Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Software
Apache Superset: CVE-2023-27524 allows Remote Code Execution (RCE)
[German]Brief note for users who deploy Apache Superset in their environment. There is a problem in the default configuration that the software can be attacked via remote code execution vulnerability. This becomes a problem if the server is accessible via … Continue reading
Parallels RAS licenses expire on April 24, 2023; reactivation required
[German]Brief note for administrators who use Parallels RAS (Remote Application Server). If the "big bang" breaks out on April 24, 2023 because the Parallels RAS refuses to work, it's probably not your fault. It looks like the vendor "screwed up" … Continue reading
Additional information about the compromised 3CX desktop app
[German]The 3CX Desktop app from phone system provider 3CX was infected with malware via supply chain attack. As a follow-up, I have some additional information. For example, the incident has now been confirmed by 3CX and both Cyble and Kasperky … Continue reading
Citrix Cloud Connector May 2023 upgrade requires new DigiCert G4 root and intermediate certificates
[German]Brief note for administrators who are responsible for the deployment of the Citrix Cloud Connector. Normally, there is no need to worry about an update of this connector. However, in early May 2023, there is a connector update that administrators … Continue reading
March 2023: What's going up with AnyDesk?
[German]I'm picking up on a topic and posting it here on the blog for information purposes with a request for feedback from those affected. It's about the provider AnyDesk and its remote maintenance software of the same name. A reader … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
3CX desktop app (probably) infected in a supply chain attack (March 29, 2023)
[German]Warning to customers of phone system provider 3CX. Its 3CX Desktop app has probably been infected with malware via a supply chain attack. At least, that's what various reports from security companies as well as posts on reddit.com suggest. Here's … Continue reading
NoSpamProxy version 14.0.5 released – update!
[German]Short note for users who use NoSpamProxy to filter mails. The developers have released version 14.0.5 – those who still have an older version installed should update. The background is that the provider Cyren discontinues its services.
Vulnerabilities in Bitwarden password manager browser extension can reveal passwords
[German]Users of the Bitwarden password manager run into the risk of the auto-fill feature leaking credentials when visiting websites. Malicious websites could steal credentials via an IFRAME embedded in trusted pages and send them to an attacker.
Veeam fixes critical vulnerability CVE-2023-27532 in Backup & Replication V11a/V12
[German]A small note for users of the backup software from the manufacturer Veeam. As of March 7, 2023, Veeam has fixed a critical vulnerability (CVE-2023-27532) in its Backup & Replication product in versions V11a/V12 via an update. The update via … Continue reading
Fortinet March 2023 Security Advisory
[German]Administrators of Fortinet's FortiOS and FortiProxy must become active. The manufacturer has published various security advisories for different products as of March 7, 2023. Among other things, a DoS vulnerability CVE-2022-45861 in FortiOS and FortiProxy are addressed. Some of the … Continue reading