Category Archives: Security

Can an AI like DeepSeek create malware and keyloggers?

Posted on 2025-03-22 by guenni

[German]Security experts are wondering whether large language models (LLMs), commonly known as AI solutions (AI), can be misused to create malware or keyloggers. Security researchers have tested this with the Chinese AI solution DeepSeek and were able to circumvent the … Continue reading

Posted in Security, Software | Tagged , | Leave a comment

Progress Kemp LoadMaster (Load-Balancer) vulnerability CVE-2025-1758 (March 2025)

Posted on 2025-03-21 by guenni

[English]Short addendum and note for administrators who use the load balancer LoadMaster from Progress Kemp. As of March 10, 2025, the provider has announced that the vulnerability CVE-2025-1758 has been closed by a security update.

Posted in Security, Software | Tagged , | Leave a comment

Windows shortcut exploit used by state hackers as a 0-day since 2017

Posted on 2025-03-21 by guenni

[German]Security researchers from the Trend Micro Zero Day Initiative (ZDI) point to a 0-day vulnerability ( ZDI-CAN-25373) in Windows, which has probably been exploited by 11 state-supported hacker groups from North Korea, Iran, Russia and China since 2017. Microsoft rated … Continue reading

Posted in Security, Windows | Tagged , | Leave a comment

Veeam Backup & Replication RCE vulnerability CVE-2025-23120

Posted on 2025-03-19 by guenni

[German]Warning for users of Veeam Backup & Replication. Vendor Veeam has informed it's customers on March 19, 2025 about a Remote Code Execution (RCE) vulnerability CVE-2025-23120 in various versions of the mentioned product. It can be abused in domain joined … Continue reading

Posted in Security, Software | Tagged , , , , | Leave a comment

Amazon Echo will send everything you say to Amazon servers from March 28, 2025

Posted on 2025-03-19 by guenni

[German]The Amazon Echo smart speaker can also recognize voice commands. There are now reports that the device will send everything spoken to Amazon servers from March 28, 2025. This is said to have been announced to owners in the USA … Continue reading

Posted in devices, Security | Tagged , | Leave a comment

Data protection problems at 45% of healthcare organizations

Posted on 2025-03-18 by guenni

[German]Data protection is a critical item in healthcare organizations. It's not always solved in "the best way". Back in November 2024, I came across a study dealing with data protection in the healthcare sector. The frustrating statement: "45% of healthcare … Continue reading

Posted in Security | Tagged | 1 Comment

Microsoft Update Catalog: Security risk due to privilege escalations (CVE-2024-49147)

Posted on 2025-03-18 by guenni

[English]I'm posting another security alert here on the blog that I've had since mid-December 2024 but has "stuck". There was a critical vulnerability CVE-2024-49147 in the Microsoft Update Catalog that allowed privilege escalations in the Microsoft Update Catalog. This vulnerability … Continue reading

Posted in Security, Update, Windows | Tagged , , | Leave a comment

Cybersecurity comparison Europe / USA: More incidents in Europe

Posted on 2025-03-17 by guenni

[German]I still have a report from the security researchers at CyberNews from the end of 2024, which looked at cyber security at companies in Europe and the USA. The surprising finding for me was that European companies suffer more security … Continue reading

Posted in Security | Tagged | 1 Comment

Tarlogic Security detects unknown commands in ESP32 chip (BlueTooth, WiFi)

Posted on 2025-03-16 by guenni

[German]A very unpleasant story that security researchers from Tarlogic Security have just revealed. There is a set of unknown commands that could be misused as a backdoor in a popular chip that has been built into millions of devices to … Continue reading

Posted in devices, Security | Tagged , , | 1 Comment

Exchange Online and MS365 problems due to vulnerability? (March 2025)

Posted on 2025-03-15 by guenni

[German]Microsoft has been struggling with disruptions to its Microsoft 365 services and Exchange Online since February 2025, but is keeping quiet about the cause. I have received information that a bug or vulnerability in Microsoft Exchange Online has led to … Continue reading

Posted in Cloud, issue, Security, Software | Tagged , , , | 2 Comments