Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Windows October 2022 Patchday: Fix for Domain Join Hardening (CVE-2022-38042) prevents domain join
[German]I'm posting a first warning about the October 2022 security updates for Windows here on the blog because a reader from the business environment pointed it out to me. The domain join hardening changes made with the updates to close … Continue reading
Posted in issue, Security, Update, Windows
Tagged NetJoinLegacyAccountReuse, Patchday 10.2022, Problem, Security, Update, Windows
11 Comments
Patchday: Windows 10-Updates (October 11, 2022)
[German]On October 11, 2022 (second Tuesday of the month, patchday at Microsoft), several cumulative updates were released for the supported Windows 10 builds (from RTM version to current version) as well as for the Windows Server counterparts. Here are some … Continue reading
Microsoft Security Update Summary (October 11, 2022)
[German]On October 11, 2022, Microsoft released security updates for Windows clients and servers, for Office, etc. – as well as for other products – were released. The security updates fix 84 vulnerabilities, 13 of which are critical and one 0-day … Continue reading
Exchange Server: New 0-day (not NotProxyShell, CVE-2022-41040, CVE-2022-41082)
[German]We're likely to get security updates for on-premises Exchange Server (2016-2019) in a few hours that will hopefully close the two 0-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) known since late September 2022. But there is likely another 0-day vulnerability in Exchange Server … Continue reading
US President Biden signs Executive Order for "Privacy Shield 2.0" data protection agreement
[German]On October 7, 2022, U.S. President Joe Biden launched the new data protection agreement with the European Union, referred to here as "Privacy Shield 2.0," by means of an Executive Order (E.O.). This is intended to clear the legal way … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Meta finds over 400 mobile apps stealing Facebook credentials in 2022
[German]Facebook parent company Meta said that it's security researcher has already identified more than 400 malicious mobile apps this year that are out to steal their users' Facebook credentials. The problem could affect 1 million Facebook users who have installed … Continue reading
U.S. authorities publish top 20 vulnerabilities exploited by China's state hackers
[German]In a joint Cybersecurity Advisory (CSA), the U.S. National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) released a list of key vulnerabilities (CVEs) exploited by state-sponsored cyber actors in the People's Republic … Continue reading
Warning: Sophos XG firewall vulnerability CVE-2022-3236 under massive attack
[German]A few hours ago, information came to my attention on Twitter that the RCE vulnerability CVE-2022-3236 in Sophos XG Firewalls is under massive attack. I had reported about the vulnerability in September 2022 and recommended patching it immediately. Here are … Continue reading
German security vendor DCSO finds Maggie backdoor in MS SQL servers
[German]Technical threat research experts from German security firm DCSO recently came across a new type of backdoor. Dubbed Maggie, the malware targets Microsoft SQL servers, and an analysis found hundreds of infected installations worldwide. Here is a brief overview of … Continue reading
Microsoft's 0-day protection bypassed, new assessments (Oct. 3, 2022)
[German]A 0-day vulnerability (ZDI-CAN-18333) in Microsoft's on-premises Exchange Servers (2013, 2016, and 2019) has been known since late September 2022. The vulnerabilities (CVE-2022-41040, CVE-2022-41082) are already being exploited in the wild. Microsoft did respond and published a workaround as well … Continue reading