Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
0patch fixes ms-officecmd RCE vulnerability in Windows
[German]The security team of ACROS Security around founder Mitja Kolsek has just developed a micro patch to close a remote code execution vulnerability in the ms-officecmd handler of Windows and released it for customers with a 0patch PRO or Enterprise … Continue reading
Windows 10 Version 21H2 Security Baseline
[German]Microsoft has updated the so-called Security Baseline (a tool for security administrators in companies) for Windows 10 version 21H2 and released it generally. In the current version, not only the latest Windows 10 version is supported. There are also special … Continue reading
Microsoft Teams Bugs: Blocks Emergency calls, unpatched phishing vulnerability since March 2021
[German]Another collective article on Microsoft Teams, which is widely used, but has a somewhat idiosyncratic implementation and above all is teeming with bugs and attracts negative attention in this regard every now and then. Today on offer: Since March 2021, … Continue reading
WordPress: 800,000 websites compromisable by All in One SEO plugin
[German]The popular WordPress plugin All in One SEO has two vulnerabilities (CVE-2021-25036 and CVE-2021-25037), which make the corresponding installations vulnerable. Since the plugin is quite popular, you should immediately look to get an updated version. Otherwise, the WordPress instance will … Continue reading
Microsoft warns against Active Directory domain takeover due to unpatched vulnerabilities
[German]Microsoft warned of a new threat in a Techcommunity post on December 20, 2021. In November 2021 patchday, vulnerabilities CVE-2021-42287 and CVE-2021-42278 were fixed by Windows updates. Since December 2021, a proof of concept (PoC) has been available that abuses … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Backdoor CVE-2021-40859 in Auerswald PBX systems (e.g. COMpact 5500R 7.8A & 8.0B) fixed
[German]Auerswald s a German manufacturer of telephone systems for corporate use. Security researchers have discovered backdoors in the firmware of Auerswald telephone systems (e.g. COMpact 5500R) that could be used to reset the administrator password. This was disclosed on 20.12.2021. … Continue reading
Ransomware attacks on CompuGroup Medical SE & Co. KGaA
[German]CompuGroup Medical SE & Co. KGaA, a major medical services provider, has been the victim of a cyberattack. The Koblenz-based medical services provider admitted as much on Monday, Dec. 20, 2021. The internal IT systems are likely affected, which should … Continue reading
Vulnerabilities CVE-2021-3922, CVE-2021-3969 in ImController of Lenovo Notebooks
[German]Lenovo notebooks and devices that use the ImController service are vulnerable to a privilege escation vulnerability. This can allow attackers to execute commands with administrator privileges on the devices. However, there is an update to address both vulnerabilities.
Belgian Ministry of Defense affected by Log4j?
[German]The vulnerability CVE-2021-44228 in the JAVA library log4j is drawing wider circles. The Belgian Ministry of Defense may have shut down its networks after a serious cyberattack, admitting as much in the night from Sunday to Monday. Reports suggests that … Continue reading
Data protection incident at erotic store Amorelie (Dec. 2021)
[German]The erotic mail order company Amorelie has just informed its customers about a data protection incident. Customer data from orders for seven years had been accessible to unauthorized third parties through a vulnerability frome March up to November 2021. There … Continue reading