Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Outage due to expired certificate (2022/05/31/)
[German]A few days after the nationwide outage of Verifone H5000 card terminals in Germany (since May 24, 2022, still ongoing) for cashless payment (there is rumor that an expired certificate could be the root cause) there is the next case. … Continue reading
Interpool arrests 3 Nigerian BEC cybercriminals (June 2, 2022).
[German]Three Nigerians suspected as masterminds of global online fraud have now been arrested by Nigerian police in INTERPOL's Operation Killer Bee. The operation is an INTERPOL effort to combat malware cyber fraud across Southeast Asia. The BEC fraudsters used the … Continue reading
0-day vulnerability CVE-2022-26134 in Atlassian Confluence Software
[German]Security researchers from Volexity discovered a 0-day vulnerability (CVE-2022-26134) in Atlassian Confluence software over the weekend. This vulnerability is being actively exploited – this is what brought the issue to the attention of the security researchers. Currently, the urgent advice … Continue reading
SearchNightmare: Windows 10 search-ms: URI Handler 0-day Exploit with Office 2019
[German]Following the discovery of the Follina vulnerability exploit (CVE-2022-30190) via the Windows ms-msdt protocol, this bastion is being "stormed". A hacker looked at the search-ms: URI handler in Windows 10 and developed an exploit similar to Follina. With the help … Continue reading
0Patch Micro patch against Follina vulnerability (CVE-2022-30190) in Windows
[German]The ACROS Security team around founder Mitja Kolsek has released a micro-patch to close the 0-click Microsoft Diagnostic Tool remote code vulnerability (CVE-2022-30190, Follina). The micro-patch is available for all customers with Windows and the 0patch agent free license. Here … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Follina vulnerabilitiy (CVE-2022-30190): Status, Findings, Warnings & Attacks
[German]Since the weekend, a new Windows vulnerability CVE-2022-30190 in combination with Microsoft Office has been knows under the name Follina. In the meantime, the US CISA and also the BSI have warned about this vulnerability – while security researchers have … Continue reading
Flubot Android Trojan infrastructure shut down by Europol
[German]The Android banking Trojan Flubot caused major damage to victims on Android systems since 2021. The last major campaign was reported a few days ago. Now Europol seems to have managed to shut down the infrastructure of the Flubot Android … Continue reading
Firefox 101.0 and 91.10esr released – with security fixes
[German]Mozilla developers have released versions 101.0 and 91.10esr of the Firefox browser on May 31, 2022. These are maintenance updates, which fix bugs critical vulnerabilities.
Microsoft Edge 102.0.1245.30 (security update, May 31, 2022)
[German]Microsoft has published a security advisory on May 31, 2022, to point out various closed vulnerabilities in the Chromium Edge browser. At the end of the month, Edge version 102.0.1245.30 was released to fix 24 vulnerabilities.
Follina: Attack via Word documents and ms-msdt protocol (CVE-2022-30190)
[German]A new attack vector has been known since the weekend that abuses the Microsoft Support Diagnostics Utility via the ms-msdt: protocol to download and abuse malicious Word documents (or Excel spreadsheets) from the web. Microsoft has since issued a support … Continue reading