Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Critical vulnerability CVE-2023-1707 in HP printer firmware, no patch available
[German]Firmware from various laser printers is vulnerable to CVE-2023-1707 vulnerability. Certain HP Enterprise LaserJet and HP LaserJet are potentially vulnerable to information disclosure in managed environments when IPsec is enabled with FutureSmart version 5.6. A patch may be up to … Continue reading
Hard drive manufacturer Western Digital victim of cyber attack (March 2023)
[German]Hard drive manufacturer Western Digital admitted to a cyber attack on its IT networks on April 3, 2023. An unauthorized person was able to gain access to the internal IT networks probably already in March this year. The whole thing … Continue reading
Design flaw in WiFi protocol allows attackers to intercept network traffic
[German]Another small addendum from the end of March 2023. Security researchers have discovered a serious design weakness in the IEEE 802.11 WiFi protocol standard. This weakness could allow attackers to eavesdrop on WLAN access points and transmit network frames in … Continue reading
Vulkan Files Exposes Russia's Cyberwar Strategies
[German]Files leaked from a whistle blower to German news magazine Süddeutsche Zeitung show how Russia under Putin is planning cyberwar. An evaluation by a media collective shows: Train and air lines are to be attaced, as well as energy supply … Continue reading
World Backup Day March 31, 2023
[German]March 31st of every year is "World Backup Day", and it's to remind people of the importance of backups. To mark the day, a little kaleidoscope of information around this topic.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
QNAP QTS update closes vulnerabilities (March 29, 2023)
[German]As of March 29, 2023, manufacturer QNAP has published a security advisory for its QTS operating system. With an update of the QTS software, the manufacturer closes the vulnerabilities CVE-2022-3437, CVE-2022-3592, CVE-2022-27597, CVE-2022-27598, CVE-2022-42898, CVE-2023-22809. Here is a brief overview … Continue reading
Bi(n)gBang: Microsoft Azure vulnerability allows Bing search hijacking and Office 365 data theft
[German]A nice case about the risk of the cloud. Microsoft 's Azure may have allowed a misconfiguration of some apps or services. As a result, attackers could potentially inject malicious code into Bing search results pages to manipulate them. It … Continue reading
3CX desktop app (probably) infected in a supply chain attack (March 29, 2023)
[German]Warning to customers of phone system provider 3CX. Its 3CX Desktop app has probably been infected with malware via a supply chain attack. At least, that's what various reports from security companies as well as posts on reddit.com suggest. Here's … Continue reading
Exchange Online blocks mail from on-premises Exchange servers with vulnerabilities
[English]Microsoft has just unveiled a new security policy for Exchange Online that can block the acceptance of email from insecure on-premises Exchange servers (in hybrid environments). The administrators in question will receive a notification that the on-premises Exchange server is … Continue reading
Microsoft Guidelines for investigating attacks using CVE-2023-23397
[German]Microsoft is not getting any rest because of the critical Outlook vulnerability CVE-2023-23397. Even though there was a patch as of March 14, 2023, the vulnerability is not 100 percent closed. Late last week, Microsoft published an article to help … Continue reading