Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
Critical vulnerability in Lexmark printers (March 2023)
[German]There is a critical security vulnerability in the Lexmark firmware of various printers from this manufacturer. This is according to a security advisory issued by Lexmark on March 10, 2023. Hundreds of printer models are affected, including Lexmark MC3224, Lexmark … Continue reading
Windows 10/11: "Mock Folders" as UAC bypass security disaster, leverage Applocker and SRP
[German]Windows 10, Windows 11 (and also their server counterparts) contain a huge flaw that may lead to a security disaster. Attackers can create "mock folders" and store malware there. This alows to run malware with administrator rights (without a UAC … Continue reading
Vulnerabilities in Bitwarden password manager browser extension can reveal passwords
[German]Users of the Bitwarden password manager run into the risk of the auto-fill feature leaking credentials when visiting websites. Malicious websites could steal credentials via an IFRAME embedded in trusted pages and send them to an attacker.
Cyber attack on logistics service provider – Production at German Airbus site Nordenham partially affected
[German]Currently (March 8, 2023), production at the Airbus site in Nordenham/Germany seems to be halted (at least in parts). The background to this seems a cyber attack on the logistics service provider (named by my informants as LTS), whose systems … Continue reading
Veeam fixes critical vulnerability CVE-2023-27532 in Backup & Replication V11a/V12
[German]A small note for users of the backup software from the manufacturer Veeam. As of March 7, 2023, Veeam has fixed a critical vulnerability (CVE-2023-27532) in its Backup & Replication product in versions V11a/V12 via an update. The update via … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Fortinet March 2023 Security Advisory
[German]Administrators of Fortinet's FortiOS and FortiProxy must become active. The manufacturer has published various security advisories for different products as of March 7, 2023. Among other things, a DoS vulnerability CVE-2022-45861 in FortiOS and FortiProxy are addressed. Some of the … Continue reading
Google Chrome version 111.0.5563.64/65 and 110.0.5481.192
[German]Google has released updates to Google Chrome Browser 111 in the stable channel for Mac, Linux and Windows as of March 7, 2023. Mac and Linux now reach version 111.0.5563.64, while for Windows, versions 111.0.5563.64/.65 are ready. These are security … Continue reading
Europol took action against DoublePaymer cyber gang
[German]International investigators and law enforcement (FBI, Europool, German LKA, etc.) have succeeded in identifying members of a cybergang that operated under the names "DoppelSpider" and "DoppelPaymer". The cybergang was responsible for ransomware attacks on companies and the University Hospital in … Continue reading
Security: DJI drones and it's AeroScope vulnerabilities
[German]Drones from the Chinese manufacturer DJI have vulnerabilities that allow third parties to read radio traffic and determine the location of the drone pilot. This vulnerability comes from a monitoring feature called AeroScope (DroneID), developed by the manufacturer for "law … Continue reading
Critical vulnerability CVE-2023-0656 in SonicWall firewalls
[German]SonicWall has issued a security alert SNWLID-2023-0004 as of March 2, 2023. Several applications are at risk from critical vulnerability CVE-2023-0656. A stack-based buffer overflow vulnerability in SonicOS allows an unauthenticated attacker to remotely cause a denial of service (DoS) … Continue reading