Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Attention: Microsoft's UEFI certificate expires on Oct. 19, 2026 – Secure Boot affected
[German]I'm posting a topic here in the blog that still has "a few days to go" but could have very unpleasant consequences. In the fall of 2026, a certificate in Windows will expire, which ensures that Secure Boot can be … Continue reading
Windows SmartScreen and Smart App Control exploited since 2018
[German]There are vulnerabilities in Windows SmartScreen and Smart App Control that are based on design errors. It has now become public that these vulnerabilities have been exploited by attackers since 2018. Security researchers at Elastic Security Labs have compiled and … Continue reading
Microsoft's analysis of the CrowdStrike incident and recommendations
[German]One more addendum, on a topic taken up in my German blog at the end of July 2024. Microsoft has recently published an analysis of the CrowdStrike incident, which confirms the statements made by Crowdstrike. And there are recommendations on … Continue reading
New BITSLOTH backdoor discovered; abuses the Windows BITS service
[German]Another nice story that I came across last week. What I had suspected for some time has been confirmed. The Background Intelligent Transfer Service (BITS) can be abused. A newly discovered Windows backdoor BITSLOTH uses BITS to communicate with command … Continue reading
Identities Inventory: How to certify access rights
[German]What do you think about the certification of access rights for users? Access certification describes the independent review of access rights by an auditor. The auditor examines whether the rights granted to users are really necessary. A thorough user access … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Microsoft discovers VMware ESXi Auth Bypass vulnerability CVE-2024-37085
[German]Microsoft security experts have discovered a ransomware campaign targeting VMware ESXi instances. Via an Auth Bypass vulnerability (CVE-2024-37085) it is possible to gain full administrative privileges on domain-joined ESXi hypervisors. The vulnerability is being exploited by several ransomware operators to … Continue reading
Possible Pinterest Dat leak with 6 Million affected user (July 2024)
[German]The Pinterest service has (probably) suffered a major data leak affecting its registered users. While it's not confirmed, security researchers from Surfshark have looked at the details and found that the USA and France are the most affected countries among … Continue reading
CrowdStrike incident: sensor failure as a previously unknown side effect?
[German]A faulty update to the CrowdStrike Falcon software brought around 8.5 million Windows computers to a standstill on July 19, 2024. The incident is already considered to be the world's largest computer failure to date and is likely to have … Continue reading
FrostyGoop malware infects industrial control systems (OT)
[German]The Dragos OT Cyber Threat Intelligence team encountered FrostyGoop ICS malware targeting ICS/OT systems in April 2024. This malware can interact directly with Industrial Control Systems (ICS) in Operational Technology (OT) environments via the Modbus protocol, a standard ICS protocol … Continue reading
Review of the CrowdStrike incident, the biggest computer glitch of all time
[German]It is considered to be the world's biggest computer glitch to date, paralyzing 8.5 million Windows systems and causing billions in damage. In the meantime, the clean-up work, the finger-pointing and the "washing of hands in innocence" have begun. I … Continue reading