Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Mass Scanning and Attacks on Confluence Enterprise Server
[German]A brief message for administrators of Confluence Enterprise servers. There is a critical vulnerability in this collaboration product that is being exploited. Currently, security researchers are detecting mass scans on the Internet for servers with the vulnerability in question. Here … Continue reading
Microsoft Defender for Endpoint Plan 1
[German]Ransomware is the biggest threat to businesses – and smaller companies in particular often lack the resources for a security solution. Microsoft has therefore introduced a new subscription for its antivirus solution Microsoft Defender for Endpoint. The so-called Plan 1 … Continue reading
Meltdown-like vulnerability in AMD Zen+ and Zen 2
[German]Security researchers have uncovered a vulnerability in AMD Zen+ and Zen 2 CPUs that is similar to the Meltdown vulnerability in Intel processors. AMD has created a mitigation guide for the vulnerability and published details on how the vulnerability works.
Exchange Server: Authentication bypass with ProxyToken
[German]In the April 2021 cumulative updates, Microsoft fixed a vulnerability in its on-premises Exchange servers that allowed attackers to change configuration without authentication. This would have allowed an unauthenticated attacker to change the configuration for mailboxes of arbitrary users. This … Continue reading
Master decryptor key published
[German]Victims of the Ragnarok ransomware, whose data was encrypted during an attack, can hope again. After the cyber-criminal has just ceased its operations, the master decryptor key has been published. With it, the encrypted files should be able to be … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Azure: Thousands of customers threatened by ChaosDB vulnerability in Azure Cosmos DB
[German]Heavy blow for users of the Microsoft Azure cloud if a Cosmos DB is involved (the DB stands for Data Breach, just no one has noticed yet). There was a severe vulnerability (now closed) that allowed attackers to take over … Continue reading
Synology warns about OpenSSL vulnerability in products (August 26, 2021)
[German]Synology has issued a security warning for its products as of August 26, 2021. Multiple vulnerabilities allow remote attackers to perform denial-of-service attacks or execute arbitrary code via a vulnerable version of Synology DiskStation Manager (DSM), Synology Router Manager (SRM), … Continue reading
Microsoft Security Update Releases and Revisions (2021/08/23)
[German]Microsoft has published two documents with Security Update Releases and Security Update Revisions as of August 23, 2021. The Security Update Releases affect Chromium browsers such as Edge, and identify vulnerabilities that have been patched. The Security Update Revisions concern … Continue reading
Exchange and ProxyShell: News from Microsoft and security experts
[German]I have reported several times on attacks on unpatched on-premises Exchange servers using the ProxyShell method in the blog. Now Microsoft has commented on this in an article and indicates which systems are at risk. In addition, I have received … Continue reading
Vulnerabilities in Realtek SDK put IoT devices at risk
[German]Security researchers at IoT Inspector have found multiple vulnerabilities in a Realtek SDK that allow unauthenticated attackers to fully compromise a device and execute arbitrary code with the highest privileges. The SDK is used by many OEMs to implement WiFi … Continue reading