Archive for the ‘Security Solution’ Category

Arbeitsgruppe Kritische Infrastrukturen (AG KRITIS) – neue Version des IT Sicherheitsgesetz 2.0 aufgetaucht

Samstag, November 21st, 2020

Arbeitsgruppe Kritische Infrastrukturen (AG KRITIS) – neue Version des IT Sicherheitsgesetz 2.0 aufgetaucht

Software AG – Malware Infektion bei internen Systemen und bislang konnte der Befall noch nicht restlos eingedämmt werden

Freitag, Oktober 9th, 2020

Microsoft Windows Server 2008 R2 and above – ‚Zerologon‘ unauthenticated domain controller compromise by subverting Netlogon cryptography (CVE-2020-1472)

Montag, September 21st, 2020

‚Zerologon‘ – may allow an attacker to take advantage of the cryptographic algorithm used in the Netlogon authentication process and impersonate the identity of any computer when trying to authenticate against the domain controller. From there a variety of other attacks including but not limited to disabling security features, changing passwords, and essentially taking over the domain controller are possible.

Deploy the August 11th updates to all applicable domain controllers (DCs) in the forest including read-only domain controllers

VMware Network Security – delivers distributed firewalling and advanced threat protection for users, applications, and data across multi-cloud environments

Dienstag, September 15th, 2020

Bundesamt für Sicherheit in der Informationstechnik (BSI) – Untersuchungsbericht zum Verschlüsselungsprogramm ‚TrueCrypt‘ offengelegt

Samstag, August 22nd, 2020

SourceForge Eraser 6.2.0.2990 – is a secure data removal tool for Windows it completely removes sensitive data from your hard drive by overwriting it several times with carefully selected patterns

Samstag, August 15th, 2020

Schuhversand Spartoo – muss € 250.000,- zahlen wegen vieler DSGVO Verstöße

Donnerstag, August 6th, 2020

Fresenius Medical Care – Patientendaten in Serbien veröffentlicht bedingt durch Ransomware ‚Snake‘

Samstag, Mai 23rd, 2020

YouTube – Phishing

Sonntag, März 29th, 2020

Microsoft Windows 10 & Windows Server 2019 – Guidance for Disabling SMBv3 Compression

Donnerstag, März 12th, 2020

The vulnerability exists in a new feature that was added to Windows 10 version 1903 older versions of Windows do not support SMBv3.1.1 compression

 

You can disable compression to block unauthenticated attackers from exploiting the vulnerability against an SMBv3 Server with this PowerShell command line

Set-ItemProperty -Path „HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\
P
arameters“ DisableCompression -Type DWORD -Value 1 -Force

You can disable the workaround with this PowerShell command line

Set-ItemProperty -Path „HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\
Parameters“ DisableCompression -Type DWORD -Value 0 -Force

Google Chrome – Privates Surfen wenn Sie nicht möchten dass Ihre Aktivitäten gespeichert werden können Sie im Inkognitomodus surfen

Samstag, März 7th, 2020

Drücken Sie  Strg + Shift + n  damit können Sie im Inkognitomodus surfen

 

Cisco Security Advisories – the Security Vulnerability Policy contains instructions for obtaining fixed software and receiving security vulnerability information

Montag, Januar 27th, 2020

Security Advisories – the Security Vulnerability Policy this document also contains instructions for obtaining fixed software and receiving security vulnerability information

Maastricht University (UM) – is currently working day and night on solutions for the major ransomware attack which occurred on Monday, 23 December 2019

Sonntag, Dezember 29th, 2019

Bad Homburg Stadtverwaltung – hat ihre IT-Systeme nach eigenen Angaben wegen einer Schadsoftware heruntergefahren

Donnerstag, Dezember 19th, 2019

Let’s Encrypt – is a free automated and open Certificate Authority (CA)

Freitag, September 6th, 2019

Let’s Encrypt  – make it possible to set up an HTTPS server and have it automatically obtain a browser-trusted certificate without any human intervention