Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Early termination of support for SonicWall SMA100
[German]Brief information for users of SonicWall 100 Series Secure Access Gateways. As a reader informed me in an email this week, SonicWall appears to be planning to discontinue support for SonicWall SMA100 Series models soon. According to a statement from … Continue reading
Microsoft warns: Ransomware group Storm-0501 attacks (Azure) cloud, demands payments
[German]Microsoft warns of the financially motivated group Storm-0501, which continuously targets cloud instances (Azure) with attacks. If successful, data is extracted, the originals are encrypted, and backups are destroyed. A ransom is then demanded.
CrushFTP vulnerability CVE-2025-54309 is being exploited
[German]Does anyone reading this blog use the CrushFTP program for file transfers? The CVE-2025-54309 vulnerability has been known and fixed since July 2025. Now I've come across a report that hackers are exploiting this vulnerability.
Vulnerabilities in Fortinet FortiWeb; Directus, hack at Salesloft, and more
[German]Fortinet FortiWeb administrators need to take action because there is a vulnerability warning. Users of the Directus website builder also need to take action due to a vulnerability. Here is an overview of various security vulnerabilities in products, as well … Continue reading
0patch secures Microsoft Office 2016 and 2019 after October 2025
[German]Microsoft will end support for Microsoft Office 2016 and Microsoft Office 2019 as planned on October 14, 2025. After that, these versions of Office will no longer receive security updates. However, ACROS Security will continue to secure these two versions … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Critical vulnerabilities in Citrix NetScaler ADC & NetScaler Gateway
[German]Administrators of Citrix NetScaler ADC and NetScaler Gateway must respond as new critical vulnerabilities (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) have been discovered. Citrix writes that exploitation of a vulnerability via exploits has already been observed.
Perplexity Comet Browser Prompt Injection as a major security risk
[German]Another failure in the field of AI agents. The developers of the Brave browser have revealed a vulnerability in the Perplexity Comet browser. Using prompt injection, it would be possible to retrieve sensitive information from the agent and instruct the … Continue reading
Password manager vulnerability in 11 products enables data theft
[German]Many users manage their passwords in password managers. Security researchers took a closer look at 11 popular extensions (1Password, LastPass, iCloud, and others). These were identified as vulnerable, putting login details, 2FA codes, and credit card data at risk.
Phishing simulations (and SEG) are largely useless
[German]Some companies subject their employees to internal phishing training involving simulated attacks. A study has now shown that these phishing simulations are largely useless. But even secure email gateways cannot stop phishing emails.
Chrome extension FreeVPN.One recorded screenshots of every page visited
[German]Anyone who believed that Microsoft's Recall was at the forefront of surveillance needs to think again. Security researchers have discovered the FreeVPN.One extension for the Google Chrome browser. This extension took screenshots of all visited pages and collected additional data. … Continue reading