Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Windows 10 upgrade breaks SAM access rights from 1809 upward, user access possible
[German]It seems that Windows 10 feature updates from version 1809 up to the current version 21H1 change the access rights to the SAM database so that non-administrative users can access it. The cause could be the volume shadow copies (Shadow … Continue reading
USA, EU, NATO, Microsoft & Co. Blame China for Hafnium Exchange Hack
[German]At the end of February, beginning of March 2021, there was a massive attack on Microsoft Exchange Server (see Exchange server 0-day exploits are actively exploited), in which many thousands of instances were hacked worldwide. Even then, the attacks were … Continue reading
Windows Hello login bypassed via infrared photo
[German]Security researchers from CyberArk have managed to trick Windows 10's Hello login (also included in Windows 11) in terms of logging in via facial recognition. All they needed was an infrared photo of the face in question, used on a … Continue reading
PrintNightmare: Point-and-Print allows installation of arbitrary files
[German]Regarding the problem, originally called PrintNightmare, that Windows systems are vulnerable via the print spooler service, there is a new warning. A remote print server that can be accessed by unauthorized parties allows arbitrary malicious files to be installed on … Continue reading
NSO Group's Pegasus spyware on many smartphones
[German]It started with a leaked list of about 50,000 phone numbers. Investigative research by the media then shed light on the surveillance of smartphone users by governments and private organizations. Numerous people around the world were spied on using Pegasus … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Reading: What was learned when Microsoft switched to a zero trust network architecture
[German]Zero Trust is a timely approach to addressing the cybersecurity challenges posed by the rise of telecommuting, the proliferation of personal devices and outdated physical security perimeters. At Microsoft, they have taken this step and learned various lessons, which Abbas … Continue reading
Security Settings for Failover Clustering
[German]Security is at the forefront of many administrator's minds and with Failover Clustering. Microsoft did some improvements with Windows Server 2019 and Azure Stack HCI with regards to security.
Microsoft Defender for Identity can detect PrintNightmare attacks
[German]Microsoft Defender for Identity (formerly Azure Advanced Threat Protection or Azure ATP) has been given the ability by Microsoft to detect and defend against attacks via the PrintNightmare vulnerability. This primarily affects exploitation of vulnerabilities in the Windows Print Spooler … Continue reading
Google Chrome 91.0.4472.164 fixes 0-day vulnerability
[German]Google has released Google Chrome 91.0.4472.164 for Windows, Mac and Linux on July 15, 2021. It is a security update that fixes 7 vulnerabilities in older browser versions at once. The browser should be patched quickly, as a 0-day vulnerability … Continue reading
Windows vulnerability PrintNightmare: It's not over yet (July 15, 2021)
[German]Bad news for Windows users, because the issue known as PrintNightmare, which vulnerabilities in the Print Spooler service can lead to privilege escalation, still exists. The special updates of July 6 and 7, as well as the regular security updates … Continue reading