Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Windows: Microsoft intends to disable TLS 1.0 and 1.1 soon by default in Schannel protocol
[German]Quick note for administrators in enterprise environments. Microsoft plans to soon deactivate TLS 1.0 and 1.1, which are still used by default in the Schannel protocol (starts in September 2023 with Windows 11 Insider builds). In a statement, the company … Continue reading
Used Canon printers reveal WLAN password
[English]Warning to owners of Canon printers who want to take them out of service and sell them – or who operate the devices in WLAN and then have to give them for repair. Manufacturer Canon currently warns that certain devices … Continue reading
Citrix ShareFile RCE vulnerability CVE-2023-24489 is under attack
[English]Security researchers warn that attackers are exploiting the Citrix ShareFile RCE vulnerability CVE-2023-24489 in the wild right now. Citrix ShareFile is a widely used cloud-based file sharing application that is affected by critical remote code execution (RCE) CVE-2023-24489 (CVSS score … Continue reading
Russian hacker infects himself through own infostealer
Nice side story: a hacker who operated in Russian-language forums since 2020 mistakenly infected his computer with malware he used, selling information to security researchers at Hudson Rock. So Hudson Rock staff was able to identify the hacker called La_Citrix … Continue reading
First supply chain attack on open source software targeting banks discovered
Security researchers say they have discovered the first attack on the open source software supply chain specifically targeting the banking sector. That's according to a report published by Checkmarx on July 21, 2023. On April 5 and 7, a threat … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Apple security updates for iOS, macOS (July 24, 2023)
Small addendum from this week, already on July 24, 2023 Apple has released a slew of updates for the Safari browser, for iOS on iPhones and iPadOS for the iPads. In addition, there are updates for macOS, Apple TV and … Continue reading
Sophos UTM Firewall: Update closes CVE-2023-0286, CVE-2023-0215 (OpenSSL) and more
Vendor Sophos has released an update to UTM Up2date 9.716 for its UTM firewall, which is intended to fix a number of vulnerabilities CVE-2023-0286, CVE-2023-0215, CVE-2002-20001, CVE-2022-40735, CVE-2002-20001, CVE-2022-40735, CVE-2023-3367, CVE-2002-20001, CVE-2022-40735 as well as various bugs. The vulnerabilities affect … Continue reading
Privilege escalation vulnerability CVE-2023-30799 in MikroTik routers, patch urgently
In case you haven't noticed, MikroTik RouterOS Stable before version 6.49.7 and in the long-term version up to 6.48.6 contains a vulnerability CVE-2023-30799 that allows an attacker to escalate privileges, but the attacker must be authenticated. However, he can then … Continue reading
Patch your Ivanti EPMM – Norwegian government hacked via 0-day
[German]Administrators should ugently patch its Ivanti EPMM used in their environment, because older version contains a 0-day vulnerability. In Norway, the ICT platform (information and communications system) on which 12 ministries operate was attacked via this 0-day vulnerability.
Atlassian updates Confluence and Bambo due to critical vulnerabilities
[German]Another addendum from July 18, 2023 – that's when vendor Atlassian released its security bulletin for July 2023. Vulnerabilities in Confluence Data Center & Server (CVE-2023-22505 and CVE-2023-22508) and Bamboo Data Center (CVE-2023-22506) have become public. An attacker can exploit … Continue reading