27.01.2026

Heise Security 27.01.2026 03:03
Außer der Reihe veröffentlicht Microsoft Updates nur, wenn es brennt. Das tut es bei Office sowie Microsoft 365 Apps for Enterprise.

Heise Security 26.01.2026 16:40
Die gut zwanzig Lücken finden sich im Access Manager, der Registriereinheit und im Exos-Server für Unternehmens-Schließsysteme. Der Meldeprozess dauerte Jahre.

Krebs Security 26.01.2026 16:11
The cybercriminals in control of Kimwolf — a disruptive botnet that has infected more than 2 million devices — recently shared a screenshot indicating they'd compromised the control panel for Badbox 2.0, a vast China-based botnet powered by malicious software that comes pre-installed on many Android TV streaming boxes. Both the FBI and Google say they are hunting for the people behind Badbox 2.0, and thanks to bragging by the Kimwolf botmasters we may now have a much clearer idea about that.

CSO Online 26.01.2026 15:14
Microsoft gave Windows users’ BitLocker encryption keys for to US law enforcement officers, providing access to encrypted data, according to a news report.
The US Federal Bureau of Investigation approached Microsoft with a search warrant in early 2025, seeking keys to unlock encrypted data stored on three laptops in a case of alleged fraud involving the COVID unemployment assistance program in Guam. As the keys were stored on a Microsoft server, Microsoft adhered to the legal order and handed over the encryption keys, Forbes reported on Friday.

CSO Online 26.01.2026 15:02
Outlook users have reported difficulties with Microsoft’s January Patch Tuesday updates, forcing Microsoft, once again, to patch some of its patches.
Users reported that, after applying the January 13 Windows updates, some applications became unresponsive or encountered unexpected errors when opening files from or saving files to cloud-based storage such as OneDrive or Dropbox. In particular, certain Microsoft Outlook configurations with the PST file containing a users’ messages stored on OneDrive could cause Outlook to hang or lead to sent messages going missing or previously downloaded emails being re‑downloaded.

Heise Security 26.01.2026 13:33
Die CISA warnt vor beobachteten Angriffen auf VMware vCenter, Zimbra, Vite Vitejs, Versa Concerto und Prettier.

Golem 26.01.2026 12:20
Einige Admins haben die Management-Schnittstellen ihrer VMware-Instanzen exponiert. Über 90 Prozent davon sind laut BSI nicht einmal gepatcht. (VMware, Virtualisierung)

Schneier on Security 26.01.2026 12:04
This is coming:
The Irish government is planning to bolster its police’s ability to intercept communications, including encrypted messages, and provide a legal basis for spyware use.

The Hacker News 26.01.2026 11:55
Security failures rarely arrive loudly. They slip in through trusted tools, half-fixed problems, and habits people stop questioning. This week’s recap shows that pattern clearly.
Attackers are moving faster than defenses, mixing old tricks with new paths. “Patched” no longer means safe, and every day, software keeps becoming the entry point.
What follows is a set of small but telling signals.

Heise Security 26.01.2026 09:49
Ein Sicherheitspatch schützt PCs mit IBM Db2 Big SQL vor möglichen Attacken.

Heise Security 26.01.2026 08:51
Microsoft hat am Wochenende ungeplante Updates nachgelegt. Sie korrigieren Fehler der Januar-Patches und bringen neue Boot-Zertifikate.

Golem 26.01.2026 08:15
Die Liste der Probleme mit den Januar-Updates für Windows wird immer länger. Einige Rechner lassen sich wohl nicht mehr fehlerfrei starten. (Windows, Microsoft)