Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Drown: homeserver.com sub-domains are vulnerable
Today a warning, dedicated to Windows HomeServer users. It seems, that many subdomains hosted under Microsoft's homeserver.com domain are vulnerable via Drown attacks.
Microsoft’s failure with default Windows device encryption
Microsoft supports automatic device encryption since Windows 8 for selected hardware. The odd thing: The recovery key is transmitted to Microsoft without a possibility to stop that transfer.
Microsoft Security-Advisory 3119884 (Dell root certificates)
Microsoft has published Security Advisory 3119884 Inadvertently Disclosed Digital Certificates Could Allow Spoofing. This advisory addresses the Dell root-CA-certificate desaster.
An issue in Dell Foundation Service allows user tracking
Another bad day for Dell Inc. Their Dell Foundation Services version 2.3.3800.0A00 and below comes with a serious security issue. Dell Foundation Services can be exploited by a malicious website to leak the Dell service tag of a Dell system, … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Dell’s Superfish 2: Devices shipped with cloneable Root certificate
Bad news for Dell customes – this vendor has shipped an unsecure, self signed root CA certifcate (eDellRoot) on new Dell desktop and tablet devices. The odd thing: This certificate may be used to sign own certificates and decrypt https-data.
Microsoft’s FREAK workaround causes update error 8024001F
Microsoft has published a workaround to fix the FREAK vulerability in SSL/TLS protocol. Unfortunately this workaround can cause some collateral damages. One damage could be an update error 8024001F. Here are a few more details.
FREAK: Why US policy sets Apple & Google products at risk
US intelligence service requests for SSL spying capabilities and NSA activities has been already causing collateral damages to US tech companies. Now the next act has been revealed: Apple and Google products are more vulnerable as they could be, due … Continue reading
Superfish: Windows Defender fails to clean properly
[German edition]Today I like to bring your attention to a nasty part of the Lenovo Superfish issue. Currently many media reflecting Ed Bott's ZDNet article, that Windows Defender will detect Superfish and removes it with the Superfish Inc. Root certificates. … Continue reading
Komodia SSL certificates and hijacking tech are widely spread
[German]Yesterday I reported the Lenovo Superfish adware 'incident' (Lenovo ships Superfish adware preinstalled on systems). Today it seems that the problem is even wide spread. Komodia SSL certificates and their SSL hijacking sdk are used in more products.