Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Microsoft Security Update Summary (October 11, 2022)
[German]On October 11, 2022, Microsoft released security updates for Windows clients and servers, for Office, etc. – as well as for other products – were released. The security updates fix 84 vulnerabilities, 13 of which are critical and one 0-day … Continue reading
Exchange Server: New 0-day (not NotProxyShell, CVE-2022-41040, CVE-2022-41082)
[German]We're likely to get security updates for on-premises Exchange Server (2016-2019) in a few hours that will hopefully close the two 0-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) known since late September 2022. But there is likely another 0-day vulnerability in Exchange Server … Continue reading
US President Biden signs Executive Order for "Privacy Shield 2.0" data protection agreement
[German]On October 7, 2022, U.S. President Joe Biden launched the new data protection agreement with the European Union, referred to here as "Privacy Shield 2.0," by means of an Executive Order (E.O.). This is intended to clear the legal way … Continue reading
Meta finds over 400 mobile apps stealing Facebook credentials in 2022
[German]Facebook parent company Meta said that it's security researcher has already identified more than 400 malicious mobile apps this year that are out to steal their users' Facebook credentials. The problem could affect 1 million Facebook users who have installed … Continue reading
U.S. authorities publish top 20 vulnerabilities exploited by China's state hackers
[German]In a joint Cybersecurity Advisory (CSA), the U.S. National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) released a list of key vulnerabilities (CVEs) exploited by state-sponsored cyber actors in the People's Republic … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Warning: Sophos XG firewall vulnerability CVE-2022-3236 under massive attack
[German]A few hours ago, information came to my attention on Twitter that the RCE vulnerability CVE-2022-3236 in Sophos XG Firewalls is under massive attack. I had reported about the vulnerability in September 2022 and recommended patching it immediately. Here are … Continue reading
German security vendor DCSO finds Maggie backdoor in MS SQL servers
[German]Technical threat research experts from German security firm DCSO recently came across a new type of backdoor. Dubbed Maggie, the malware targets Microsoft SQL servers, and an analysis found hundreds of infected installations worldwide. Here is a brief overview of … Continue reading
Microsoft's 0-day protection bypassed, new assessments (Oct. 3, 2022)
[German]A 0-day vulnerability (ZDI-CAN-18333) in Microsoft's on-premises Exchange Servers (2013, 2016, and 2019) has been known since late September 2022. The vulnerabilities (CVE-2022-41040, CVE-2022-41082) are already being exploited in the wild. Microsoft did respond and published a workaround as well … Continue reading
Update on Exchange Server 0-day Vulnerability ZDI-CAN-18333: Fixes, Scripts and EMS Solution
[German]The 0-day vulnerability ZDI-CAN-18333 in Microsoft's on-premises Exchange Servers (2013, 2016 and 2019) became public at the end of September. The vulnerabilities (CVE-2022-41040, CVE-2022-41082) are already being exploited in the wild. Now Microsoft is rolling out URI rewrite rules via … Continue reading
Serious vulnerabilities in Cisco networking hardware (Sept. 2022)
[German]Short addendum from this week. The manufacturer Cisco has published extensive security advisories and updates for its network hardware as of September 28, 2022. The updates affect switches and wireless controllers from this manufacturer, among others. Attackers could disrupt the … Continue reading