Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
PEStudio: Program analysis for Windows
A little tip for analyzing Windows programs for malware or their components. There is a product called PEStudio by Marc Ochsenmeier that can be used to quickly analyze a Windows program and check its components for malware via VirusTotal.
DICOM protocol: Millions of patient data accessible unprotected via the Internet
[German]It's a very unpleasant situation: the DICOM protocol has been used for decades to exchange X-ray images or images from other imaging procedures with clinics and doctors, for example. It wasn't a problem until someone came up with the idea … Continue reading
Risk of Active Directory misconfigurations; Forest Druid for analysis
[German]Heute noch ein Sammelbeitrag zur IT-Sicherheit. Fehlkonfigurationen und Standardeinstellungen des Active Directory können die IT-Sicherheit von Unternehmen gefährden. Bastien Bossiroy von den NVISO Labs hat sich Gedanken um dieses Thema gemacht und bereits Ende Oktober 2023 einen Beitrag zu den … Continue reading
Windows 10: Surprise, there is an ESU support extension; also for private users
[German]What Microsoft has just announced comes as a surprise. After the official Windows 10 support ends in October 2025, Redmond will continue to provide paid security updates for a further three years. And an innovation that has never been seen … Continue reading
LogoFAIL: Critical vulnerabilities in the UEFI code
[German]There are several critical vulnerabilities in the UEFI code of the firmware of various BIOS/UEFI implementations that could be used to inject malware into a system. The whole thing was already announced by the Binarly REsearch Team on November 29, … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Microsoft identifies Russian attacker exploiting CVE-2023-23397 in Outlook to access Exchange accounts
[German]CVE-2023-23397 is a vulnerability in Microsoft Outlook that could be exploited in conjunction with Microsoft Exchange servers, which was closed with security updates in March 2023. Microsoft has now identified an attacker based in Russia who is actively exploiting CVE-2023-23397 … Continue reading
Recordings from Nullcon Security Conference (Goa 2023)
In September 2023 there was the "Nullcon Security Conference" in Goa. I was invited this year, but unfortunately (as with so many other conferences) I was unable to attend (which is better from an environmental point of view). But the … Continue reading
20,000 unpatched Exchange servers accessible via the Internet (Dec. 2023)
[German]Looks like we're heading for the next cyberattack disaster. Network scans by security researchers have found around 20,000 Microsoft Exchange servers that are accessible via the internet and vulnerable to remote code attacks. The Exchange servers are located in Asia, … Continue reading
Zyxel warns of critical security vulnerabilities in NAS devices
[German]Does anyone operate a Zyxel NAS in their environment? The Taiwanese manufacturer has just warned of several vulnerabilities in the firmware of these devices. Three critical vulnerabilities allow an unauthenticated attacker to execute operating system commands on vulnerable network-attached storage … Continue reading
iOS, macOS, Safari: Emergency updates close vulnerabilities
[German]Apple released updates for iOS, macOS and Safai a few hours ago. These emergency updates are intended to close critical security vulnerabilities (CVE-2023-42916 & CVE-2023-42917) that are already under attack. These vulnerabilities can expose sensitive data while browsing. So it's … Continue reading