Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Kaseya allegedly demands NDA against decryption tool
U.S. manufacturer Kaseya was the victim of a supply chain attack, and as a result, systems belonging to about 1,500 customers were encrypted with ransomware. Kaseya said this week that it has a universal decryptor to decrypt customer files. Affected … Continue reading
Security Updates for Cisco Intersight Virtual Appliance
[German]Several vulnerabilities (CVE-2021-1600, CVE-2021-1601) exist in IPv4 and IPv6 forwarding in the Cisco Intersight Virtual Appliance. These vulnerabilities could allow an unauthenticated, adjacent attacker to access sensitive internal services through an external interface. However, Cisco has since provided security updates … Continue reading
Microsoft's mitigations of Windows PetitPotam NTLM relay attacks
[German]Yesterday, July 24, 2021, I had reported about a new attack vector called PetitPotam that can be used to take over Windows domain controllers by means of an NTLM relay attack (see my post PetitPotam attack allows Windows domain takeover). … Continue reading
Warning: Fake Windows 11 installer ships malware
[German]The curiosity about Windows 11 tempts some users to install pre-release versions on their computers. This is not a problem, as there are corresponding installation images directly from Microsoft for Windows Insiders as regular updates for Windows 10 machines. However, … Continue reading
LemonDuck and LemonCat malware boost activity
[German]LemonDuck and LemonCat is malware that both acts as a bot and mines crypto-money. LemonDuck can run on different platforms (Linux, Windows), threatening machines on corporate networks. According to Microsoft, this malware has been poorly documented so far, which is … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Discord is becoming more and more of a malware dump
[German]A report from security vendor Sophos indicates that cyber criminals are increasingly abusing the successful chat service Discord to host, spread and control malware. Most notably, the malware aims to grab data from Discord users. During the investigation period, it … Continue reading
News about Windows 10 vulnerability HiveNightmare
[German]Microsoft has revised the security advisory for the HiveNightmare vulnerability in Windows 10 (from version 1809) this week. I also have an analysis of the vulnerability from Sophos. And security researcher Kevin Beaumont had posted a proof-of-concept including description on … Continue reading
Sequoia: LPE Vulnerability CVE-2021-33909 in Linux
[German]Security researchers from Qualsys have discovered a Local Privilege Escalation (LPE) vulnerability CVE-2021-33909 in the filesystem layer of the Linux kernel. In addition, a second vulnerability CVE-2021-33910 has been discovered. Linux distributions such as Debian, Fedora and Ubuntu are vulnerable … Continue reading
HiveNightmare: New details about Windows vulnerability CVE-2021-36934
[German]Windows 10 has a serious vulnerability CVE-2021-36934 as of version 1809, which allows the Security Accounts Manager (SAM) database to be read via VSS shadow copies. This opens the door for local attackers to gain privileges from administrators and potentially … Continue reading
Serious vulnerability in printer drivers from HP, Xerox and Samsung
[German]There has been a severe vulnerability CVE-2021-3438 in the printer drivers of the manufacturers HP, Xerox and Samsung (presumably only laser printers) for 16 years, which affects millions of devices. The vulnerability was reported to HP on February 18, 2021, … Continue reading