Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Critical vulnerabilities in VMware products (March 5, 2024)
[German]A short addendum from last week. I recently reported on updates to VMware products. VMware has now classified certain vulnerabilities in its virtualization products as critical in a security advisory. It should therefore be patched quickly, if not already done. … Continue reading
Posted in Security, Software, Update, Virtualization
Tagged Security, Update, VMware
Leave a comment
After Facebook glitch (March 5, 2024): Have you been able to log in to other people's accounts?
[German]Follow-up to this week's Facebook disruption, where users were forcibly logged out and could only log back in after a few hours. A reader has contacted me and reported that he was able to log in to Facebook under a … Continue reading
Microsoft confirms: Russian spies (Midnight Blizzard) stole source code while accessing systems
[German]Microsoft has now had to confirm that Russian cyber spies from the Midnight Blizzard group not only had access to the email accounts of Microsoft management in January 2024. The attackers were also able to gain access to internal systems … Continue reading
New variant of the Solarwinds attack technique discovered in 2020
[German]The hack of numerous (US) authorities and companies via Solarwinds software in 2020 is probably still fresh in the minds of many readers. Now the Semperis security research team has discovered a new variant of "golden SAML", an attack technique … Continue reading
Microsoft closes exploited Windows 0-day vulnerability CVE-2024-21338 six months after notification
[German]In February 2024, Microsoft closed the vulnerability CVE-2024-21338 in the kernel of Windows 10/11 and various Windows Server versions. Great! The flaw in the story: The vulnerability was reported by AVAST in August 2023, and the vulnerability was exploited as … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Windows vulnerability CVE-2024-21412: Attacks by the APT group Water Hydra
[German]On 13 February 2024, the Internet Shortcut Files Security Feature Bypass vulnerability CVE-2024-21412 became known. This vulnerability can be used to bypass the SmartScreen in Windows and other products. Microsoft has provided corresponding patches for the supported Windows versions with … Continue reading
TeamViewer password vulnerability CVE-2024-0819
[German]A short warning to readers who use the TeamViewer remote maintenance software still with a "personal password". The client for Windows should urgently be updated to version 15.51.5. The manufacturer has published a security notice stating that older software versions … Continue reading
WordPress LiteSpeed Cache Plugin with vulnerability CVE-2023-40000
[German]Quick note for WordPress users who use the LiteSpeed Cache plugin. The plugin should be updated urgently, as a vulnerability CVE-2023-40000 can lead to an unauthoriszd takeover of the website. An update for the quite popular plugin is available.
Camera for facial recognition discovered in Invenda vending machines (Mars, Coca-Cola)
[German]An unpleasant story that went public come to light in Canada. An error message on the display of a vending machine from which you can buy sweets such as MMs or Mars bars prompted a student at a Canadian university … Continue reading
SSH snake steals SSH keys
[German]Warning about the Snake worm, which is designed to steal SSH keys. The SSH-Snake malware was discovered by the Sysdig Threat Research Team (TRT). The self-modifying worm uses SSH credentials discovered on a compromised system to spread throughout the network. … Continue reading