Blogs
Links
Archives
Categories
Social networks
Awards
Sponsors
(Paypal-Donations)Recent Comments
- fengo fumar on FRITZ!Box: Entering the URL fritz.box suddenly redirects to an external page
- guenni on Windows Server: Fix for (Kerberos) LSASS memory leak through March 2024 updates
- Antonio Mourao on Problems with Microsoft Outlook and Exchange since March 2024 patch day? – Part I
- Andy on Problems with Microsoft Outlook and Exchange since March 2024 patch day? – Part I
- Dean on Windows Server: Fix for (Kerberos) LSASS memory leak through March 2024 updates
Meta
Recent Comments
- fengo fumar on FRITZ!Box: Entering the URL fritz.box suddenly redirects to an external page
- guenni on Windows Server: Fix for (Kerberos) LSASS memory leak through March 2024 updates
- Antonio Mourao on Problems with Microsoft Outlook and Exchange since March 2024 patch day? – Part I
- Andy on Problems with Microsoft Outlook and Exchange since March 2024 patch day? – Part I
- Dean on Windows Server: Fix for (Kerberos) LSASS memory leak through March 2024 updates
Archives
Categories
Meta
Tag Archives: Software
LogoFAIL: Critical vulnerabilities in the UEFI code
[German]There are several critical vulnerabilities in the UEFI code of the firmware of various BIOS/UEFI implementations that could be used to inject malware into a system. The whole thing was already announced by the Binarly REsearch Team on November 29, … Continue reading
Advertising
40 years of Turbo Pascal
[German]I recently recognized that the Turbo Pascal development environment was introduced by Borland 40 years ago. But it completely passed me by. I myself only came into contact with Turbo Pascal around 1987/1988. Today, a brief look back for the … Continue reading
How to find weak passwords in Active Directory and eliminate them with PowerShell
[Sponsored Post]Weak or compromised passwords are a known gateway for attackers. If you are able to identify which users in Active Directory (AD) are threatened by this, then PowerShell can help to remedy it. However, PowerShell scripts cannot eliminate basic AD deficits, other tools are needed for this. More ...
Windows: cURL 8.4.0 update coming on November 14, 2023 patch day
[German]There is a vulnerability in the cURL library and tool in older versions, which was closed by the project on October 11, 2023 with version 8.4.0. Microsoft delivers cURL with Windows, but has not yet updated this version. My understanding … Continue reading
Advertising
VMware vCenter vulnerability CVE-2023-34048 – many systems vulnerable
There is an out-of-bounds vulnerability CVE-2023-34048 in VMware vCenter that leaves systems vulnerable. A security researcher scanned the Internet for accessible and unpatched instances and found numerous systems. Administrators of VMware vCenter installations should ensure systems are patched. Advertising
Vulnerability CVE-2023-5363 in OpenSSL
[German]A vulnerability CVE-2023-5363 was found in the OpenSSL software. The initialization of the encryption key length and the initialization vector in OpenSLL is incorrect. However, a fix is already available for the Linux distributions Debian and Ubuntu. Advertising
Advertising
Cisco: New 0-day vulnerability (CVE-2023-20273) in IOS XE; already being exploited
[German]US vendor Cisco has publicly disclosed another 0-day vulnerability (CVE-2023-20273) in IOS XE as of October 20, 2023. This vulnerability is already being exploited in the wild to compromise systems. The vendor plans to provide fixes for the CVE-2023-20198 and … Continue reading
VMMap v3.4 released
As of October 17, 2023 VMMap v3.4 has been released in Sysinternals Tools. VMMap is a utility for analyzing virtual and physical process memory on Windows. Advertising
Over 32,000 Cisco components compromised via CVE-2023-20198 vulnerability
[German]Short note for users who have Cisco components with IOS XE in use and these components are accessible via the Internet. As of October 16, 2023, Cisco issued a security warning about the 0-day vulnerability CVE-2023-20198, which is unpatched so … Continue reading
Advertising
Warning: WinRAR vulnerability CVE-2023-38831 is exploited by Chinese and Russian hackers
[German]Warning to users of the WinRAR archive program. Various state threat actors from Russia and China are trying to exploit a vulnerability in the WinRAR archiving tool for Windows. Attackers can execute arbitrary code when unpacking archives via the CVE-2023-38831 … Continue reading
Sonicwall: Security updates for SonicOS close nine vulnerabilities
In SonicOS there are several vulnerabilities (buffer overflows) that have received a CVSS index of up to 7.7. Sonicwall has therefore released software updates for SonicOS for their firewalls, that close new vulnerabilities (CVE-2023-39276, CVE-2023-39277, CVE-2023-39278, CVE-2023-39279, CVE-2023-39280, CVE-2023-41711 and … Continue reading