Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
LAPSUS$ exposes security vulnerabilities at tech companies
[German]I reported on the LAPSUS$ hacker group, which is reportedly made up of teenagers, here on the blog. Security researchers at Tenable have taken a closer look at the hacker group and published an analysis. The conclusion: the group's tactics … Continue reading
Microsoft Edge 103.0.1264.71 (July 22, 2022) with fix for vulnerability used in the wild
Microsoft has updated the Edge browser in the stable channel to version 103.0.1264.71 as of July 22, 2022. It is a maintenance update that also includes a fix for the vulnerability CVE-2022-2294. Thanks to the user for pointing this out.
Microsoft continues rollout for default disabling of Office VBA macros
[German] is once again moving forward with its plans to disable macros in Office 365 by default. Macros in Office are a gateway for malware such as Dridex, Emotet, Trickbot, Qbot, etc. It's an on-off story that Microsoft has been … Continue reading
Google blocks "Computing Machinery" because of alleged malware
[German]Google has been blocking the Computing Machinery (acm.org) website for several hours due to malware, triggering corresponding warnings in Chrome and Firefox browsers. Visitors can then only visit the pages at their own risk. I tracked it down – it … Continue reading
Confluence Security Advisory 2022-07-20
[German]Confluence released Security Advisory 2022-07-20 on July 20, and updated it today. The security advisory addresses Confluence accounts with hardcoded credentials created by Questions for Confluence. This affects the Confluence app for Confluence Server and Confluence Data Center.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
CISA: Windows vulnerability CVE-2022-22047 must be patched by Aug. 2, 2022
[German]U.S. Cyber Security Administration (CISA) has set a deadline of August 2, 2022 for U.S. institutions to fix the CVE-2022-22047 vulnerability, which is rated with a CVSS index of 7.8. This vulnerability in the Client Server Runtime Subsystem (CSRSS) affects … Continue reading
Posted in Security, Update, Windows
Tagged Patchday 7.2022, Security, Update, Windows
Leave a comment
Outlook.com 'account suspensions' due to unusual sign-in activities – is Microsoft's AI running amok, or are accounts compromised?
[German]Brief information to users who use private Microsoft accounts (i.e. no self-managed company accounts). Are you currently receiving security warnings for Outlook accounts, stating that these accounts are now blocked due to suspicious activities? Often with the note that suspicious … Continue reading
No password protection cause of Shanghai's police database leak
[German]A dashboard used to manage the database of Shanghai police authorities was not secured by a password for over a year and could be freely accessed via the Internet. This is likely the cause of the recently leaked Shanghain Police … Continue reading
Log4J: SMEs not aware of, DHS see problems for a decade
[German]The Log4Shell vulnerability in the Log4j library, which can be exploited in Java, is presumably present in many systems and software packages. The problem is likely to affect us for years to come, experts estimate, and it has not yet … Continue reading
Sality malware infected password cracking tool distributed for industrial PLCs and ISC
[German]Cyber criminals are promoting a tool on social networks that can be used to crack passwords in industrial control systems (ICS, PLCs). This is certainly useful for technicians who need to access PLCs (Programmable Logic Controllers) or ICSs (Industrial Control … Continue reading