Tag Archives: Software

CISA warning about Log4Shell attacks on VMware Horizon systems (June 2022)

[German]U.S. Cybersecurity & Infrastructure Agency (CISA) issued a strong warning as of June 24, 2022, that the Log4Shell vulnerability disclosed in December 2021 is being targeted by groups to attack unpatched VMware Horizon systems. In one confirmed case of compromise, … Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Advertising

Potentially more than 770 million Travis CI API logs compromised

[German]Travis CI is a very popular service among software developers, which is used to create and test many software projects. The service is part of the software supply chain of many software solutions. Moreover, Travis CI's credentials and login information … Continue reading

Posted in Security | Tagged , | Leave a comment

Adobe Acrobat (Reader) DC 22.001.20142

Adobe has released an update to Adobe Acrobat (Reader) DC to version 22.001.20142 (Windows) and (Mac) as of June 14. This update fixes some bugs according to this description. Download links are provided on the relevant Release Notes page for … Continue reading

Posted in Software, Update | Tagged , , | Leave a comment

Advertising

Fake CCleaner search results link to malware (information stealer)

[German]AVAST has discovered a malware campaign (FakeCleaner) in which cybercriminals manipulated search results for a cracked CCleaner Pro in such a way that they acted as malware launchers. If users follow the links of these hits, they download malware onto … Continue reading

Posted in Security, Software | Tagged , , | Leave a comment

Microsoft Graph: Upcoming billing changes

[German]A small note to administrators and developers who are responsible for the use of Microsoft Teams and use a data export via Microsoft Graph from Microsoft Teams. You have noticed that this export will be charged in the future? Whether … Continue reading

Posted in General, Software | Tagged , | Leave a comment

Advertising

0-day vulnerability CVE-2022-26134 in Atlassian Confluence Server fixed

[German]Security researchers from Volexity discovered an actively exploited 0-day vulnerability (CVE-2022-26134) in Atlassian Confluence Server software last weekend. Now Atlassian Confluence has named the affected software versions while providing security updates to close the vulnerability. Administrators should install the security … Continue reading

Posted in Security, Software, Update | Tagged , , | 1 Comment

0-day vulnerability CVE-2022-26134 in Atlassian Confluence Software

[German]Security researchers from Volexity discovered a 0-day vulnerability (CVE-2022-26134) in Atlassian Confluence software over the weekend. This vulnerability is being actively exploited – this is what brought the issue to the attention of the security researchers. Currently, the urgent advice … Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Vulnerabilities CVE-2022-27507 and CVE-2022-27508 in Citrix ADC and Citrix Gateway

[German]Two vulnerabilities CVE-2022-27507 and CVE-2022-27508 exist in Citrix ADC and Citrix Gateway, for which the vendor has issued a security bulletin. The vulnerabilities discovered in Citrix ADC and Citrix Gateway allow attackers to launch a distributed denial-of-service (DDoS) attack. The … Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Advertising

VMware closes vulnerabilities, DHS gives U.S. federal agencies 5 days to patch

[German] VMware has fixed a critical bug in several of its products through updates. The vulnerability, CVE-2022-22972, allows administrative access without authentication and affects the Workspace ONE Access, VMware Identity Manager (vIDM) and vRealize Automation products. The U.S. Department of … Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Microsoft observed attacks on Microsoft SQL Server via PowerShell

[German]The Microsoft security team is currently warning about a campaign in which unknown attackers are targeting Microsoft SQL databases. Although a brute force approach is used to crack the database access. What is new is that the campaign uses the … Continue reading

Posted in Security, Software | Tagged , , | Leave a comment