs and drivers. The option can be turned on via the Code Integrity policy.
[German]Brief information for administrators of Microsoft Exchange servers who have yet to install the March 2021 security update. The security update released this week by Microsoft for Microsoft on-premise Exchange servers (2010 to 2019) is indeed intended to close four vulnerabilities used for attacks. The update has caused malfunctions in one case (ECP stops running and OWA search goes on strike). I am posting the information for administrators here on the blog to help troubleshoot for those affected.
[German]Microsoft warns, that installing the March 2021 cumulative security updates for Exchange servers need to be done with administrative privileges. Otherwise the patch will not close the vulnerabilities. In addition, German BSI (Federal Office for Information Security) warns that thousands of Exchange servers are accessible via the Internet and are probably already infected. Addendum: It's suspected, that at least 30,000 organizations across the United States have been hacked during the last few days.
MVP:
2013 – 2016
WIMVP:
2017 – 2020
