Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
0-day vulnerabilities in IE and Edge
[German]Current versions of Internet Explorer and Edge has 0-day cross-site scripting vulnerabilities that attackers can exploit to steal data from other tabs. Although the vulnerabilities were reported to the company 10 months ago, Microsoft hasn't reacted, so there are no … Continue reading
Security: Windows-Spoofing via .reg files
[German]Windows users can be spoofed into importing .reg files, as I just verified. You can send manipulated messages to the user via the dialog box shown before a .reg file is imported.
Oracle mail warns about a critical Java 8 update coming
[German]Oracle's sales representatives has sent a mail informing customers about a upcoming critical security update for Java SE 8, that may causing causing trouble for corporate users. Since January 2019, commercial users are only allowed to install Java 8 updates … Continue reading
0-day vulnerability in TP-Link SR20 router
There is a 0-day vulnerability in the TP-Link SR20 SmartHome router that enables arbitrary code execution (ACE).
Backdoor: ASUS has been warned about risks since months
[German]A few days ago it became public, that an old version of ASUS Live Update Utility has be compromised and was shipped with a backdoor. But security researcher has warned ASUS two months ago about such a supply chain attack. … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Thunderbird 60.6.1
On March 25, 2019, the Mozilla developers have released the email client Thunderbird version 60.6.1. This is a maintenance update which closes security gaps. Here is some information about it.
Windows: Critical vulnerability in Huawei PCManager
[German]Microsoft has found two serious vulnerabilities in a driver and in PC Manager for Windows, both provided by Chinese company Huawei. These vulnerabilities allow local privileges escalation. Updates are available since in January 2019.
ShadowHammer: ASUS Live Update infected with backdoor
[German]Users who installed the ASUS Live Update Utility on their computers were probably infected between June and November 2018 with a backdoor. According to Gartner, ASUS was the 5th largest computer manufacturer in 2017, and the number of people affected … Continue reading
Some Nokia 7 Plus devices sends data to China Mobile
A nasty story about Nokia: Owners of som eNokia 7 Plus phones has had their activation data sent to the mobile network operator China Mobile. Also switching the device on, transfers data.
ETH Lausanne and IBM discovers SmoTherSpectre hardware vulnerability
[German]here is a new vulnerability, called SmoTherSpectre, in computer hardware that was discovered by researchers at the Swiss Federal Institute of Technology (ETH) Lausanne together with security researchers from IBM.