Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Critical vulnerabilities CVE-2025-6018 and CVE-2025-6019 in Linux systems
[German]Security researchers from Qualys TRU have uncovered two linked, critical vulnerabilities in Linux. Starting with SUSE 15, the LPE chain leads directly to root access in standard configurations of many Linux distributions.
ASUS Armoury Crate vulnerability CVE-2025-3464 allows admin privileges in Windows
[German]Brief information for readers who use ASUS Armoury Crate on their Windows systems. The vulnerability CVE-2025-3464 in the software allows an attacker to gain administrator privileges under Windows. ASUS has since updated the software to close the vulnerabilities.
Citrix Netscaler ADC: Critical vulnerabilities, update urgently
[German]Various German blog readers have informed me that the provider Citrix has published several security advisories on critical vulnerabilities in the Netscaler ADC (and Gateway, and Secure Access Client for Window) as of June 17, 2025. Administrators are requested to … Continue reading
Veeam Backup & Replication 12.3.2 closes critical vulnerabilities (CVE-2025-23121 etc.)
[German]Users of Veeam Backup & Replication must react. The provider Veeam has released Veeam Backup & Replication 12.3.2 and Veeam Agent for Microsoft Windows 6.3.2 on June 17, 2025. Among other things, Veeam Backup & Replication 12.3.2 closes a critical … Continue reading
Archetype Market seized by Europol & Eurojust
[German]The darknet marketplace for drugs, Archetype Market, was seized and shut down by a Europe-wide law enforcement operation. This law enforcement operation took place in six countries with the support of Europol and Eurojust. Here is a rough overview.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Googles Cloud "Risk Protection Program" (RPP)
[GER]I'm posting some information here on the blog that I received from Google in mid-May 2025. Google Cloud has announced that it is expanding its Risk Protection Program (RPP) to over 30 EMEA markets (including DACH). The program is about … Continue reading
October 14, 2025: End of support for Windows 10 and other software
[German]On October 14, 2025, Microsoft Windows 10 22H2 will receive security updates for the last time and will then no longer be supported. But there are options to at least secure the operating system. Apart from this issue, other Microsoft … Continue reading
EchoLeak: First AI 0-Click vulnerability in Microsoft Copilot
[German]Security researchers have discovered the first zero-click vulnerability in an AI application. Unsurprisingly for me, this concerns Microsoft 365 Copilot. Attackers could use this vulnerability, known as EchoLeak, to force Microsoft 365 Copilot to exfiltrate data.
Patchday: Microsoft Office Updates (June 10, 2025)
[German]On June 10, 2025 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for Microsoft Office 2016, as well as the C2R variants (Office 2016-2021 and 365) and other products. This month, serious vulnerabilities in Office were … Continue reading
Windows network vulnerability CVE-2025-33073 (Reflective Kerberos Relay Attack)
[German]On June 10, 2025, Microsoft also patched the vulnerability CVE-2025-33073 with the security updates for Windows. This is a vulnerability in the Kerberos network protocol that was discovered by RedTeam Pentesting in January 2025. Below I disclose some information about … Continue reading