Sicherheitsinfos

Wichtige SicherheitsinformationenHier veröffentlichen wir Sicherheitsinfos und Updateinformationen für Sie.

Da wir täglich in den tiefen des WWW unterwegs sind, finden wir oftmals wichtige Informationen rund um das Thema Sicherheit und bieten Ihnen so die Möglichkeiten, gewissen Gefahren auszuweichen und/oder zu beseitigen.

Leider ist es im Computeralltag so, dass immer gewisse Kreise mehr Informationen über Sie erhalten wollen, als Sie preisgeben wollen. Wir hoffen, Ihnen dadurch bei der Sicherheit Ihrer Systeme behilflich zu sein.

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsCybersecurity researchers have warned of a publicly available fully-functional exploit that could be used to target SAP enterprise software. The exploit leverages a vulnerability, tracked as CVE-2020-6207, that stems from a missing authentication check in SAP Solution Manager (SolMan) version 7.2 SAP SolMan is an application management and administration solution that offers end-to-end...
Zugriffe: 115

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsMore details have emerged about a security feature bypass vulnerability in Windows NT LAN Manager (NTLM) that was addressed by Microsoft as part of its monthly Patch Tuesday updates earlier this month. The flaw, tracked as CVE-2021-1678 (CVSS score 4.3), was described as a "remotely exploitable" flaw found in a vulnerable component bound to the network stack, although exact details of the flaw...
Zugriffe: 116

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsLike it or not, 2020 was the year that proved that teams could work from literally anywhere. While terms like "flex work" and "WFH" were thrown around before COVID-19 came around, thanks to the pandemic, remote working has become the defacto way people work nowadays. Today, digital-based work interactions take the place of in-person ones with near-seamless fluidity, and the best part is that...
Zugriffe: 121

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsAmazon has addressed a number of flaws in its Kindle e-reader platform that could have allowed an attacker to take control of victims' devices by simply sending them a malicious e-book. Dubbed "KindleDrip," the exploit chain takes advantage of a feature called "Send to Kindle" to send a malware-laced document to a Kindle device that, when opened, could be leveraged to remotely execute arbitrary...
Zugriffe: 113

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsMicrosoft on Wednesday shared more specifics about the tactics, techniques, and procedures (TTPs) adopted by the attackers behind the SolarWinds hack to stay under the radar and avoid detection, as cybersecurity companies work towards getting a "clearer picture" of one of the most sophisticated attacks in recent history. Calling the threat actor "skillful and methodic operators who follow...
Zugriffe: 186

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsA relatively new crypto-mining malware that surfaced last year and infected thousands of Microsoft SQL Server (MSSQL) databases has now been linked to a small software development company based in Iran. The attribution was made possible due to an operational security oversight, said researchers from cybersecurity firm Sophos, that led to the company's name inadvertently making its way into the...
Zugriffe: 160

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsA new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and steal credentials belonging to over a thousand corporate employees. The cyber offensive is said to have originated in August last year, with the attacks aimed specifically at energy and construction companies, said researchers from Check Point...
Zugriffe: 162

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsWhen you are a startup, there are umpteen things that demand your attention. You must give your hundred percent (probably even more!) to work effectively and efficiently with the limited resources. Understandably, the application security importance may be pushed at the bottom of your things-to-do list. One other reason to ignore web application protectioncould be your belief that only large...
Zugriffe: 175

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
threatpost.comCisco is stoppering critical holes in its SD-WAN solutions and its smart software manager satellite....
Zugriffe: 237

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
threatpost.comThe company also issued patches for Tesla-based GPUs as part of an updated, separate security advisory....
Zugriffe: 209

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
Heise Sicherheits NewsNetgate hat angekündigt, dass die VPN-Software WireGuard ab sofort in den Entwicklungsbuilds der pfSense Community Edition zur Verfügung steht....
Zugriffe: 226

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
threatpost.comThe attack vector was not the Orion platform but rather an email-protection application for Microsoft 365....
Zugriffe: 228

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsIn January 2019, a critical flaw was reported in Apple's FaceTime group chats feature that made it possible for users to initiate a FaceTime video call and eavesdrop on targets by adding their own number as a third person in a group chat even before the person on the other end accepted the incoming call. The vulnerability was deemed so severe that the iPhone maker removed the FaceTime group...
Zugriffe: 231

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
threatpost.comUsers of dating apps - like Tinder, Match and Bumble - should be on the lookout for investment-fraud scammers....
Zugriffe: 199

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
threatpost.comMystery of spying using popular chat apps uncovered by Google Project Zero researcher....
Zugriffe: 108

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
Heise Sicherheits NewsDie Analyse der Supply-Chain-Taktik der Solarwinds-Angreifer förderte nach "Sunburst" und "Teardrop" nun noch "Sunspot" und "Raindrop" zutage....
Zugriffe: 167

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
Heise Sicherheits NewsDer Bug in Apples XPC-Schnittstelle lässt sich ausnutzen, um erweiterte Rechte zu erlangen, warnt ein Sicherheitsforscher. Abhilfe bringen iOS 14 und macOS 11....
Zugriffe: 153

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
Heise Sicherheits NewsDie Sicherheitssoftware-Firma Malwarebytes wurde kürzlich zum Ziel der SolarWinds-Akteure. Der erfolgreiche Angriff fußte aber auf Microsoft Office 365 & Azure....
Zugriffe: 166

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
Heise Sicherheits NewsMit dem neuen Standard 200-4 modernisiert das BSI den 100-4 Notfallmanagement. Er konzentriert sich auf den Aufbau des Business Continuity Managements....
Zugriffe: 167

Details
Hauptkategorie: IT News aus aller Welt
Kategorie: Sicherheitsinfos
TheHackersNewsMalwarebytes on Tuesday said it was breached by the same group who broke into SolarWinds to access some of its internal emails, making it the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike. The company said its intrusion was not the result of a SolarWinds compromise, but rather due to a separate initial access vector that works by "abusing applications...
Zugriffe: 170

Weiter