Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Attacker can abuse Microsoft Team Updater to install Malware
[German]The Updater from Microsoft teams can be misused by hackers as Living off the Land-Binary (LoLBin) to install malware remotely on the user's system. Microsoft's efforts to eliminate this vulnerability work to some degree, but ultimately cannot stop attackers from … Continue reading
Defender blocks redirected Microsoft hosts entries – Part 3
[English]Microsoft has begun to block redirects in the Windows native hosts file that affect Microsoft sites in its antivirus products such as Microsoft Defender. The redirects are flagged as malicious (as HostFileHijack). I already mentioned that in part 2 of … Continue reading
Twitter hack of July 2020: First arrests
In the blog post Twitter accounts hacked (July 15, 2020) I had reported about a successful hack of Twitter accounts. The hackers had captured Bitcoins in the six-digit dollar range from their victims. Now there have been first arrests – … Continue reading
Zoom-Meeting: Passwords within minutes crackable
[German]Heavy story- the video service Zoom boasts of 'increased security', but makes beginner's mistakes. For example, passwords with 6 digits were assigned by default for private meetings, which could be easily cracked by brute force.
Microsoft Edge 84.0.522.49 released
[German]Microsoft issued a security advisory on July 30, 2020, which indicates the new security update for the Chromium Edge Browser to version 84.0.522.49. Addendum: And on 31.07.2020 there was a tweet with references to Edge crashes.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Ransomware infection at German Dussmann Group
[German]A ransomware attack has occurred at the Dussmann subsidiary Kühlanlagenbau in Dresden. In the process, 200 GBytes of data were stolen. The perpetrators of the attack probably published 14 Gbytes of this data online.
Timeless Timing Attacks on HTTP/2 and WPA3…
[German]The new protocols HTTP/2 and WPA3 (WLAN) are currently being closely examined by security researchers. Timeless timing attacks can be used to extract sensitive information.
BootHole vulnerability in GRUB2 puts Linux and also Windows Secure Boot at risk
[German]Several vulnerabilities have been discovered in the GRUB2 boot loader, which could compromise both the Linux system and the Secure Boot available in Windows during boot process. Invisible malware may be injected on systems.
WordPress Plugin wpDiscuz with critical vulnerability
[German]There is a critical vulnerability in WordPress plugin wpDiscuz in versions 7.0.0 to 7.0.4, as WordFence reports here. The vulnerability in the plugin, which provides a comment function, allows to take over a WordPress installation. This is fixed in version … Continue reading
Microsoft Security Advisories and other Patches (July 2020)
[German]Microsoft has published some security advisories about vulnerabilities and released further updates around 14 July 2020. I would like to add this information to the blog post.