Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Tenable discovers critical vulnerability in Microsoft Azure; company won't patch (June 2024)
[German]The security experts at Tenable have discovered a vulnerability in Microsoft Azure that they classify as critical. However, Microsoft has announced that it does not intend to patch this vulnerability, which affects more than ten Azure services. This means that … Continue reading
Copilot+AI: Recall, a security disaster – AI-assisted theft
[German]On May 20, 2024, Microsoft presented the "Copilot+PC" concept and opened the next big barrel (hardware with AI support and Copilot). A feature called Recall is supposed to constantly take screenshots (or snapshots) of everything that happens on the system … Continue reading
Hacks at Santander and Ticketmaster via Snowflake accounts
[German]This week, hacks of Santander Bank and the ticket provider Ticketmaster became public. In both hacks, user data was captured on a large scale and is now being sold on underground forums. The story becomes explosive because these hacks are … Continue reading
Microsoft Entra ID: Support for MFA by third-party providers (Preview May 2024)
[German]Small addendum that has been pending since the beginning of May 2024. Microsoft Entra ID now supports third-party MFA providers such as RSA, Duo, Ping and others. Microsoft announced this back in early May 2024 in a tech community post. … Continue reading
Check Point Remote VPN security update for CVE-2024-24919
[German]There is a vulnerability CVE-2024-24919 in Check Point Remote Access VPN, which has been used by attackers for attacks since the end of April 2024. These steal Active Directory data in order to gain access to the victim's network and … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Vulnerabilities in the ZScaler Client-Connector
[German]A short piece of information for readers who use the ZScaler client connector in their environment. Three vulnerabilities CVE-2023-41972, CVE-2023-41973, CVE-2023-41969 have been disclosed by a security researcher. Combined correctly, these can be misused to launch an interactionless local privilege … Continue reading
NCANCA-Insides: Lessons from the hacks in the healthcare sector
[German]Weeks ago, there were serious cyberattacks on Change Healthcare, a payment service provider of the UnitedHealth Group, which paralyzed the supply of medicines in the USA due to payments no longer being made. In this context, I received a document … Continue reading
VBScript deprecated; timeline of when it will disappear
[German]Microsoft has long intended to end support for the script language VBScript in Windows. VBScript has now been declared as deprecated and Microsoft has presented also a timetable for when support will be completely removed from Windows. Now we see … Continue reading
Microsofts Copilot+PC, a privacy and security nightmare – Part 2
[German]On May 20, 2024, Microsoft presented its "Copilot+PC" (hardware with AI support and co-pilot). In my article Microsoft's AI PC with Copilot – some thoughts – Part 1 I presented my doubts, that there such machines are required. But there … Continue reading
Microsoft Exchange Server: Keylogger steals credentials from government organizations worldwide
[German]Security researchers have discovered a keylogger that infects government organizations worldwide, as well as banks and other institutions via Microsoft Exchange Server. The keylogger was found after an infection on the main page of a customer's Exchange Server. The purpose … Continue reading