News from the KW30.2025

Here we are again: Nine contributions from week 21.7 – 27.7 (KW30-2025) my favourites from hundreds of easily digestible prepared, two Contributions from it are refined with all sorts of opinions – just like the "Wews of the Week" from top to bottom and left to right.

Whatsapp advertising | SharePoint ToolShell | Brave VS recall | Intel Chipfab Magedeburg | Atari 2600+ | Broadcom lawsuit | Sysadmin Day | Brother printer firmware | Google AI Search

Article 1

Meta explains the world to you: Advertising on Whatsapp is ‘part of the user experience’

From now on in your iPhone (and soon also on Android) more precisely in the area News, where so far status messages and channels can be found. Private chats, groups and calls should remain ad-free. It is not yet known if / how to disable this advertising.

Mondays I can puke fits perfectly to this headline. The Tagesschau I had already heard about the original announcing It was written by Meta, but somehow it completely passed me by.
Since this morning it seems that the first iPhone users to "enrich" and accordingly this should also dominate today's news topic.

On Twitter/X it is already hotly debated, although so far only Apple Beta users can enjoy this experience.

Allegedly, so far, advertising is displayed both in the status and in various promoted channels. The Android beta app also seems to be in the starting blocks and the Page for companies is also available as a placeholder in German.

So at the moment only the hope remains that crushing feedback from the users may cause a rethink or distraction. Otherwise, it will this conversation soon After a few short spots Continued? ⁇

---

Article 2

Sharepoint OnPrem? Open your eyes, ToolShell Exploit!

Critical SharePoint vulnerability: The ToolShell attack on businesses and public authorities

Overview of the threat

A new, serious security vulnerability in Microsoft SharePoint is currently shaking the IT landscape worldwide. The vulnerability known as ToolShell (CVE-2025-53770 | EUVD-2025-21981) was rated with the highest criticality level of 9.8 out of 10 and is already actively exploited by cybercriminals. Microsoft confirmed in a blog post on Saturday that an attack wave is currently underway.

What is ToolShell?

ToolShell is a critical vulnerability in on-premises SharePoint installations that allows attackers to gain control of servers without authentication. Vulnerability CVE-2025-53770 is a Remote Code Execution (RCE) vulnerability caused by unsafe deserialization of untrusted data in on-premises SharePoint servers.

The threat is based on a combination of several vulnerabilities:

• CVE-2025-53770: The main gap for remote code execution
• CVE-2025-53771: A spoofing vulnerability
• CVE-2025-49706 and CVE-2025-49704: Related Vulnerabilities That Already Exist in the May 2025 at Pwn2Own Demonstrations were held in Berlin.

Scope of attacks

The dimension of the current wave of attacks is worrying:

Organisations concerned

The wave of attacks has already compromised more than 75 corporate servers, while more than 50 organizations have been affected by the attacks. Eye security scanned over 8,000 SharePoint servers worldwide and found dozens of already compromised systems. German companies and authorities are particularly affected. Cybercriminals attacked more than 30 German institutions over the weekend. The attacks have a connection to Russia.. Other media Presumably China as a source.

International dimension

International security experts and agencies such as the BSI and the US CISA Reports from concrete attacks productive systems around the world. The U.S. Cybersecurity Agency (CISA) added CVE-2025-53770 to its catalog of known exploited vulnerabilities on July 20, 2025.

Technical details of the attack

Method of attack

The attacks concatenate CVE-2025-49706 (a spoofing vulnerability) with CVE-2025-49704 to allow arbitrary command execution on vulnerable instances. The vulnerability allows remote adoption of the SharePoint server with a single HTTP request.

Systems concerned

It is important to understand that SharePoint Online, as operated under Microsoft 365, is not affected. The vulnerability only affects locally-operated SharePoint installations. Presumably because cloud services run in isolated VM environments and local installations, on the other hand, more often directly on server operating system installations.

Attacker targets

When attackers successfully exploit ToolShell vulnerabilities, they can gain MachineKey configuration details from SharePoint servers, as well as full access to SharePoint content, including file systems and internal configurations. Possession of these cryptographic machine keys allows attackers to forge authentication tokens and maintain access even after a server patch.

Microsoft's response and available patches

First aid measures

Since no patches were initially available, Microsoft recommended drastic immediate action. Companies have been advised to isolate or completely shut down their SharePoint servers from the Internet to prevent further attacks. The first patches were rolled out on Sunday.
Since Monday/Tuesday also respond Providers such as Cloudflare With countermeasures, however, they only help if you use their WAF.

Patch status

Microsoft confirmed active usage and is releasing patches for some SharePoint Server software variants. However, there is a serious problem: Microsoft has provided patches for some versions, but not for SharePoint 2016 until Monday evening – although this version is still in use by many authorities, medium-sized companies and institutional environments. Since additional measures are required, even where updates are available such as key rotation, IIS restart, manual checks for compromise, this could draw further circles.

Impacts and risks

Data security

The vulnerability puts highly sensitive company data at risk. SharePoint is often used for managing confidential documents, intranet appearances, project management, task management, business intelligence, or even sharing other critical information in the team.

Persistence of the threat

Particularly troubling is the fact that even after patching, attackers can still retain access if they have already captured the system's cryptographic keys. ASP.Net Machine Key Rotation is therefore absolutely necessary.

Companies and authorities affected

What we know so far: Servers of dozens of companies and even two US authorities have already been attacked via this SharePoint gap in terms of critical infrastructure and government security. Thousands of possible installations are potentially affected.

As of Sunday noon, 27.07, the numbers Significantly increased again. More than 400 companies are now affected.

Recommendations for organisations

Emergency measures

1. Inventory: Verify all on-premises SharePoint installations
2. isolation: Temporary separation of critical SharePoint servers from the Internet
3. monitoring: Enhanced monitoring for signs of compromise
4. Patch management: Immediate installation of available security updates

Long-term strategies

1. Migration to cloud services: Consider migrating to SharePoint Online (Microsoft 365) or at least isolation through virtualization
2. Incident response: Preparation of contingency plans in case of compromise
3. Security awareness: Training IT teams on current threats

Conclusion and outlook

The ToolShell vulnerability is one of the most serious security threats to SharePoint users in recent years. Since July 18, 2025, SharePoint servers around the world have been attacked by these vulnerabilities, underscoring the urgency of safeguards. Similar security vulnerabilities They were also discovered just a few months ago and could be related to the current one.

It is not the technical complexity alone that raises questions, but the now almost ritualised recognition that Microsoft's cloud offerings are regularly ‘accidentally’ spared from these problems. This raises strategic questions about the future of local SharePoint installations.

Organizations must act now: The combination of the high criticality of the vulnerability, the already occurring attacks and the incomplete patch coverage makes immediate protections essential. The events surrounding ToolShell could be a turning point that is driving many organizations to fundamentally rethink their SharePoint strategies and increasingly rely on cloud-based solutions. Whether this is good in the long term or alternative solutions would generally be better, the future will show.

---

Article 3

Brave Browser blocks observation!

Brave Browser vs Microsoft Recall: Privacy by design in practice

At a time when digital privacy is becoming increasingly important, the Brave browser This is a clear sign against Microsoft's controversial recall function. With version 1.81, Brave introduces a standard blocking of the screenshot function, which has caused discomfort for many users and data protectors.

What is Microsoft Recall?

Microsoft Recall is an AI-powered feature first introduced in May 2024. The feature automatically takes screenshots of the active windows every few seconds, analyzes them and saves them in a local database. Originally developed for Copilot+ PCs, the feature is intended to help users find previous activities on their computer.

The feature was controversial from the start, as it could continuously capture screen content and thus document sensitive information such as private chats, credit card information or personal documents.

After massive criticism, Microsoft pulled the function First of all back and revised it fundamentally. The new version comes with improved security features and is designed as an opt-in feature, but is still in the preview phase.

Brave's proactive solution:

Starting in version 1.81 for Windows users, Brave browser will block Microsoft Recall from automatically taking screenshots of your browsing activity.

Brave is the first major browser to disable Microsoft Recall by default and makes a clear statement for protecting user privacy. The technical implementation is elegant and well thought out: Brave signals to the operating system that each tab should be treated as a private tab. As a result, no screenshots are taken by Recall without affecting normal screenshot functions of the system. This distinguishes Brave from other applications such as Signal, which prevent recall by completely blocking all screenshots.

Flexibility for users

Despite the standard blockade, Brave keeps an eye on users' freedom of choice. If you still want to use Microsoft Recall, you can block it in the settings under "Privacy and Security" or directly via

brave://settings/privacy

Disable in the browser address bar. This solution shows that data protection and user control can go hand in hand.

Industry-wide movement

Brave is not alone in his decision. Signal has this as well. already implemented AdGuard also has similar measures announced:

The decision was made due to a ‘privacy concern,’ and ‘the very idea of background screen captures is unsettling’.

This coordinated response from privacy-focused software developers shows that recall concerns have gone far beyond individual companies and sparked an industry-wide discussion about digital privacy.

The greater importance

Brave’s decision is more than just a technical measure – it is a statement. In a digital landscape where data collection is often the norm, the browser shows that privacy by design must not only be a buzzword, but can be actively implemented.

The reaction also illustrates a fundamental problem of modern software development: While Microsoft promotes Recall as a helpful feature, many users and developers see it as an unnecessary invasion of privacy. The fact that several companies are proactively implementing safeguards shows that trust in such features is not yet there.

conclusion

With the blocking of Microsoft Recall, Brave is once again proving why the browser is so popular with privacy-conscious users. The implementation is technically elegant, respects the user's decision and sets a clear signal for digital privacy.

While Microsoft continues to at the Improvement of recall Through browsers such as Brave, users have the opportunity to decide for themselves what data they want to disclose. At a time when digital surveillance seems to be becoming ubiquitous, such proactive safeguards are more important than ever.

The development also shows that the market for privacy-focused software continues to grow and companies like Brave play an important role in maintaining the balance between innovation and data protection.

---

Article 4

Intel abandons plans for Chipfabrik Magdeburg

The final end for the new Intel Fab in Magdeburg – A long-planned billion-dollar project fails on the finish line

The project that promised hope for Germany as a high-tech location. It should be Largest Settlement Project in Decades for Saxony-Anhalt: A state-of-the-art chip factory of the US technology giant Intel in Magdeburg, which should bring about 30 billion euros in investment volume and about 3,000 direct jobs. After years of back and forth, it is now finally clear: The ambitious project is history.

The final cancellation in July 2025

In July 2025, Intel officially made the decision, which had been feared for months: The group is finally abandoning its plans for the chip factory in Magdeburg. This is not only a billion-dollar project, but also the hope of thousands of new jobs in the region.

The news hit politics and business hard in Saxony-Anhalt, even though the signs had already condensed in recent months. Already in September 2024 Intel had initially put the project on hold and postponed a decision to 2026. Then came the final end.

Economic crisis as the main reason

The reasons for Intel's withdrawal lie in the company's massive economic problems. The chip company is struggling with significant losses – in the last quarter alone, the company recorded a loss of 2.9 billion dollars.

Under the leadership of CEO Lip-Bu Tan, Intel is now pursuing a strict austerity policy and is cutting jobs worldwide. In this context, the planned billion-dollar investments in Europe can no longer be financed. In addition to Magdeburg, planned plants in Poland were also cancelled.

A long road full of hopes and setbacks

The history of the Intel project in Magdeburg was marked by uncertainties from the beginning. Already during the planning phase there were always delays and postponements. The opening, originally planned for 2025, has been postponed several times.

Particularly bitter: The infrastructure was already partially prepared. A special feeder road for the Intel site was built for four million euros, although nothing was already visible from the chip manufacturer. The site, which was originally intended for the factory, is now used for agriculture again – maize is growing where high-tech production was once supposed to be.

Impact on the region

The failure of the Intel project has far-reaching consequences for Saxony-Anhalt:

Economic impact:

• Loss of 3,000 planned direct jobs
• Elimination of a €30 billion investment
• Uncertainty for suppliers who had already made investments

Policy responses: Prime Minister Reiner Haseloff described the Intel cancellation as a "brave setback for Saxony-Anhalt and Europe". At the same time, the state government emphasizes that it wants to build on the industrial policy foundations created.

Stakeholders concerned:

• Trainees who have already been trained for Intel-specific occupations
• Suppliers such as Mercury, who had established their own production facilities in the region
• Otto von Guericke University Magdeburg, which had advanced its semiconductor profiling

What now? Hope for new investors

Despite the disappointment, those responsible in Magdeburg do not give up. Mayor Simone Borris and other decision-makers hope to attract other investors to the region. The prepared site and the infrastructure already created could well be interesting for other industrial projects.

IG Metall also emphasizes that Saxony-Anhalt should build on the established industrial policy foundations. The skills and prerequisites for high-tech settlements are still in place.

A lesson on industrial policy

The failure of the Intel project raises fundamental questions about German industrial policy. Critics see this as an example of the risks associated with billion-dollar subsidies for international corporations. Almost €10 billion in tax money was earmarked for funding – money that will not flow now.

The Intel rejection is part of a series of setbacks for Germany's efforts to increase domestic semiconductor production. With increasing geopolitical tensions and global supply chain problems, security of supply for chips remains a key challenge.

Conclusion:

The end of a dream. With the final cancellation of Intel, a chapter of great hopes for Magdeburg and Saxony-Anhalt ends. The project, which should make the region a European hub for chip production, has failed – not because of a lack of political support or infrastructure, but because of the economic realities of a crisis-ridden corporation.

The lesson of this failure is ambivalent: On the one hand, it shows the limits of state industrial policy, on the other hand, it shows how important it is not to place all hopes on a single major investor. Magdeburg and Saxony-Anhalt are now facing the challenge of finding new ways for economic development – beyond the bursting Intel dream.

---

Article 5

Atari 2600+ PacMan Halloween Edition

Atari 2600+ PAC-MAN Special Edition: Retro gaming in bright yellow for Halloween 2025 as a special edition now available for pre-order.

The retro gaming renaissance reaches a new climax: Just in time for Halloween 2025 There is a very special version of the popular Atari 2600+ on the market. The PAC-MAN Special Edition combines nostalgic design with modern technology and should make both collectors' hearts and gaming enthusiasts beat faster.

A dream in PAC-MAN yellow

The new console features the iconic dot-eater's signature bright yellow. What immediately catches the eye: The illuminated PAC-MAN character symbols on the front of the console give the retro device a modern, almost futuristic touch. This lighting not only ensures the perfect Halloween vibe, but also makes the console a real eye-catcher in the living room.

The collaboration between PLAION REPLAI, Bandai Namco and Atari is a tribute to the first home console version of PAC-MAN, which was released for the original Atari 2600 at the time and became one of the platform's best-selling games.

Double PAC-MAN enjoyment included

Particularly exciting is the supplied PAC-MAN Double Feature Cartridge. This includes not only one, but two versions of the classic:

• PAC-MAN 7800: A new arcade version that combines the classic feel with improved technology
• PAC-MAN 2600: The original console classic in its authentic form

This gives players both the nostalgic original experience and a more modern interpretation of the timeless gameplay.

Controller diversity in ghost colors

The scope of delivery includes a wireless CX-40 controller in the matching PAC-MAN yellow. For real fans, however, it gets even more interesting: The controllers are also available individually in the characteristic ghost colors:

• blue (for Inky)
• red (for Blinky)
• pink (for Pinky)
• orange (for Clyde)

With these four additional controllers, multiplayer sessions can become true PAC-MAN parties where each player can embody their favorite spirit.

Prices and availability

The PAC-MAN Special Edition of the Atari 2600+ is available as stand 26.7.25 at 146,91 Euro per Preoder. The individual controllers in the ghost colors cost 34.56 euros each. Particularly practical: The PAC-MAN Double Feature Cartridge will also be sold separately later, so that owners of the standard console can also enjoy the two games.

In addition, there are also the classics Dig Dug 7800 and Galaga 7800 for 30.24 euros each. The official release is planned for 31 October 2025 – the timing for a Halloween edition could hardly be more appropriate.

Conclusion:

Nostalgia meets modern aesthetics. The Atari 2600+ PAC-MAN Special Edition is more than just another retro console. It is a lovingly designed tribute to one of the greatest gaming classics of all time. The bright yellow, the illuminated symbols and the ghost color controllers make them a real collector's item.

For retro gaming fans who already own a standard version of the Atari 2600+, the colored controllers and the special cartridge still offer enough incentives for a purchase. And if you don't have a modern Atari console yet, you get an all-round coherent package that convinces both functionally and visually.

The PAC-MAN Edition shows impressively how classic gaming aesthetics can still inspire today – and proves that some designs are simply timeless.

Wakka-wakka-wakka!

---

Article 6

Broadcom's VMWare deal under attack

VMware acquisition: European cloud providers are suing Broadcom. The Fight for Fair Competition Goes to Court

Broadcom's multibillion-dollar acquisition of VMware has become one of the most controversial tech deals in recent years. After the EU Commission gave the green light for the $69 billion acquisition in 2023, European cloud providers are pulling Now before the European Court of Justice, to challenge this decision.

CISPE leads the resistance

The industry association Cloud Infrastructure Service Providers in Europe (CISPE), which includes companies such as Oxya, Leaseweb, UpCloud and Serverplan, officially brought an action before the EU General Court in The Hague on 24 July 2025. The objective is clear: Revocation of the approval by the Brussels competition authorities.

Francisco Mingorance, Secretary General of CISPE, summed up the issue: “VMware’s dominant position in virtualisation means that Broadcom’s unilaterally tightened licensing conditions affect almost all European organisations deploying cloud technologies.”

Drastic price increases are shaking the market

The impact of the acquisition is already clear. Since the deal was concluded, Broadcom has unilaterally terminated existing contracts, often with just a few weeks' lead time, and introduced new, highly burdensome licensing terms. The figures speak a clear language:

• Cost increases tenfold in some cases
• Price increases of 800 to 1500 percent according to CISPE
• Mandatory multi-year contracts for access to essential VMware software
• New restrictive licensing conditions that could effectively exclude smaller cloud providers

These developments take place Not just the cloud industry. Hospitals, universities, municipalities or even Non-profit/charity organizations They face priceless bills and rigid long-term contracts that unplannedly jeopardise the flexibility and cost-effectiveness of their digital infrastructure.

Regulatory failure?

Particularly explosive: Although the EU Commission acknowledged in its decision that the acquisition would pose significant risks to competition, it did not impose any conditions or conditions on Broadcom. CISPE therefore accuses the Commission of ‘legal errors and serious omissions in the assessment of competition law’.

The association has been warning about Broadcom's unfair licensing practices for over two years. Despite numerous discussions and detailed information, nothing has happened. Repeated attempts to engage in constructive dialogue with Broadcom were also unsuccessful.

Broadcom defends itself

Broadcom rejects the allegations, stressing that the acquisition of 12 jurisdictions worldwide has been approved. The company refers to a simplified licensing model and claims that the customer retention rate has remained constant. The opinion states: “We will respect the commitments we have made to the Commission and continue to bring better choices and solutions to our customers.”

International attention

The lawsuit is not only important for Europe. Similar complaints and investigations are ongoing in different countries, which shows that the problem is global. IT user associations such as Voice in Germany have also complained to the EU Commission.

What's at stake?

The case raises fundamental questions about the control of dominant positions in the tech industry. VMware software has become indispensable for many organisations – a position Broadcom now seems to be using to push through drastic price increases.

The legal dispute could become groundbreaking for future mergers and acquisitions in the tech industry. It also highlights the importance of regulators not only assessing the immediate impact of deals, but also keeping an eye on their long-term impact on competition and consumers.

outlook

The decision of the EU court is eagerly awaited. If CISPE succeeds, it could not only challenge the VMware acquisition, but also set a precedent for other controversial tech deals. For European cloud providers and their customers, nothing less than the future of fair competition is at stake.

The Commission has already announced that it will defend its decision in court. The outcome of this lawsuit will show whether Europe's competition law is strong enough to limit the market power of large tech companies.

---

Article 7

Sysadmin Day #26 – Friday 25/07/25

On the last Friday of July, System Administrator Appreciation Day is celebrated, this year for the 26th time.

SysAdmin Day, or System Administrator Appreciation Day, is an annual commemoration day celebrated on the last Friday in July to thank system administrators for their work. SysAdmins are the IT experts who ensure that computers, networks and servers in companies function smoothly. Often they work in the background without getting much attention, so SysAdmin Day is an opportunity to thank them for their important work. 

Why is there a day?

The SysAdmin tag was created by the system administrator Ted Kekatos Inspired by an ad from Hewlett-Packard, employees thanked a SysAdmin with flowers and fruit baskets for installing new printers. The day should also be a humorous way to show appreciation to the often overlooked SysAdmins. 

What do SysAdmins do?

SysAdmins are responsible for many different tasks, including:

• Planning and configuration: They plan and set up new computers, networks and servers. 
• Maintenance and monitoring: They make sure that everything is regularly maintained and checked for errors. 
• Troubleshooting: If something doesn't work, they're there to solve the problem. 
• Security: They ensure that the systems are safe and protected from attacks. 
• Software updates: They install updates and make sure everything is up to date. 

In short, SysAdmins are the silent heroes of IT that make sure everything runs smoothly so that others can get their work done. You deserve a little attention from time to time. <3

---

Article 8

Many Brother printers are still unpatched, security vulnerabilities are exploited.

Critical vulnerabilities in ~750 printer models: Active attacks require immediate action, firmware updates are available!

The printing landscape is facing a serious security crisis: Since June 2025, cybercriminals have been actively exploiting serious vulnerabilities in 748 network printers. What began as a technical problem has become an acute threat to millions of users and businesses.

The extent of the threat

The ones from Security company Rapid7 Eight vulnerabilities have been discovered affecting a wide range of printer manufacturers. With 689 affected models, Brother bears the brunt, followed by 46 Fujifilm devices, six Konica Minolta models, five Ricoh printers and two Toshiba devices. Some third-party manufacturers also sell relabeled Brother printers.

Since 9 July 2025, the security company CrowdSec has been recording daily exploit attempts on these vulnerable systems. A detailed white paper on the problem has also been available since 25 July. Also from Rapid7

The treacherous gap trio

Especially dangerous is the combination of three specific vulnerabilities, which allows attackers a fatal chain of attacks:

First stage (CVE-2024-51977 | EUVD-2025-54705): This "medium" vulnerability allows unauthenticated attackers to spy on the printer's serial number and other sensitive information. Access is via various protocols such as HTTP, HTTPS, IPP as well as PJL or SNMP queries.

Second stage (CVE-2024-51978 | EUVD-2024-54698): With the read out serial number, attackers can generate the factory default administrator password. This critical vulnerability exploits the fact that the default administrator password is derived from the unique serial number during production.

Third stage: (CVE-2024-51979 | EUVD-2024-54699) With the generated password, a stack-based buffer overflow can be triggered as an authenticated attacker, then attackers take full control of the printer, can execute arbitrary malicious code, use the printer as part of a botnet and, at worst, compromise the entire local network.

Current wave of attacks and consequences

The threat is by no means theoretical. Compromised printers are systematically integrated into botnets that are misused for DDoS attacks. Even more serious: The devices serve as a gateway into corporate networks, enabling the spread of malware and the exploitation of further vulnerabilities in the internal IT system.

Printers are often regarded as less critical devices and thus negligently secured. They often have access to sensitive network areas and can process confidential documents, so a compromised printer can cause significant damage.

Firmware updates: Necessary, but not sufficient

Brother has acknowledged that the critical vulnerability CVE-2024-51978 cannot be fully addressed by firmware updates. The vulnerability is rooted in password generation logic, and all devices produced before discovery have predictable passwords. A change in the manufacturing process is required, only devices with a new process are fully protected.

Nevertheless, available firmware updates should be installed immediately, as seven of the eight vulnerabilities can be closed as a result.

Practical guide:
Check and update firmware version

Determining the firmware version

For Brother printers:

1. About the device display: Navigate to ‘General’ → ‘Printer info’ → ‘Firmware version’
2. Via the web interface: Enter the printer's IP address into your browser and search for device information
3. About the Brother Mobile Connect App: The current firmware version is displayed in the device information

Find the printer's IP address:

• Keyboard shortcut for network configuration report (varies per model)
• Display in the operating menu for printers with display
• Router web interface: List of connected devices
• Network scanner tools such as ‘Advanced IP Scanner’

Perform firmware updates

Brother printers:

1. Brother Mobile Connect app: Automatic notification of available updates
2. Firmware update tool: Download the specific tool for your model from the Brother website
3. Web interface: Direct upload of the firmware file via the printer IP in the browser
4. Enable automatic updates: In the network settings of the printer

Other manufacturers:

• Fujifilm: Firmware updates via the manufacturer's website or integrated update function
• Ricoh: Smart Device Connector App or Web Interface
• Konica Minolta: PageScope Mobile/Web Connection
• Toshiba: e-STUDIO Connector or Web Interface

Immediate protective measures

1. Change password (Priority 1)

The default administrator password must be replaced immediately with a secure, individual password:

For Brother printers:

• About the Brother Mobile Connect App
• Web interface: IP address → Administrator settings → Change password
• Use strong password: At least 12 characters, combination of uppercase/lowercase letters, numbers and special characters

2. Increase network security

• Insulate printers in a separate VLAN
• Prevent access from external networks
• Restrict firewall rules for printer access
• Access admin interfaces only via secure protocols (HTTPS)

3. Continuous monitoring

• Regular check of printer logs
• Network monitoring for unusual activities
• Set up automatic notifications for firmware updates

4. Implement automation

Configure all network-enabled devices to automatically load and install updates. This applies not only to printers, but also to smart speakers, TVs and other IoT devices.

Long-term security strategy

The current security gaps highlight the need for a comprehensive IoT security strategy:

• Zero trust approach: See any device on the network as a potential threat
• Segmentation of the network: Reduces possible radius of propagation
• Regular security audits: Systematic verification of all networked devices
• Incident response plan: Preparing for security incidents

conclusion

The current attacks on printer vulnerabilities are again a wake-up call for the entire IT security industry. While firmware updates and password changes provide short-term protection, the fact that some vulnerabilities are not fully recoverable due to hardware issues shows the need for fundamental improvements, especially in IoT device security.

Users and administrators need to act now: Change passwords, update firmware and increase network security. The time for reactive security measures is over – proactive protection has become essential.

---

Article 9

Google AI search changes digital media landscape

It seems Google's AI search could be the end of the monetization of established online journalism. Are these abstract concerns or the consequences already to be seen just the beginning?

The media industry is experiencing one of its most dramatic upheavals since the invention of the Internet. While Google CEO Sundar Pichai praises AI as a positive influence for ‘all parts of the business’, media companies around the world are struggling to survive.
The reason: Google’s AI dashboards are revolutionising the way people consume information, with disastrous consequences for Traditional news sites.

Wave of redundancies in the media industry

The 95-year-old business magazine ‘Fortune’ lays off 10 per cent of its workforce. CEO Anastasia Nyrkovskaya makes it clear in her explanatory statement: Artificial intelligence and the resulting slump in website traffic are key reasons. Fortune is not alone – Business Insider, Bloomberg and other renowned media companies have already announced massive job cuts in 2025. The message is clear: What is celebrated as technological progress costs real jobs in journalism.

How Google's AI overview works

Since May 2024, Google no longer only answers search queries with links to relevant websites, but initially presents AI-generated summaries. If someone is looking for ‘How is the German economy doing?’ or ‘What is the war in Ukraine about?’, an AI text with the most important information appears first. The links to the original sources – Tagesschau.de, Spiegel or the Institut der deutschen Wirtschaft – only follow below.

The problem: Many users are already satisfied with the AI summary and no longer click on the original articles.

Alarming study results

A recent study by Pew Research shows the full extent of the crisis: Users to whom Google displays an AI overview only click on further links about half as often as users without an AI summary. Even more dramatic: Many complete their search after reading the AI response.

The figures speak a clear language: 18 percent of all Google searches are already answered with AI overviews. A study by Authoritas Analytics finds that even websites that used to rank first in Google search results can lose up to 79 percent of their clicks.

Google contradicts – its own AI does not

Google denies these dramatic losses. A company spokesman told the Guardian that Google sends billions of clicks to websites every day and cannot detect any dramatic drops.

Curious about it: Google's own AI seems to disagree. Google’s AI overview responds very clearly to the question ‘Why did Fortune magazine dismiss employees?’: “Fortune magazine has laid off staff because the media landscape has changed a lot due to artificial intelligence (AI) and the decline in website traffic.”

A dangerous vicious circle

The situation is paradoxical: Google needs the content of the media companies to create its AI summaries. At the same time, with these summaries, the company is undermining the business model of the same media houses that deliver the content.

Media companies thrive on people clicking on their content, which is the only way they generate advertising revenue. However, if Google already presents this content in summary form on its own page, there is no incentive to click.

Multi-million dollar deals as a solution?

Since 2023, tech and media companies have been trying to solve the problem through licensing agreements. OpenAI has closed deals with the Guardian, the Financial Times and Axel Springer. A five-year contract between OpenAI and News Corp is expected to be worth $250 million.

Google also has a deal with the Associated Press, Meta is working with Reuters, and AI startup Mistral is collaborating with AFP. Even the New York Times, which still sued OpenAI for copyright infringement in 2023, announced a licensing agreement with Amazon in May 2025.

Legal defense is being formed

The EU Commission is already investigating whether Google's AI overviews infringe the copyrights of media houses. The rules of the Digital Services Act and the Digital Markets Act could be applied. A group of independent publishers from the UK has even filed a complaint under EU antitrust law.

Google's dilemma: Success at any cost?

There is a lot at stake for Google. The search and the associated advertising revenue are responsible for more than half of the turnover and three quarters of the profit at the parent company Alphabet. CEO Sundar Pichai is optimistic: With the AI overviews, the number of search queries could be increased by ten percent, which also increased ad revenue by 10.4 percent year-on-year to $71.34 billion.

What does this mean for the future of the media?

Current developments are challenging the entire ecosystem of online journalism. If people get their information directly from Google's AI, why should they still click on news sites? And if there are no clicks, how should media companies still finance high-quality journalism?

The media industry is faced with the choice: Either it succeeds in developing new business models and establishing direct relationships with readers, or it becomes the victim of a technological revolution that was originally intended only to improve search on the Internet.

The coming months will show whether a fair balance can be found between technological progress and the preservation of a diverse media landscape. It is clear: The internet as we know it is changing fundamentally – and not all will survive this transformation.

---

Except for one or the other bright spot, the week is full of rather unpleasant messages. My colleague from DevSecOps (and good friend) Sun-Tsu formulated this appropriately at a flipchart meeting:

The wise IT manager plans for the worst case!

Always assume that something can go wrong and have detailed contingency plans and recovery strategies in place. A good plan for disaster can minimize chaos.