Yesterday and today I’ve noticed the author malvuln1. He has uncovered vulnerabilities for 14 malware and backdoor applications. Yes, you are correct: He has found vulnerabilities in malware and backdoors, practically with proof-of-concepts to reproduce. No need to emphasise, that’s all Windows malware we’re talking about. There is no indication whether he contacted the respective vendors of the affected “software” prior to his full disclosure. Also missing are CVE2 reference numbers and CVSS3 Scores. Read more

Tomorrow I will give a short presentation for the DigiNet Südwestfalen December, 1st 2020, 08:30 am on my Conferencing-Server Topic: “Security of Conferencing Software” giving Stakeholders and Decision-Makers Orientation for risk-assesment. This is a non-public event. Please register via Sonja Pfaff on the DiginetSWF Website. About DigiNet Südwestfalen: In early 2019, the Transferverbund Südwestfalen started to track down service providers and networks active in the field of digitalization in South Westphalia as part of the NRW. Read more

Within just a few days, the German EU Representation warns people about phishing emails.1 This is the 4th warning regarding data theft since July 20202 by Reinhard Hönighaus, press spokesman and head of the press and media office. Obviously there is an urgent need for action. In his current warning dated 26.11.2020, only two days after the previous one, he identifies T-Online users as targeted by phishing mails and also provides the explanation: Read more

Due to a vulnerability (CVE-2020-3419), attackers could join Webex meetings without being listed in the participants list. Hidden as a “ghost” from the other participants, attackers could eavesdrop on audio and video content. This is what Heise writes in his article today.1 But this is only possible (…) if attackers have access to meetings in the form of shared links and a password. Sounds quite trivial, but it isn’t. Read more

What a pity, this is exactly the scenario I first expected for Microsoft. But I’m not really surprised that Apple is now ahead, what happened? The ocsp.apple.com server was apparently down and/or unreachable between yesterday and today1. Unfortunately macOS tries to reach it every time an app is opened to check if a certificate has expired2 or an app has been retracted or some more magic. Of course this is not transparent, closed-source and therefore not verifiable. Read more