Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Software
0-day attack via Zoho vulnerability; patching is required
[German]The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns that hackers are exploiting a critical vulnerability in Zoho's password management solution ManageEngine ADSelfService Plus. The vulnerability allows attackers to take control of the system. The vendor has provided a security … Continue reading
GhostScript 0-day vulnerability allows server compromise
[German]An unpatched vulnerability exists in GhostScript (up to v 9.50) that allows privilege escalation. Servers running the ImageMagick program are particularly at risk. These could be taken over by attackers. The vulnerability was discovered a year ago, but allegedly not … Continue reading
SQL Server Migration Assistant (SSMA) v8.22
Microsoft has released SQL Server Migration Assistant (SSMA) v8.22. SQL Server Migration Assistant (SSMA) is a suite of 5 tools for automating migrations from Oracle, Access, DB2, MySQL and SAP ASE (formerly SAP Sybase ASE) to Microsoft SQL.
SteelSeries software enables admin rights (LPE) on Windows
[German]After the Razer case, the next clunker has now come to light. After it became known that standard users can become administrators with Razer mice via the driver installation, a security researcher took a closer look at the SteelSeries device … Continue reading
Azure AD Connect 2.0.10.0 released as Hotfix
[German]Brief note to administrators who are also responsible for Microsoft Azure. Microsoft has released Azure AD Connect 2.0.10.0. This is intended as a hotfix to work around issues that occur when renaming a domain.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Kaseya: Decryption key revealed, backup update closes vulnerabilities
[German]Small article at the end of the week, concerning the US vendor Kaseya. After the supply chain attack on Kaseya RMI software and encryption of numerous customer systems, a decryption key has surfaced in an underground forum. In addition, a … Continue reading
Microsoft Security Update Summary (August 10, 2021)
[German]On August 10, 2021, Microsoft released security updates for Windows clients and servers, for Office, etc. – as well as for other products – were released. Below is a compact overview of these updates released on the August 2021 patchday.
Free Software Foundation considers Microsoft's GitHub Copilot unfair and not legal
[German]Does Copilot, the AI solution launched by Microsoft on GitHub for embedding code snippets (e.g., in Visual Studio code), violate fair use and the rights of code developers? The nonprofit Free Software Foundation has just raised some questions about the … Continue reading
Security Updates for Cisco Intersight Virtual Appliance
[German]Several vulnerabilities (CVE-2021-1600, CVE-2021-1601) exist in IPv4 and IPv6 forwarding in the Cisco Intersight Virtual Appliance. These vulnerabilities could allow an unauthenticated, adjacent attacker to access sensitive internal services through an external interface. However, Cisco has since provided security updates … Continue reading
SolarWinds patches critical Serv-U vulnerability (July 2021)
[German]US Vendor SolarWinds, hacked in 2020 and allowing attackers to infiltrate thousands of customer systems via Orion software, has now closed a 0-day vulnerability in Serv-U with an update. The remote execution vulnerability CVE-2021-35211, which occurs in the file transfer … Continue reading