Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
FrostyGoop malware infects industrial control systems (OT)
[German]The Dragos OT Cyber Threat Intelligence team encountered FrostyGoop ICS malware targeting ICS/OT systems in April 2024. This malware can interact directly with Industrial Control Systems (ICS) in Operational Technology (OT) environments via the Modbus protocol, a standard ICS protocol … Continue reading
Review of the CrowdStrike incident, the biggest computer glitch of all time
[German]It is considered to be the world's biggest computer glitch to date, paralyzing 8.5 million Windows systems and causing billions in damage. In the meantime, the clean-up work, the finger-pointing and the "washing of hands in innocence" have begun. I … Continue reading
Why numerous IT systems around the world failed due to two errors on July 19, 2024
[German]On July 19, 2024, there were numerous outages to Windows IT systems worldwide. Operations at airports came to a standstill, banks could no longer work, trains were canceled and companies sent their employees home (e.g. Tegut) because the IT systems … Continue reading
Windows Patchday news: MSHTML 0-day vulnerability CVE-2024-38112 exploited by malware
[German]A small addendum to the July 2024 patchday at Microsoft. With the security updates, Microsoft has also closed an MSHTML spoofing vulnerability. There was information that this vulnerability (CVE-2024-38112) was and is being exploited by malware. The vulnerability is in … Continue reading
Posted in Security, Update, Windows
Tagged Patchday 7.2024, Security, Update, Windows
Leave a comment
US data brokers offer 3.6 billion location data of German cell phone users
[German]Research by several German media outlets reveals that US data brokers are offering the locations of cell phone users in Germany. Some of the data can even be accessed free of charge, as research by netzpolitik.org and BR shows. A … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
An open API at Deutsche Telekom is leaking user data
[English]German security expert Lilith Wittmann discovered an unprotected API from Deutsche Telekom, that can be used, to retrieve details about landline connections via their internet access. She set up a website that can be used to retrieve data from Telekom's … Continue reading
Cloud expansion jeopardized by lack of security know-how?
[German]An exciting story: everything is (at least it feels like it is) moving into the cloud. But the German companies that are already in the cloud are facing serious security problems. Security provider Tenable has taken a closer look and … Continue reading
Outlook to Exchange auto-discovery and the duplicate .com.com domain
[German]I'm posting a curious reader observation here in the blog. It's about the auto-discovery of e-mail recipients in Outlook via the auto-discovery service in Microsoft Exchange. One reader noticed a crude problem in this context. Someone seems to have registered … Continue reading
Microsoft Office Updates (July 9, 2024)
[German]On July 9, 2024 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for Microsoft Office 2016, as well as the C2R variants (Office 2016-2021 and 365) and other products. Below you will find an overview of … Continue reading
Blast RADIUS attack enables RADIUS authentication to be bypassed
[German]A vulnerability (CVE-2024-3596) discovered by security researchers makes it possible to log into a network using the RADIUS network authentication protocol without further authentication. The vulnerability, called Blast-RADIUS, could jeopardize network security in companies because RADIUS network authentication can be … Continue reading