Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Data leak at online provider windeln.de confirmed
[German]The German online vendor windeln.de operated an insecure server, so that the personal data of 700,000 customers could be accessed. After I reported about it here in the blog and the whole thing went further afield, the provider issued a … Continue reading
Data leak: Corona test results of almost 400,000 Slovaks public
[German]Serious data leak in Slovakia: The corona test results of almost 400,000 Slovaks were publicly available on the Internet. There is no need for hackers anymore if personal data is handled so carelessly.
Video Encoder for HiSilicon-Chips (Huawei) with critical vulnerabilities
[German]Security researcher Alexei Kojenov has discovered serious security vulnerabilities in software video encoders written for HI3520D chipsets from Huawei subsidiary HiSilicon. Because of a discovered access with a standard password, he even writes from a backdoor.
Firefox Send has been abandoned
[German]Short information for users of the service Firefox Send. Mozilla is now finally abandoning Firefox Send and stopping this service. The reason is abuse for malware spreading and spear phishing.
0patch fixes Zerologon (CVE-2020-1472) vulnerability in Windows Server 2008 R2
[German]ACROS Security has released a micropatch for the vulnerability CVE-2020-1472 (Zerologon) for Windows Server 2008 R2. This vulnerability is only closed by Microsoft starting with Windows Server 2012 R2.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Ransomware attack in German hospital ends deadly for a women – blame Shitrix vulnerability
[German]The cyber attack on the University Hospital Düsseldorf (UKD) last week turns out to be a ransomware attack, as I suspected. The clinic was probably a random victim, but now the public prosecutor's office is investigating, since a patient died … Continue reading
Windows Server: Zerologon vulnerability (CVE-2020-1472) allows domain hijacking
[German]Security researchers have uncovered a vulnerability in all versions of Windows Server that allows domain transfer with a simple approach. This vulnerability, called Zerologon (CVE-2020-1472), was closed with the security updates of August 2020. Those who have not yet installed … Continue reading
0patch fixes CVE-2020-1380 in Windows 7/Server 2008 R2
[German]ACROS Security has released a micropatch for the vulnerability CVE-2020-1380 (Internet Explorer scripting engine memory corruption ) for Windows 7 and Server 2008 R2 (without ESU license). The vulnerability is now being exploited.
Data leak at online shop windeln.de
[German]German online shop windeln.de operated an insecure Elastic-Search server so that the personal data of 700,000 customers could be accessed via Internet. Here are details what I know so far (what the security researcher has told me).
Mailfire data leak reveals data from adult sites
[German]There is once again a data leak to report, but it is likely to be minor for those affected – because security researchers have discovered the data leak. The marketing company Mailfire acting on Cyprus revealed data of over 70 … Continue reading