Cyber Security Blog

Dive with us into the world of hackers, data espionage, and attack defense - several times a week for free!

Ransomware attacks have been on the rise worldwide for years. Recently, four malware types have emerged that are used particularly frequently. They are responsible for more than two-thirds of all ransomware attacks and pose a major threat to both large corporations and small and medium-sized enterprises. Unfortunately, companies and organizations lack the necessary resources, especially smaller cybersecurity teams, to adequately position themselves in the fight against the aggressive hacker groups. However, effective protection is still possible with the right strategy.

Of all the dangers lurking on the Internet, botnets are considered one of the greatest threats of all. Whether in the form of a web crawler or as the sender of a spam mail - surely every user has already been confronted with robots (bots for short, derived from the English "robot"). Botnets are among the most important underground infrastructures that allow cybercriminals to access any number of infected computers simultaneously - and with an incredible variety of options. As a result, they are among the most lucrative illegal sources of income and pose an immense threat to companies and organizations. Accordingly, profit-oriented cyber organizations, syndicates and hacktivists act professionally. In this article, you will learn how botnets work and how you can best protect yourself against them.

The reports about critical security vulnerabilities in Atlassian products do not stop. The Australian software company is currently warning of three serious vulnerabilities in numerous of its applications and services. The manufacturer has already published updates and urgently advises users to install the latest software version in order to close the security gaps.

IT security not only depends on the infrastructure and security technologies used, but also to a significant extent on the people who use the digital systems. While the security technologies used are now highly reliable, people are increasingly becoming a weak point. Cyber criminals usually look for the easiest way to obtain data or penetrate a network - and this way too often leads through uninformed, uninformed employees. Establishing a functioning culture of cybersecurity, regularly sensitizing all employees to existing threats and integrating them into the security concept as a "human firewall" is crucial for a company's overall IT security today.

Deepfakes - media content deliberately manipulated by artificial intelligence - have been known to a broad public at least since the phone call between Minister Giffey and the (alleged) interlocutor Vitali Klitschko in June 2022. Deepfakes began as a technical gimmick in the digital world and have now reached a level that has become a real threat to organizations and companies worldwide. Through machine learning and the use of AI, videos and audio files can now be faked - and in such a way that they are almost indistinguishable from genuine content. Read this article to learn about the current threats posed by deepfakes and how companies, government agencies and private individuals can protect themselves from the manipulations.

Patches that are not applied in time can become a threat to your company. Cyber criminals rely on you neglecting your patch management and applying security updates too late or not at all. There are now so many vulnerabilities in applications that many companies can no longer keep up with patching - with fatal consequences for IT security. We show you how you can close security gaps in your systems in good time and protect your company from cyber attacks with a well thought-out patch management process.

In order for your business processes to run smoothly, your digital company data must be available at all times. However, it can quickly happen that your data falls into the hands of hackers or is accidentally deleted by employees. To avoid long downtimes and loss of revenue in such cases, you should always have a complete backup copy at hand with which you can quickly restore your data. We tell you which backup methods and storage media you need to be prepared for emergencies.   

The critical vulnerability (CVE-2022-26134, CVSS score: 9.8) in Atlassian Confluence Server and Data Center products patched in early June continues to be actively exploited for ransomware attacks: In at least two incidents, attackers exploited the vulnerability to spread malicious malicious code (e.g., Cerber ransomware, Cobalt Strike via web shell, Mirai and Kinsing bot variants, and a crypto miner called z0miner).

After a successful cyberattack, the IT systems and subsequently parts of the business processes of Martin Baur GmbH came to a temporary standstill. The medium-sized company from the district of Biberach then brought Allgeier secion on board as an external IT security expert in order to have its own IT protection measures reviewed and to secure itself even better for the future.