[German]VMware View Planner has several vulnerabilities, that can be used for Remote Code Execution (RCE). VMware has issued a warning and also security updates for View Planner.
Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Patch your VMware View Planner
Cyber attack on Exchange server of the European Banking Authority
[German]The European Banking Authority has fallen victim to a cyber attack. Their Exchange servers were compromised via vulnerabilities patched in early March 2021. Here is some information on what I know so far.
Gafgyt botnet family targets D-Link, Citrix and IoT
[German]Security researchers have recently encountered a family of botnets called Gafgyt that targets D-Link, Citrix and IoT devices. It is the first malware family to attack vulnerabilities in devices via the Tor network.
Microsoft MSERT helps to scan Exchange Servers
[English]Redmond has added security information to the latest version of the Microsoft Support Emergency Response Tool (MSERT). The tool can now be run to detect and eliminate the latest Exchange Server threats. Specifically, the tool finds installed Web shells in Exchange instances.
Exchange Hack News – Test tools from Microsoft and others
[German]The Hafnium hacker group has probably managed to compromise hundreds of thousands of Exchange installations worldwide via vulnerabilities. A patch to close the vulnerabilities is available, but it may be too late. However, tools are now available from Microsoft and third parties to check Exchange instances for signs of the hack.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Windows 10: Enable built-in process/DLL logging
[German]A little shortie for the weekend. In Windows 10 there is the option to log processes or the loading of DLLs and drivers. The option can be turned on via the Code Integrity policy.
Exchange isues with ECP/OWA search after installing security update (March 2021)
[German]Brief information for administrators of Microsoft Exchange servers who have yet to install the March 2021 security update. The security update released this week by Microsoft for Microsoft on-premise Exchange servers (2010 to 2019) is indeed intended to close four vulnerabilities used for attacks. The update has caused malfunctions in one case (ECP stops running and OWA search goes on strike). I am posting the information for administrators here on the blog to help troubleshoot for those affected.
Important notes from Microsoft regarding the Exchange server security update (March 2021)
[German]Microsoft warns, that installing the March 2021 cumulative security updates for Exchange servers need to be done with administrative privileges. Otherwise the patch will not close the vulnerabilities. In addition, German BSI (Federal Office for Information Security) warns that thousands of Exchange servers are accessible via the Internet and are probably already infected. Addendum: It's suspected, that at least 30,000 organizations across the United States have been hacked during the last few days.
Edge 89.0.774.45 released
[German]Microsoft has released the update to Edge 89.0.774.45 on March 4, 2021. It is a new development branch, with this version fixing various vulnerabilities that have already been fixed in Google Chrome. Here is some information about it.
Sita hack affects passenger data from Star Alliance
[German]Unpleasant story – the servers of the service provider for airlines, SITA (cooperates with IATA), were hacked. Customer data of air travelers of Star Allicance (among others United) got into the hands of hackers. Singapore Airlines and other airlines have informed customers.