Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Software
Unauthorized RCE CVE-2022-28219 in Zoho ManageEngine ADAudit Plus
[German]Security researcher Naveen Sunkavally of Horizon3.ai recently discovered vulnerability CVE-2022-28219. This allows remote code execution without further authentication by the attacker and affects Zoho ManageEngine ADAudit Plus. This is a compliance tool used by enterprises to monitor changes to Active … Continue reading
Azure: Container Escape Vulnerability (CVE-2022-30137) in Microsoft's Service Fabric Closed
[German]Security researchers from Palo Alto Networks have encountered a container escape vulnerability in Microsoft's Service Fabric, which they then named FabricScape. The vulnerability allowed container escapes in Microsoft's Service Fabric, which is commonly used with Azure. Palo Alto Networks has … Continue reading
CISA warning about Log4Shell attacks on VMware Horizon systems (June 2022)
[German]U.S. Cybersecurity & Infrastructure Agency (CISA) issued a strong warning as of June 24, 2022, that the Log4Shell vulnerability disclosed in December 2021 is being targeted by groups to attack unpatched VMware Horizon systems. In one confirmed case of compromise, … Continue reading
Potentially more than 770 million Travis CI API logs compromised
[German]Travis CI is a very popular service among software developers, which is used to create and test many software projects. The service is part of the software supply chain of many software solutions. Moreover, Travis CI's credentials and login information … Continue reading
Adobe Acrobat (Reader) DC 22.001.20142
Adobe has released an update to Adobe Acrobat (Reader) DC to version 22.001.20142 (Windows) and (Mac) as of June 14. This update fixes some bugs according to this description. Download links are provided on the relevant Release Notes page for … Continue reading
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Fake CCleaner search results link to malware (information stealer)
[German]AVAST has discovered a malware campaign (FakeCleaner) in which cybercriminals manipulated search results for a cracked CCleaner Pro in such a way that they acted as malware launchers. If users follow the links of these hits, they download malware onto … Continue reading
Microsoft Graph: Upcoming billing changes
[German]A small note to administrators and developers who are responsible for the use of Microsoft Teams and use a data export via Microsoft Graph from Microsoft Teams. You have noticed that this export will be charged in the future? Whether … Continue reading
0-day vulnerability CVE-2022-26134 in Atlassian Confluence Server fixed
[German]Security researchers from Volexity discovered an actively exploited 0-day vulnerability (CVE-2022-26134) in Atlassian Confluence Server software last weekend. Now Atlassian Confluence has named the affected software versions while providing security updates to close the vulnerability. Administrators should install the security … Continue reading
0-day vulnerability CVE-2022-26134 in Atlassian Confluence Software
[German]Security researchers from Volexity discovered a 0-day vulnerability (CVE-2022-26134) in Atlassian Confluence software over the weekend. This vulnerability is being actively exploited – this is what brought the issue to the attention of the security researchers. Currently, the urgent advice … Continue reading
Vulnerabilities CVE-2022-27507 and CVE-2022-27508 in Citrix ADC and Citrix Gateway
[German]Two vulnerabilities CVE-2022-27507 and CVE-2022-27508 exist in Citrix ADC and Citrix Gateway, for which the vendor has issued a security bulletin. The vulnerabilities discovered in Citrix ADC and Citrix Gateway allow attackers to launch a distributed denial-of-service (DDoS) attack. The … Continue reading