Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Vulnerabilities in Notepad ++ (Sept. 2023)
[German]Several vulnerabilities (CVE-2023-40031, CVE-2023-40036, CVE-2023-40164, CVE-2023-40166) are believed to exist in the popular Notepad ++ editor and have been reported to the developer by a security researcher. The vulnerability ratings range from medium to high. Although this report was made … Continue reading
Exchange 2016/2019 get HSTS support; Extended Protection will also be enabled soon
[German]With CU14, Microsoft pans to enable the Windows Server Extended Protection feature by default for Exchange Server 2019 for improved protection. However, it will be possible to deactivate this feature when installing the CU14 if required. Redmond has announced this … Continue reading
Unfixed Skype bug allows attackers to query victims' IP address (August 2023)
[German]A security researcher has come across a way to determine the IP address of a Skype user without the target person even having to click on a link (IP address spoofing). This could be used to spy on people (e.g. … Continue reading
Firefox 117, 115.2 ESR, 102.15 ESR
As of August 29, 2023, the Mozilla developers have released the new Firefox 117 as well as the maintenance updates of Firefox 115.2 ESR and Firefox 102.14 ESR. With the updates, some vulnerabilities have been closed. Here is a brief … Continue reading
FBI and Europol dismantle with partners Qakbot network
[German]In an international operation, the U.S. FBI and Europol, together with local partners, dismantled the Qabot network. The action succeeded after law enforcement managed to take over the PC of a Qakbot administrator. The infected devices were instructed to download … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
WinRAR vulnerability CVE-2023-40477: Also third-party software affected?
In my blog post WinRAR Code Execution Vulnerability CVE-2023-40477 I had mentioned a vulnerability in WinRAR, which has been fixed with the update to WinRAR version 6.23. Andreas Marx from AV-Test recently pointed out that basically all software that uses … Continue reading
Palo Alto: Ivanti Endpoint Manager Mobile Vulnerabilities Readback (August 2023)
[German]Vendor Ivanti has had to warn about critical vulnerabilities in its Endpoint Manager Mobile (EPMM) several times in recent weeks and issue security updates. The starting point for this flood of security reports was that Norway's government was hacked via … Continue reading
Windows Defender Credential Guard: Root cause of Windows 11 22H2 RDP issues?
[German]Since weeks, administrators have been complaining about problems with remote desktop connections that can occur on Windows 11 22H2. Microsoft announced in July 2023 that they are investigating the problem, and there is probably a workaround. Coincidentally, however, a blog … Continue reading
Duolingo: Leak with 2.6 million user records, check for 'Have I been Pwned' possible
[German]Vulnerabilities in the language learning app/platform API from Duolingo allows to scape user data. Now Troy Hunt has integrated a data set with information on 2.6 million Duolingo users into his platform 'Have I been Pwned'. And if I've noticed … Continue reading
CloudNordic: Ransomware, and suddenly the Danish cloud was knocked out
[German]Customers of Danish cloud provider CloudNordic have successfully learned what it means to share responsibility. The provider had a ransomware infection when moving to a new data center, so the cloud offering was completely knocked out for the clientele. The … Continue reading