[German]Law enforcement agencies around Interpol have shut down a total of 22,000 devices using IP addresses associated with cybercrime in a joint operation. Operation Synergia II (April 1 – August 31, 2024) specifically targeted phishing, ransomware and information theft sites and was a joint effort between INTERPOL, private sector partners and law enforcement agencies from 95 INTERPOL member countries.
[German]A German blog reader has pointed out that the PST import into a Microsoft 365 tenant has not worked since at least November 1, 2024 using a SAS URL. The import tool is reporting Error 500 for his German Microsoft 365 tenant. According to Microsoft, however, the error probably occurs worldwide. I have summarized the known details below.
[German]It's a strange information about Windows Server 2025 reported to me by German blog readers. Readers were offered an upgrade to Windows Server 2025 under Windows Server 2022 (and Windows Server 2019) for download and installation via Windows Update. It is currently unclear whether this is a mistake or a deliberate offer. In any case, the problem is that users do not have a license for Windows Server 2025 and are therefore falling into a trap with the upgrade offer.
[German]Microsoft security experts have observed various intrusion activities aimed at stealing the credentials of several Microsoft customers. These attacks by suspected state actors (China-Russia) were probably successful and were made possible by password spray attacks or via RDP.
[German]The list of bugs that have been introduced with Windows 11 24H2 is getting longer. In one of the last posts, users pointed out a bug in Explorer that may make it more difficult to use. If you click on the three-dot icon in the ribbon, a menu opens, but upwards – and the commands are cut off. However, there is a workaround.
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
[German]They do exist, useful examples of AI applications. The Project Zero team has now explained how it unleashed a Large Language Model (LLM) on software for vulnerability analysis in the "Big Sleep" project (the successor to "Naptime"). This uncovered a previously unknown SQLite vulnerability before it was incorporated into a generally released version. This shows the potential of AI for vulnerability analysis during software development.
[German]Automatic robot vacuum cleaners are now in many households. The devices are collecting many data and can spying on a user environment. How can the owner of such an appliance prevent data from flowing into the manufacturer's cloud? I have been in contact with a German blog reader about this topic and provide some information below.
[German]Brief addendum from this week: After Microsoft announced Windows Server 2025 (LTSC) in January 2024 (see Windows Server 2025 presented), it was generally released on November 1, 2024 (after a longer test phase). Corporate customers with a Software Assurance contract should be able to download the relevant ISOs from Microsoft.
[German]Does anyone from my readers use the Okta authentication service? Once again there is a security report about this provider. Okta has just closed a login vulnerability that allowed users to log in to certain accounts with any password since July 2024. However, I suspect that the vulnerability was not exploited due to numerous conditions.
[German]I'll summarize two known bugs in Windows 10 22H2 that Microsoft documented on October 22 and 30, 2024 and fixed or at least mitigated via KIR. It's about a black screen in Azure Virtual Desktop. And it's about apps that cannot be started by standard users. Here's what Microsoft has documented so far.
Continue reading
MVP:
2013 – 2016
WIMVP:
2017 – 2020
