Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Critical RCE Vulnerability in Citrix NetScaler ADC and Citrix Gateway
[German]Brief warning to administrators of Citrix NetScaler ADC and Citrix Gateway. The vendor has issued a security advisory warning of a critical remote code execution vulnerability in the products. The vendor has released updates for the affected products, which administrators … Continue reading
Follow-up to the Storm-0558 cloud hack: Microsoft is still in the dark
[German]A suspected China-based hacking group, dubbed Storm-0558 by Microsoft, was able to gain access to email accounts of about 25 organizations in the Microsoft cloud. In a follow-up late last week, Microsoft followed up with a "comprehensive" text with some … Continue reading
Data leak exposes data of registered Virustotal customers
[German]The web service virustotal.com (founded by the Spanish company Hispasec Sistemas, taken over by Google), which has been operated by Google since 2012, is popular among security researchers and companies for checking suspicious files for malware. However, there are warnings … Continue reading
Azure Virtual Desktop: Private Link available
[German]A small addendum for administrators of Microsoft's Azure Virtual Desktop: Redmond announced last week that so-called "private links" are now generally available in Azure Virtual Desktop. This should increase the security of connections to Azure Virtual Desktop instances. This is … Continue reading
Azure Hack? Strange Azure AD IP 20.119.0.42:443 "safe-hse.com" alerted on June 13, 2023
[German]On June 13, 2023, a blog reader received a message from Defender for Endpoint (ATP). He was notified that there was an outbound connection to IP 20.119.0.42:443 associated with a hacking group "Storm-0900". Later another reader mentioned such an alert. … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
WordPress plugin All-In-One Security (AIOS) 5.1.9 with severe vulnerability
[German]WordPress users who are still using the plugin All-In-One Security (AIOS) in version 5.1.9 should react immediately. UpdraftPlus, the maintainer, has issued a security alert because the plugin was storing user login passwords in plain text in the database.
Critical RCE Vulnerability CVE-2023-36664 in GhostScript affects Linux, Windows etc.
[German]A security researcher has developed a proof of concept to exploit a remote code execution vulnerability CVE-2023-36664, rated critical (CVSS score 9.8), in the widely used (for PostScript and PDF displays) GhostScript software. Both Linux and Windows systems are threatened … Continue reading
HTML RCE Vulnerability CVE-2023-36884 Allows Office and Windows System Takeover
[German]Short addendum regarding security. As of July 11, 2023 (patch day), another 0-day vulnerability (CVE-2023-36884) has become public, which allows remote code execution in Microsoft Windows and Office. The vulnerability has already been exploited by hackers from the group Storm-0978 … Continue reading
China hacker (Storm-0558) accessed Outlook accounts in Microsoft's cloud
[German]A suspected China-based hacking group, which Microsoft refers to as Storm-0558, has managed to gain access to email accounts of about 25 organizations. These include government agencies (US State Department), as well as corresponding private accounts of people who are … Continue reading
Microsoft Office Updates (July 11, 2023)
[German]On July 11, 2023 (second Tuesday of the month, Microsoft Patchday), Microsoft released several security-related updates for still-supported Microsoft Office versions and other products. With the April 2023 patchday, support for Office 2013 ended – but vulnerabilities were still closed … Continue reading