Once again, a flaw has surfaced in Microsoft Office that allows attackers to remotely execute malicious code on the systems of attacked users using manipulated documents. Known as Follina, CVE-2022-30190 has been known for years, but Microsoft has not fixed it to date. Greenbone has added an appropriate vulnerability test to their feeds to detect […]
! Update February 23, 2026 The Greenbone AG team is excited to announce that our organization has fully passed its latest TISAX audit, which started in 2025. This means our Information Security Management System (ISMS) continues to be TISAX certified — maintaining the highest IT security standards. Greenbone is now a TISAX participant and its […]
The German Federal Office for Information Security warns about the use of antivirus software from the Russian manufacturer Kaspersky. No surprising, since security is a matter of trust. Security software even more so. In the course of the war in Ukraine, a closed-source provider like Kaspersky is hit at its weakest point. Because its customers […]
Hardly any other topic is currently as present as the war in Ukraine, which is claiming numerous civilian and military victims. But in today’s interconnected and digitized world, the threat is not only military attacks, but is also expanding into cyber space. According to the Institute for Economics and Peace (IEP), cyber attacks on Ukraine […]
We are proud to have received ISO certification of our management systems for the aspects of quality (ISO 9001) and information security (ISO 27001) at the end of 2021. Our success makes us grow, and our growth promotes structure and processes. That is why we actively accompany the creation of structures and processes even more […]
Log4j was affected by a vulnerability that allowed Remote Code Execution (RCE) attacks. In short, user inputs into a software could lead to a code execution on a remote server. This represents a severe security risk. It was named “Log4Shell” (CVE-2021-44228) and immediately addressed by the Log4j team, who provided a fix. In the following […]
Greenbone’s vulnerability management finds applications with Log4j vulnerabilities in systems that definitely need to be patched or otherwise protected. Depending on the type of systems and vulnerability, these can be found better or worse. Detection is also constantly improving and being updated. New breaches are found. Therefore, there may always be more systems with Log4Shell […]
Update from 2021-12-20: information about additional vulnerabilities found for Log4j can be found here. Update from 2021-12-20: vulnerability tests for products running on Microsoft Windows are now available. Note: The tests check the existence of Log4j and its version. A separate vulnerability test may not be available for each affected application, but all Log4j files […]
Update from 2021-12-20: information about additional vulnerabilities found for Log4j can be found here. Update from 2021-12-15: the most important FAQ about the Log4j vulnerability detection with Greenbone can be found here. A critical vulnerability (Log4Shell, CVE-2021-44228) in the widely used Java library Log4j has been discovered. Greenbone has integrated local security checks and active […]
SiSyPHuS Win10 is a project of the German Federal Office for Information Security (BSI). Based on an analysis of the security-critical functions in the operating system Microsoft Windows 10, recommendations for action to harden it were developed. These recommendations are now also part of the Greenbone Security Feed in the form of a compliance guideline […]
