Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Security
DCOM hardening (CVE-2021-26414) on March 14, 2023 patchday for Windows 10/11 and Server
[German]Just a reminder for administrators of Windows in enterprise environments. There is a vulnerability in Microsoft's Windows DCOM implementation (Windows DCOM Server Security Feature Bypass, CVE-2021-26414) that allowed security features to be bypassed. Microsoft documented this in 2021, and patched … Continue reading
Busted: Instagram influencer with 40 million followers uses Russian Zeus bot
[English]Security researchers have come across an open Cassandra database instance that probably contained data from the Russian website instarobot.pro. The website is known for offering services for spamming and botting on Instagram under the name Zeus. The records also included … Continue reading
Reminder: Changes to Certificate-Based Authentication for Domain Controllers in April 2023
[German]It is still a few weeks until the April 2023 patchday. However, I would like to remind administrators who are responsible for updating Windows Domain Controllers about a topic in the Domain Controller area. It is about the fact that … Continue reading
Review of the VMware ESXi server cyberdebacle (Feb. 2023)
[German]A brief flashback to February 2023 – since the beginning of the year, numerous VMware ESXi servers have been hijacked via a known vulnerability that has long since been closed. This VMware ESXi vulnerability has a huge threat potential and … Continue reading
Windows security updates against Intel silicon vulnerabilities (March 2, 2023)
[German]Microsoft has released special updates for Windows versions still in support on March 2, 2023. These are supposed to fix vulnerabilities (Speculative Execution Control and side-channel attacks) in Intel's CPUs. These vulnerabilities in Intel processors have been known since last … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
BlackLotus UEFI bootkit bypasses Secure Boot in Windows 11
[German]Security researchers from ESET have discovered a malware in the wild that hijacks the UEFI and has been christened BlackLotus. BlackLotus is believed to be the first UEFI bootkit malware in the wild that can bypass Secure Boot on Windows … Continue reading
LastPass hack via developer's private PC
[German]LastPass was the victim of two hacks in 2022, in which attackers gained access to its infrastructure. At first, it was said that the development environment had "only been hacked". Then the extent of the attack and a second attack … Continue reading
Security provider Cyren goes into liquidation – NoSpamProxy and several other vendors affected
[German]Information for users who use security features of the provider Cyren (e.g. NoSpamProxy). The provider Cyren is in economic difficulties and will probably be liquidated – the relevant services will be discontinued. The provider NoSpamProxy has already reacted and plans … Continue reading
Windows 10/11: Microsoft still ships old version of cURL lib with vulnerabilities (Feb. 2023)
[German]It's a messy story that I'm posting here on the blog again. Microsoft fails to ship cURL with Windows 10/11 in such a way that the software is up to date and no longer has known vulnerabilities. I had already … Continue reading
Software Restriction Policies (SAFER) still possible under Windows 11 22H2 …
[German]We was told, that Software Restriction Policies and SAFER no longer work out-of-the-box under Windows 11 22H2. This is caused by registry entries left in the ISO images, that make Windows 11 think that AppLocker is active (although it itsn't). … Continue reading