Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
QNAP QTS update closes vulnerabilities (March 29, 2023)
[German]As of March 29, 2023, manufacturer QNAP has published a security advisory for its QTS operating system. With an update of the QTS software, the manufacturer closes the vulnerabilities CVE-2022-3437, CVE-2022-3592, CVE-2022-27597, CVE-2022-27598, CVE-2022-42898, CVE-2023-22809. Here is a brief overview … Continue reading
Bi(n)gBang: Microsoft Azure vulnerability allows Bing search hijacking and Office 365 data theft
[German]A nice case about the risk of the cloud. Microsoft 's Azure may have allowed a misconfiguration of some apps or services. As a result, attackers could potentially inject malicious code into Bing search results pages to manipulate them. It … Continue reading
3CX desktop app (probably) infected in a supply chain attack (March 29, 2023)
[German]Warning to customers of phone system provider 3CX. Its 3CX Desktop app has probably been infected with malware via a supply chain attack. At least, that's what various reports from security companies as well as posts on reddit.com suggest. Here's … Continue reading
Exchange Online blocks mail from on-premises Exchange servers with vulnerabilities
[English]Microsoft has just unveiled a new security policy for Exchange Online that can block the acceptance of email from insecure on-premises Exchange servers (in hybrid environments). The administrators in question will receive a notification that the on-premises Exchange server is … Continue reading
Microsoft Guidelines for investigating attacks using CVE-2023-23397
[German]Microsoft is not getting any rest because of the critical Outlook vulnerability CVE-2023-23397. Even though there was a patch as of March 14, 2023, the vulnerability is not 100 percent closed. Late last week, Microsoft published an article to help … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Phishing Scams 3.0 abuses iCloud, PayPal, Google Docs & Co.
[German]The fact that the names of well-known services or providers such as DHL, Fedex, banks, PayPal or online storage providers such as iCloud, Google Docks etc. are misused is nothing new. But security researchers from Avana (part of Check Point … Continue reading
Edge 111.0.1661.54 allows to disable Bing button
[German]The daily Edge update give us today. Yesterday I had published the blog post Edge: 111.0.1661.51; 110.0.1587.78; and 109.0.1518.95 (for Server 2012 R2); disable Bing button and PDF test. A couple of howrs later, Microsoft is pushing the update to … Continue reading
Outlook vulnerability CVE-2023-23397 not fully patched
[German]Brief addendum to the March 2023 patchday. Microsoft did provide the critical RCE vulnerability CVE-2023-23397 in Outlook with a security update on March 14, 2023. But the patch is incomplete, the attack can still be triggered with somewhat modified emails. … Continue reading
Ferrari hack confirmed (March 2023)
[German]Italian carmaker Ferrari has been hacked, with attackers able to access and siphon off internal data. The cybercriminals are now trying to blackmail Ferrari and threatening to publish data. Since the car manufacturer did not respond to the blackmail, some … Continue reading
Palo Alto Network warns about ransomware strain Trigona
[German]Security researchers from Palo Alto Networks came across a new strain of ransomware at the end of 2022 that is currently still operating "under the radar" of many security researchers. However, at least 15 victims were attacked in December 2022. … Continue reading