Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Software
Barracuda ESG vulnerability CVE-2023-7102 (Dec. 2023)
[German]Barracuda has discoverd during an ongoing investigation that a threat actor is exploiting the CVE-2023-7102 vulnerability in the Barracuda Email Security Gateway Appliance (ESG). The use of a third-party library led to this vulnerability, which affected the Barracuda ESG appliance … Continue reading
3CX warning: Disable SQL database integrations (Dec. 15, 2023)
[German]Warning to customers of the telephone system provider 3CX who have integrated an SQL database into the software for CRM purposes. The manufacturer recommends temporarily deactivating this SQL database integration. Although there are no details of what is wrong, the … Continue reading
Microsoft Security Update Summary (December 12, 2023)
[German]On December 12, 2023, Microsoft released security updates for Windows clients and servers, for Office – and for other products. The security updates eliminate 33 vulnerabilities (CVEs), four of which are critical vulnerabilities. Below is a compact overview of these … Continue reading
Veeam Backup and other product updates (Dec. 2023)
Brief information for users of Veeam products. Two readers have pointed out to me that the manufacturer has updated its product portfolio as of December 5, 2023 (thanks for that). The updates range from Veeam Backup & Replication to Veeam … Continue reading
LogoFAIL: Critical vulnerabilities in the UEFI code
[German]There are several critical vulnerabilities in the UEFI code of the firmware of various BIOS/UEFI implementations that could be used to inject malware into a system. The whole thing was already announced by the Binarly REsearch Team on November 29, … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
40 years of Turbo Pascal
[German]I recently recognized that the Turbo Pascal development environment was introduced by Borland 40 years ago. But it completely passed me by. I myself only came into contact with Turbo Pascal around 1987/1988. Today, a brief look back for the … Continue reading
Windows: cURL 8.4.0 update coming on November 14, 2023 patch day
[German]There is a vulnerability in the cURL library and tool in older versions, which was closed by the project on October 11, 2023 with version 8.4.0. Microsoft delivers cURL with Windows, but has not yet updated this version. My understanding … Continue reading
VMware vCenter vulnerability CVE-2023-34048 – many systems vulnerable
There is an out-of-bounds vulnerability CVE-2023-34048 in VMware vCenter that leaves systems vulnerable. A security researcher scanned the Internet for accessible and unpatched instances and found numerous systems. Administrators of VMware vCenter installations should ensure systems are patched.
Vulnerability CVE-2023-5363 in OpenSSL
[German]A vulnerability CVE-2023-5363 was found in the OpenSSL software. The initialization of the encryption key length and the initialization vector in OpenSLL is incorrect. However, a fix is already available for the Linux distributions Debian and Ubuntu.
Cisco: New 0-day vulnerability (CVE-2023-20273) in IOS XE; already being exploited
[German]US vendor Cisco has publicly disclosed another 0-day vulnerability (CVE-2023-20273) in IOS XE as of October 20, 2023. This vulnerability is already being exploited in the wild to compromise systems. The vendor plans to provide fixes for the CVE-2023-20198 and … Continue reading