Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Windows PowerShell backdoor discovered, mimicking as part of Windows Update process
[German]Security researchers from SafeBreach recently came across a previously unknown PowerShell backdoor in Windows. This uses a malicious Word document to inject the PowerShell scripts. The backdoor can list Active Directory users and remote desktops, and is presumably intended to … Continue reading
OpenSSL 3.0.7 with patch for vulnerability on Nov. 1, 2022 announced
[German]A small advance notice for users of OpenSSL – there seems to be a vulnerability in the implementation of this software. Now the team of OpenSLL developers has announced that they will release an update to version 3.0.7 on November … Continue reading
Iran: Hacker attacks on nuclear energy agency and industrial facilities
[German]Since the political turmoil, government agencies and companies in Iran have found themselves in the focus of hackers who successfully break into IT systems. Web presences of TV stations are changed or the hackers penetrate IT systems and extract data. … Continue reading
Windows: 0Patch micropatch for MotW bypassing 0-day (no CVE)
[German]A new bug in Windows has been known for a few days that prevents the "Mark of the Web" flag from being evaluated for broken signatures. Microsoft itself has not yet released a patch for this 0-day vulnerability. The vulnerability … Continue reading
Chrome 107.0.5304.87/ 107.0.5304.88/107.0.5304.91 security updates
[German]Google has released security updates for Google Chrome in the 107 branch in the stable and extended channel for Mac, Linux and Windows as well as for Android on October 27, 2022. It does so in an update that closes … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Windows: Dangerous IE-based vulnerabilities
[German]Security researchers at Varonis Threat Labs have uncovered two Windows vulnerabilities that can create large blind spots for security software and take down machines via DoS attacks. LogCrusher and OverLog exploit the Internet Explorer-specific MS-EVEN event log, which is present … Continue reading
Data protection commissioner of Baden-Württemberg (Germany) considers US President Biden's Executive Order for a data protection agreement "Privacy Shield 2.0" with European Union as insufficient
[German]On October 7, 2022, U.S. President Joe Biden launched the new data protection agreement with the European Union, referred to here as "Privacy Shield 2.0", by means of an Executive Order. The aim: to clear the legal way for data … Continue reading
Suspected administrator of "Germany on the Deep Web" arrested
[German]The German Federal Criminal Police Office (BKA) has announced the arrest of a 22-year-old man who is suspected to have been the administrator and operator of the German platform on the Deep Web, which has been active since November 2018. … Continue reading
Avast Anti-Rootkit Driver Used in Ransomware Attack to Increase Authorization
[German]Ransomware groups continue to develop new tactics, techniques, and procedures (TTPs) to bypass protections during attacks. On the other hand, protections on endpoints and networks continue to evolve. The Microsoft Detection and Response Team (DART) published a case report the … Continue reading
Windows 0-day (Mark of the Web) used for ransomware attacks via JavaScript
[English]The days I had reported about an unfixed 0-day vulnerability, Mark of th e Web (MOTOW), in Windows for which there is an unofficial fix. Now a report has come to my attention that a 0-day vulnerability in this area … Continue reading