Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Attacks on VMware vCenter servers, proof of concept available
[German]At the end of May, in the post Vulnerability CVE-2021-21985 in vSphere Client, patch it! I had reported about a CVE-2021-21985 vulnerability in VMware vSphere client and called for patching. Now, not only has a proof of concept (PoC) become … Continue reading
Tenable reveals unpatched installer vulnerability in macOS
[German]Security vendor Tenable has uncovered several security-related issues affecting macOS application installers at once. One of these problems is the possibility to bypass macOS' standard security mechanisms regarding signed application installers. These are actually supposed to prevent the execution of … Continue reading
PoC for Hyper-V vulnerability (CVE-2021-28476) in vmswitch.sys
[German]There is a remote code execution vulnerability (CVE-2021-28476) in Microsoft's Hyper-V virtualization solution that allows a guest-to-host attack. Microsoft provided security updates in May 2021, so the vulnerability could be closed. Now a security researcher has published a proof of … Continue reading
Chinese UC browser leaks user data in iOS and Android, even in Inkognito mode
[German]The Chinese company Alibaba offers an app called UC Browser for Android and iOS via its subsidiary UCWeb (resides in Singapore). The browser is ranked fourth in the world by the number of users. Now it has come out that … Continue reading
Epsilon Red ransomware targets unpatched Exchange servers
[German]Brief warning to administrators of Microsoft Exchange servers. While investigating an attack on a major U.S. hospitality company, security firm Sophos has discovered a new ransomware called Epsilon Red. Red Epsilon exploits unpatched vulnerabilities in Microsoft Exchange servers to infect … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
3 years of GDPR: Further ambiguity in companies
[German]Three years ago, on May 25, 2018, the General Data Protection Regulation (GDPR) came into force. This meant enormous changes for many companies with regard to the storage and processing of data – although the GDPR had not introduced anything … Continue reading
Insides about Crime & Surveillance App Citizen
[German]A hacktivist has managed to pull huge amounts of data from the crime app Citizen and subsequently published it on the dark web. The dataset contains 1.7 million "incidents" (the notifications in the app), which reveals new insights into how … Continue reading
New (Python) virus for Windows found with unknown origin
[German]German blog reader Christian contacted me yesterday by mail because he encountered a virus (Trojan) at some of his customers that was not detected by Microsoft Defender so far. There is not much information about the virus yet – unfortunately … Continue reading
Data leak at Fintech Klarna: Third-party accounts viewable
[German]I already know why I don't let financial service providers or fintechs access my bank accounts via app. According to media reports, Swedish payment service provider Klarna experienced a serious data protection breach. Users who used the Klarna app were … Continue reading
Vulnerability CVE-2021-21985 in vSphere Client, patch it!
[German]VMware has issued an urgent security warning to users of vSphere. The vSphere Client (HTML5) contains a critical vulnerability CVE-2021-21985 that could allow remote code execution due to a lack of input validation in the Virtual SAN Health Check plug-in, … Continue reading
Posted in Security, Software, Virtualization
Tagged Security, Virtualization, VMware
Leave a comment