Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
VMware vulnerability CVE-2022-22954 threatened by ransomware, end of support for ESXi 6.5 & 6.7
[German]Various VMware products contain the critical vulnerability CVE-2022-22954 , for which a security update was provided back in April 2022. I had addressed the vulnerability in the blog post Warning: critical vulnerabilities in VMware products (April 6, 2022).
Outlook stores IMAP password DAPI-encrypted in the registry
[German]Another little hint on Sunday. Microsoft's developers store the passwords for accessing IMAP accounts for Outlook in the registry. Is indeed DAPI-encrypted, but can be decrypted in the system with an API call. This approach is also used by tools … Continue reading
Confirmed: Metro Group victim of cyber attack
[German]Since Monday, October 17, 2022, many Metro stores worldwide have been struggling with severe IT problems. I had already suspected a cyber attack on the Metro Group in a post and I had reports from Austria, from France as well … Continue reading
Cyber attack on Metro AG or just a IT break down? Austria, France, German (and more countries?) affected
[German]Gastronomy wholesaler Metro group is facing currently serious computer issues in it's stores – I guess world wide. First the question raised: Was there a cyber attack on the Metro Group in Austria? At least that's what the information I … Continue reading
Microsoft data leak, customer data affected (Oct. 2022)
[German]There has been a major data leak at Microsoft, where customer data was probably publicly accessible. A security company found a misconfigured server with the data on the Internet and informed Microsoft in September. This is likely to affect some … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Vulnerability in Apache Commons (similar to Log4Shell)
[German]There is a vulnerability in Apache Commons, similar to Log4Shell, which can be exploited to inject malicious JAVA code. Blog reader Ludwig L. emailed me about this issue, which is described in more detail by Sophos in the post Dangerous … Continue reading
MDaemon Technologies (AltN) has become a victim of a cyber attack (Ransomware)
[German]Quick note for people who use AltN (MDaemon Technologies) email servers. The provider has fallen victim to a cyberattack – the systems have been infected by ransomware. At the moment, their entire business operations should be at a standstill. Here … Continue reading
Windows: 0Patch Micropatch for MOTOW ZIP file bug (0-day, no CVE)
[German]Since May 2022, a bug has been known to exist in Windows that prevents the "Mark of the Web" flag from being set for files extracted from ZIP archives. Microsoft itself has not yet released a patch for this 0-day … Continue reading
Warning: Phishing Mail from "Microsoft" suggesting a password change
[German]Warning regarding a new phishing campaign that a blog reader alerted me to via email today (October 17, 2022). The mail apparently comes from Microsoft and claims that the password for the email account has been changed. If one had … Continue reading
Windows Update KB5012170 (Secure Boot DBX) re-released for WSUS (Oct. 2022)
[German]Brief information for administrators in the Windows environment. A reader just informed me that Windows Update KB5012170 has been re-released in WSUS. This update was released on Patchday, August 9, 2022 to fix issues in Secure Boot DBX. However, this … Continue reading