I wish this to all blog readers and, above all, good health and optimism in these times.
Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
38C3: Bitlocker bypassed via vulnerabilities (Dec. 2024)
[German]A small addendum from the weekend – at the 38C3 congress of the Chaos Computer Club, Thomas Lambertz, a security expert, showed how Microsoft's Bitlocker encryption can be circumvented by "downgrading" a patched vulnerability. The way in which secret services or law enforcement agencies can gain access to encrypted data.
Vulnerabilities in G DATA Business software; fix with version 15.8.333
[German]Blog reader Fabian D. accidentally discovered a Privilege Escalation vulnerability in the G Data Security Client at the beginning of April 2024 and was then able to prove a Privilege Escalation vulnerability in the G Data Management Server during targeted research. Both vulnerabilities were reported to G DATA and have been fixed with version 15.8.333 in December 2024.
Message Trace in Exchange Online as Preview
[German]Small addendum to Exchange Online. Microsoft has released the preview for "Message Trance" in Exchange Online on December 16, 2024. The function should be activated for all tenants by the end of December 2024. Administrators will then be able to use message tracking in the Exchange Administration Center (EAC) in Exchange Online.
App-V no longer "deprecated"
[German]A small note for administrators who use Microsoft's App-V technology. Microsoft wanted to withdraw from App-V in April 2026, but has announced that it will continue to support the product in Windows clients and servers. The information must have been published by Microsoft in November 2024. Here is a rough overview of what I read from the announcements.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Edgio bankruptcy: Microsoft changes endpoints for .NET, PowerShell scripts and Win32 apps
[German]Small addendum from 27.12.2024. Microsoft was forced to change the download addresses for .NET, PowerShell scripts and Win32 applications at this time. The background to this is the insolvency of Edgio (Limelight Networks).
CISA warnings: Vulnerabilities in Windows Kernel, Cleo etc
[German]The US cyber security authority CISA has added further entries to its vulnerability catalog. It warns of the Adobe ColdFusion vulnerability CVE-2024-20767, the Windows kernel vulnerability CVE-2024-35250 and vulnerabilities in the Cleo software. The vulnerabilities are known to be exploited.
Did anyone get the "Welcome to the Microsoft 365 app" nag screen?
[German]A quick question for readers who use Windows. Has anyone seen a pop-up screen with the text "Welcome to the Microsoft 365 app" recently?
BlackBerry sells XDR solution Cylance to Artic Wolf
[German]A short message for readers who may rely on BlackBerry's XDR solution Cylance. News has reached me a couple of days ago, that BlackBerry is selling this asset to market leader Artic Wolf – a mutual agreement to transfer has been reached.
Hackers could break the European power grid via vulnerabilities in solar systems
[German]An unpleasant but by no means new realization. Some countries are "proud" of the installed capacity of solar collectors. But a Greek white hat hacker has shown how he could hack into numerous European solar systems using a laptop and the internet and simply switch them off
Posted in General
Leave a comment