Blogs
Links
Archives
Categories
Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Sponsors
(Paypal-Donations)Recent Comments
- Bernd Kastenbrot on Windows Server 2022: RDS bug (RDCB role broken) caused by KB5011497, not fixed in May 2022
- Bruce Roberts on Office 365 version 2206.15330.20196: Excel bug prevents display of cell contents (OP396850)
- Lars220 on Office 365 version 2206.15330.20196: Excel bug prevents display of cell contents (OP396850)
- AstraLocker on AstraLocker terminates activities and releases Decryptor
- AstraLocker on AstraLocker 2.0: Infection via Word attachment
Meta
Recent Comments
- Bernd Kastenbrot on Windows Server 2022: RDS bug (RDCB role broken) caused by KB5011497, not fixed in May 2022
- Bruce Roberts on Office 365 version 2206.15330.20196: Excel bug prevents display of cell contents (OP396850)
- Lars220 on Office 365 version 2206.15330.20196: Excel bug prevents display of cell contents (OP396850)
- AstraLocker on AstraLocker terminates activities and releases Decryptor
- AstraLocker on AstraLocker 2.0: Infection via Word attachment
Archives
Categories
Meta
Tag Archives: Security
Cisco Security Advisories (July 6, 2022)
[German]Cisco has published extensive security warnings for various products as of July 6, 2022. Of a total of new CVEs, one in Cisco Expressway and Telepresence Vdieo communication servers is rated critical, one vulnerability in Smart Software Manager is rated … Continue reading
Advertising
OpenSSL 3.0.4 Vulnerability CVE-2022-2274: Heap Memory Corruption with RSA Private Key Operation
[German]A vulnerability CVE-2022-2274 exists in OpenSSL that could lead to heap memory corruption with RSA private key operations. It affects OpenSSL 3.0.4 and the vulnerability is rated High in severity. A second vulnerability CVE-2022-2097 causes AES OCB to fail to … Continue reading
AstraLocker terminates activities and releases Decryptor
[German]Strange things are happening at the moment. The threat actor behind the lesser-known AstraLocker ransomware seems to want to stop its activities. The actor plans to switch to cryptojacking and has published an archive of AstraLocker decryption programs. I'll try … Continue reading
Advertising
Hacker sells 1 billion personal data from Shanghai police data base for 10 bitcoins
[German]US media report that a hacker is currently trying to sell a 23 terabyte data set for the price of 10 bitcoins (around 195,000 euros). The dataset is said to contain 1 billion personal data of the population from a … Continue reading
AstraLocker 2.0: Infection via Word attachment
[German]Security researchers from ReversingLabs have tracked down a relatively unknown malware, which they have named AstraLocker. In version 2.0, the attackers have taken to loading the malicious payload directly from a Word document that is included as an attachment to … Continue reading
Advertising
Security for Kubernetes: Pitfalls and Solutions
The use of virtualized containers with functions is in vogue. Orchestration solutions, such as Kubernetes, are used to manage the containers. However, if this solution is compromised, this affects all managed containers. The question therefore arises about the security of … Continue reading
Lookout explains: Security Service Edge (SSE) and the future of cloud security
[German]Recently I came across a piece of information from security vendor Lookout about the future of cloud security and the term SSE. Sundaram Lakshmanan, CTO of SASE Products at Lookout, explains what SSE is. And he describes the three core … Continue reading
0patch fixes all known and exploitable Windows NTLM/Kerberos vulnerabilities
[German]In recent months, a number of vulnerabilities and attack mechanisms have become known that could be used to siphon off credentials (NTLM/Kerberos). Not all vulnerabilities are easily exploitable, not everything has been fully patched by Microsoft. ACROS Security has now … Continue reading
Advertising
Unauthorized RCE CVE-2022-28219 in Zoho ManageEngine ADAudit Plus
[German]Security researcher Naveen Sunkavally of Horizon3.ai recently discovered vulnerability CVE-2022-28219. This allows remote code execution without further authentication by the attacker and affects Zoho ManageEngine ADAudit Plus. This is a compliance tool used by enterprises to monitor changes to Active … Continue reading
Kaspersky finds SessionManager backdoor left by malware in IIS/Exchange servers worldwide
[German]Security vendor Kaspersky has come across a little-known backdoor, undetected by antivirus solutions, that leaves malware on Microsoft Exchange servers in the IIS module. There are infections of the so-called SessionManager backdoor in Exchange systems worldwide. The SessionManager backdoor enables … Continue reading
