Tag Archives: Security

Windows design flaw allows disabling user group policies since over 25 years

Posted on 2025-06-03 by guenni

[German]A somewhat unconventional design decision by the Windows developers makes it possible for attackers to locally override group policies for users (user group policies). Normal user rights and a dll file shipped with Windows are sufficient. Microsoft has no plans … Continue reading →

Posted in issue, Security, Windows | Tagged issue, Security, Windows | Leave a comment

Windows 11 24H2: PowerShell AppLocker/WDAC Script Enforcement was broken for months

Posted on 2025-06-02 by guenni

[German]On this occasion, I'll take up a topic that came to my attention at the beginning of May 2025. Administrators noticed that the PowerShell Script Enforcement in AppLocker/WDAC had been broken for months. Although this should now be fixed with … Continue reading →

Posted in Security, Windows | Tagged AppLocker, Powershell, Security, WDAC, Windows 11 24H2 | Leave a comment

Phishing with appointment invitations targets Office 365 accounts

Posted on 2025-05-31 by guenni

[German]I'm pick up on a topic that is somehow already known in this form. Owners of Microsoft Office 365 accounts receive appointment invitations that claim that an action needs to be carried out. But in the background is a phisher … Continue reading →

Posted in General, Office, Security, Software | Tagged MS 365, Outlook, Security | Leave a comment

Microsoft Phishing with MS 365 tenants?

Posted on 2025-05-30 by guenni

[German]I'd like to discuss an email I allegedly received from Microsoft regarding an "expiring tenant". Something needs to be ordered because the tenant, which has been inactive for more than 200 days, will otherwise expire. Is it a legitimate mail … Continue reading →

Posted in Cloud, Security, Software | Tagged Mail, MS 365, Phishing, Security | 10 Comments

BadSuccessor: Read up on the dMSA AD privilege increase issue

Posted on 2025-05-29 by guenni

[German]Recently, security researchers have pointed out a potential vulnerability lurking in the delegated Managed Service Accounts (dMSAs) newly introduced in Windows Server 2025. By abusing dMSAs, attackers can take over any principal in the domain. A security researcher is critical … Continue reading →

Posted in Security, Windows | Tagged Security, Windows Server 2025 | Leave a comment

Why ISL Online: Critical factors when choosing a remote desktop solution

[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...

The 4 most important password errors that jeopardize security

Posted on 2025-05-25 by guenni

[German]Even if Information Technology should move towards passwordless logins (passkey & Co.), logins using a user name and password are still widespread. Just as widespread are certain mistakes when choosing passwords, which jeopardizes security. I recently received an overview from … Continue reading →

Posted in Security | Tagged Security | 2 Comments

Suspected InfoStealer data leak exposes 184 million login data

Posted on 2025-05-24 by guenni

[German]Security researcher Jeremiah Fowler came across a freely accessible and unprotected database on the Internet. The find was quite something, as a look at the data sets suggests that it was probably data collected by InfoStealer malware. Records containing 184 … Continue reading →

Posted in Security | Tagged Security | 1 Comment

Operations Endgame, DanaBot-Net and Raptor disrupt infrastructure for ransomware attacks and more

Posted on 2025-05-24 by guenni

[German]Law enforcement officers seized 300 servers and 650 domains used for ransomware attacks this week in Operation Endgame. As a result, cybercriminal networks were dismantled, funds confiscated and some suspects arrested. Further actions against cybercriminals were carried out with the … Continue reading →

Posted in Security | Tagged Security | Leave a comment

BadSuccessor: Abusing dMSA to elevate privileges in Active Directory

Posted on 2025-05-23 by guenni

[German]Delegated Managed Service Accounts (dMSAs) have been introduced in Windows Server 2025. These are service accounts for the Active Directory (AD) that are intended to enable new functions. Security researchers have now discovered that by misusing dMSAs, attackers can take … Continue reading →

Posted in Security, Windows | Tagged Active Directory, Security, Windows Server 2025 | Leave a comment

Law enforcement officials seized Lumma Stealer infrastructure (May 2025)

Posted on 2025-05-22 by guenni

[German]Law enforcement officials seize Lumma Stealer infrastructure (May 2025)In a coordinated operation, US law enforcement officials have seized the infrastructure (C & C servers) of the Lumma infostealer and paralyzed its function. The malware is responsible for numerous cyberattacks on … Continue reading →

Posted in Security | Tagged Security | Leave a comment

Tag Archives: Security

Windows design flaw allows disabling user group policies since over 25 years

Windows 11 24H2: PowerShell AppLocker/WDAC Script Enforcement was broken for months

Phishing with appointment invitations targets Office 365 accounts

Microsoft Phishing with MS 365 tenants?

BadSuccessor: Read up on the dMSA AD privilege increase issue

Why ISL Online: Critical factors when choosing a remote desktop solution

The 4 most important password errors that jeopardize security

Suspected InfoStealer data leak exposes 184 million login data

Operations Endgame, DanaBot-Net and Raptor disrupt infrastructure for ransomware attacks and more

BadSuccessor: Abusing dMSA to elevate privileges in Active Directory

Law enforcement officials seized Lumma Stealer infrastructure (May 2025)

Translate

Blogs

Links

Social networks

Awards

Sponsors