Social networks
Awards
MVP:
2013 – 2016
WIMVP:
2017 – 2020
Tag Archives: Software
Microsoft Teams: Vulnerability allowed account takeover
[German]Microsoft had to additionally secure its Team Client after security researchers had found a vulnerability. The display of a GIF image could be misused by attackers to take over accounts. Microsoft has since taken measures to prevent this type of … Continue reading
0-day vulnerability in Sophos XG Firewall under attack
[German]After experiencing issues with Sophos XG Firewall v18 MR1, the software has been pulled. And now there are reports that the Sophos XG Firewall is being attacked via 0-day exploits. Sophos has released an emergency patch to close the vulnerability. … Continue reading
Backdoor: NSA and ASD warn of vulnerabilities
[German]The US secret service NSA and the Australian secret service have issued a joint warning. Hackers are increasingly trying to exploit unpatched vulnerabilities in products to infiltrate systems via web shell malware.
Cisco AnyConnect Secure Mobility Client Vulnerability CVE-2020-3153
[German]The Windows version of Cisco AnyConnect Secure Mobility client has a vulnerability in it's auto update, that can be misused for privilege escalation. A patch is available.
Four 0-day Exploits in IBM Data Risk Manager
[German]Security researchers have just revealed four unpatched vulnerabilities in IBM Data Risk Manager. The vulnerabilities were reported to IBM, but IBM rejected the report due to lack of formal requirements. Three vulnerabilities are considered critical.
Why ISL Online: Critical factors when choosing a remote desktop solution
[Sponsored Post]In the rapidly evolving IT world, choosing the right remote desktop software is critical for organizations that value security, ease of use and reliability. One provider of secure remote access that has been on the market since 2001 is ISL Online, which presents some considerations for choosing such software below. More ...
Microsoft Security Advisories April 14, and 21, 2020
[German]Microsoft has published Security Advisories for a critical RCE vulnerability (CVE-2020-0905) in Microsofts Dynamics Business Central. And there are security advisories for an update to the Autodesk FBX Library and for an OpenSSL Remote Denial of Service vulnerability.
Posted in Security, Software, Update
Tagged ADV200004, ADV200007, CVE-2020-0905, Security, Software
Leave a comment
RCE vulnerability in Foxit PDF Reader and PhantomPDF
[German]A remote code execution vulnerability exists in the two PDF programs Foxit PDF Reader and PhantomPDF. However, the vendor has already released updates to close the critical vulnerability – I had pointed this out. Now some more details have become … Continue reading
Security update Foxit Reader 9.7.2
[German]The developers have each released a security update for the Foxit Reader and theFoxit PhantomPDF, updating the software to version 9.7.2.29539. A critical RCE vulnerability is fixed in conjunction with the DocuSign plugin. More details can be found at deskmodder.de. … Continue reading
Fix for critical VMWare vCenter Server vulnerability CVE-2020-3952
[German]There is a critical vulnerability CVE-2020-3952 in VMWare vCenter Server for which the vendor has now released a security update.
Posted in Security, Software, Virtualization
Tagged CVE-2020-3952, Security, Software, Update, Virtualization, VMware
Leave a comment
Sandboxie is now Open Source
[German]Sophos, the owner of the software sandbox, has just announced that the tool has now been released as open source. The open source release was announced in September 2019.