Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Vulnerability in MediaTek chips used in Android smartphones
[German]Security researchers from Check Point have discovered a vulnerability in an Android APU, the APU is the AI Processing Unit in MediaTek chips. The security researchers warn that users can be eavesdropped via the audio processor. The Mediatek chips are … Continue reading
YARP: Yet Another Reverse Proxy
[German]Today a short info splitter for tinkerers among the blog readership. With YARP (stands for Yet Another Reverse Proxy) a free framework is available to generate a reverse proxy. The framework has been provided by Microsoft teams.
ProxyShell, Squirrelwaffle and a new PoC Exploit, patch your Exchange Server!
[German]Currently, I warn about running unpatched Exchange vulnerabilities and ProxyShell attacks almost on a daily basis. A few days ago, Trend Micro issued a warning about attacks against ProxyShell vulnerabilities via the Squirrelwaffle exploit and the takeover of Exchange email … Continue reading
0-Day LPE Vulnerability in Windows Installer (Nov. 2021)
[German]A security researcher has found a 0-day vulnerability in Windows Installer that allows a local attacker to gain administrative privileges. The 'Windows Installer Elevation of Privilege' vulnerability CVE-2021-41379 has been patched in November 2021. But there is a workaround, the … Continue reading
Hoster GoDaddy hacked, and 1.2 Millions of customers affected
[German]This is a heavy stroke for many people with web presences. The US hoster GoDaddy has become a victim of a cyberattack. The attackers managed to gain access to the Managed WordPress hosting environment of this provider.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
QNAP has released NAS security updates and disabled an app
[German]NAS system vendor QNAP has released security updates for its firmware. In addition, an app is disabled for security reasons, because remote attackers can inject code into the firmware of the NAS storage. It seems that there is no security … Continue reading
Cyber attack on Danish wind turbine manufacturer Vestas (Nov. 2021)
[German]Last week Friday, November 19, 2021 there seems to have been a cyber attack on the Danish wind turbine manufacturer Vestas. The company had to shut down its IT systems as a result and is currently trying to bring IT … Continue reading
Banking Trojan Mekotio Returns to Latin America
[German]Banking Trojan Mekotio returns in Latin AmericaCheck Point reports that the sophisticated banking Trojan Mekotio has returned in Latin America. In July this year, Spanish police had caught 16 suspects for money laundering related to the malware. Now the malware … Continue reading
Windows 10: Elevation of Privilege Vulnerabilities in Update Assistant; and CVE Revisions
[German]Short addendum from this week. Microsoft has issued a security warning for November 16, 2021. It states that the Windows 10 Update Assistant Elevation of Privilege has security vulnerabilities. Specifically, it is about two vulnerabilities CVE-2021-42297 and CVE-2021-43211. In addition, … Continue reading
Facebook's outage and identity management dependencies
[German]On October 4, 2021, there was a worldwide, six-hour IT outage at the U.S. company Facebook. What many users didn't have on their radar: The outage showed the dependencies many users and businesses have on Facebook identity management. Here's some … Continue reading