Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Design flaw in WiFi protocol allows attackers to intercept network traffic
[German]Another small addendum from the end of March 2023. Security researchers have discovered a serious design weakness in the IEEE 802.11 WiFi protocol standard. This weakness could allow attackers to eavesdrop on WLAN access points and transmit network frames in … Continue reading
Vulkan Files Exposes Russia's Cyberwar Strategies
[German]Files leaked from a whistle blower to German news magazine Süddeutsche Zeitung show how Russia under Putin is planning cyberwar. An evaluation by a media collective shows: Train and air lines are to be attaced, as well as energy supply … Continue reading
World Backup Day March 31, 2023
[German]March 31st of every year is "World Backup Day", and it's to remind people of the importance of backups. To mark the day, a little kaleidoscope of information around this topic.
QNAP QTS update closes vulnerabilities (March 29, 2023)
[German]As of March 29, 2023, manufacturer QNAP has published a security advisory for its QTS operating system. With an update of the QTS software, the manufacturer closes the vulnerabilities CVE-2022-3437, CVE-2022-3592, CVE-2022-27597, CVE-2022-27598, CVE-2022-42898, CVE-2023-22809. Here is a brief overview … Continue reading
Bi(n)gBang: Microsoft Azure vulnerability allows Bing search hijacking and Office 365 data theft
[German]A nice case about the risk of the cloud. Microsoft 's Azure may have allowed a misconfiguration of some apps or services. As a result, attackers could potentially inject malicious code into Bing search results pages to manipulate them. It … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
3CX desktop app (probably) infected in a supply chain attack (March 29, 2023)
[German]Warning to customers of phone system provider 3CX. Its 3CX Desktop app has probably been infected with malware via a supply chain attack. At least, that's what various reports from security companies as well as posts on reddit.com suggest. Here's … Continue reading
Exchange Online blocks mail from on-premises Exchange servers with vulnerabilities
[English]Microsoft has just unveiled a new security policy for Exchange Online that can block the acceptance of email from insecure on-premises Exchange servers (in hybrid environments). The administrators in question will receive a notification that the on-premises Exchange server is … Continue reading
Microsoft Guidelines for investigating attacks using CVE-2023-23397
[German]Microsoft is not getting any rest because of the critical Outlook vulnerability CVE-2023-23397. Even though there was a patch as of March 14, 2023, the vulnerability is not 100 percent closed. Late last week, Microsoft published an article to help … Continue reading
Phishing Scams 3.0 abuses iCloud, PayPal, Google Docs & Co.
[German]The fact that the names of well-known services or providers such as DHL, Fedex, banks, PayPal or online storage providers such as iCloud, Google Docks etc. are misused is nothing new. But security researchers from Avana (part of Check Point … Continue reading
Edge 111.0.1661.54 allows to disable Bing button
[German]The daily Edge update give us today. Yesterday I had published the blog post Edge: 111.0.1661.51; 110.0.1587.78; and 109.0.1518.95 (for Server 2012 R2); disable Bing button and PDF test. A couple of howrs later, Microsoft is pushing the update to … Continue reading