Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Apple security updates for iOS, macOS (July 24, 2023)
Small addendum from this week, already on July 24, 2023 Apple has released a slew of updates for the Safari browser, for iOS on iPhones and iPadOS for the iPads. In addition, there are updates for macOS, Apple TV and … Continue reading
Sophos UTM Firewall: Update closes CVE-2023-0286, CVE-2023-0215 (OpenSSL) and more
Vendor Sophos has released an update to UTM Up2date 9.716 for its UTM firewall, which is intended to fix a number of vulnerabilities CVE-2023-0286, CVE-2023-0215, CVE-2002-20001, CVE-2022-40735, CVE-2002-20001, CVE-2022-40735, CVE-2023-3367, CVE-2002-20001, CVE-2022-40735 as well as various bugs. The vulnerabilities affect … Continue reading
Privilege escalation vulnerability CVE-2023-30799 in MikroTik routers, patch urgently
In case you haven't noticed, MikroTik RouterOS Stable before version 6.49.7 and in the long-term version up to 6.48.6 contains a vulnerability CVE-2023-30799 that allows an attacker to escalate privileges, but the attacker must be authenticated. However, he can then … Continue reading
Patch your Ivanti EPMM – Norwegian government hacked via 0-day
[German]Administrators should ugently patch its Ivanti EPMM used in their environment, because older version contains a 0-day vulnerability. In Norway, the ICT platform (information and communications system) on which 12 ministries operate was attacked via this 0-day vulnerability.
Atlassian updates Confluence and Bambo due to critical vulnerabilities
[German]Another addendum from July 18, 2023 – that's when vendor Atlassian released its security bulletin for July 2023. Vulnerabilities in Confluence Data Center & Server (CVE-2023-22505 and CVE-2023-22508) and Bamboo Data Center (CVE-2023-22506) have become public. An attacker can exploit … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Super Mario Game Installer Spreads SupremeBot Malware
[German]Another small addendum in terms of security. At the end of June 2023, security researchers from Cyble issued a warning about a Super Mario Game installer. Security researchers have come across a corresponding installer that contains a Trojan and spreads … Continue reading
Stolen AAD key allowed (Storm-0558) wide-ranging access to Microsoft cloud services
[German]Microsoft had to admit on begin of July 2023 that suspected Chinese hackers from the Storm-0558 group were able to forge security tokens using a stolen private MSA key. Then then gain broad access to Microsoft cloud services, as Wiz … Continue reading
CISA warns: Citrix NetScaler ADC is under attack via CVE-2023-3519
[German]The U.S. cybersecurity agency CISA is warning administrators of Citrix NetScaler ADC installations. Threat actors have begun exploiting the NetScaler ADC vulnerability CVE-2023-3519, disclosed a few days ago, to implant webshells. Administrators should look for signs of compromise. Kompromittierung suchen.
Security updates: Foxit PDF Reader and PDF Editor 12.1.3
Brief information for people who use Foxit PDF Reader and/or PDF Editor. There are vulnerabilities in older versions which will be fixed by a security update to version 12.1.3.15356 (thanks to the reader for reminding me). Details can be found … Continue reading
TP-LINK TL-WR840N: Vulnerability allows stack buffer overflow DOS
There is a vulnerability in the firmware of the TP-Link router TP-LINK TL-WR840N that allows a remote attacker to perform a stack buffer overflow DOS attack. TP-Link does not want to publish a security advisory for this, but has made … Continue reading