Cyber Security Blog

Dive with us into the world of hackers, data espionage, and attack defense - several times a week for free!

At the beginning of August 2022, a new ransomware emerged that could not be assigned to any known malware family so far: the ARCrypter ransomware. The cybercriminals behind the extortion software have already attacked major Latin American organizations - including the Chilean government. Meanwhile, they are expanding their activities around the world, targeting German targets as well. Researchers have now figured out how ARCrypter works and what the characteristics of an ARCrypter attack are. The good news up front: with the right security tools, you can effectively protect yourself from the new threat.

The cybersecurity industry is more dynamic and rapidly changing than any other sector. Today's insights may already be outdated tomorrow. Because at the same pace as IT security develops new measures to protect IT infrastructure, networks, and endpoints, cyber criminals bring new tools to the market, refine attack methods, or use unknown techniques to successfully carry out cyber attacks. Anyone who wants to stay as well informed as possible in the multi-layered environment is dependent on regular updates. This applies equally to technically interested users and IT staff. One popular source of information in Germany is the podcast. More than 40% of all Germans regularly listen to podcasts - one fifth of them daily. We asked our IT security consultants for recommendations on ethical hacking and present our top 5 most popular cybersecurity podcasts here.

In early October, the ransomware group Black Basta attacked an IT service provider of the Deutsche Presse-Agentur (dpa), stealing the data records of 1,500 dpa employees as well as pension recipients of the dpa support fund. Two weeks later, the cybercriminals published the first sensitive data of the victims on the darknet. This incident is just one of many attacks associated with the notorious Black Basta ransomware - and there will be many more to come. That's because, as new research shows, the cybercriminals act very similarly to other aggressive hacker groups.

SPIE Switzerland Ltd. was looking for a reliable service for early attack detection that could also protect non-agent-based security solutions - and found "an effective and innovative solution with an excellent price/performance ratio" in the Active Cyber Defense (ACD) service.

QR codes have been around for almost 30 years. Today, we scan the square codes with our smartphone as a matter of course to release bank orders, create a digital vaccination certificate or retrieve coupons. However, since QR codes are also used by cybercriminals for fraudulent purposes, you should not trust the little squares without limits. You should be especially careful if you receive a QR code via email: A sophisticated phishing attack could be hiding behind it. We show you how to recognize quishing attacks and protect yourself from them.

As practical, useful and indispensable as the Internet is, countless dangers lurk there. Cybercriminals mercilessly exploit any vulnerability, no matter how small, to infiltrate networks, compromise computers, steal identities or leak data. As more and more effective and multi-layered defenses against cybercrime are being deployed in the IT security arena with extreme reliability, humans remain the greatest vulnerability. Hackers usually choose the easiest way to get to their target - and that way is far too often through users. In this article, we highlight the risks that can arise from surfing the Internet and list eight criteria that can be used to identify a reputable and trustworthy website. Also learn how to best secure networks against cyberattacks.

If you understand what makes people tick, you can manipulate them. Psychological influence through sophisticated interpersonal interaction is known as social engineering - and is responsible for around 98% of all cyberattacks! The classic is the fake email that lures unsuspecting victims to fraudulent websites. Or criminals use false identities on social networks to obtain confidential information. Through targeted manipulation, social engineers get people to do things they wouldn't normally do. Nowadays, networks can be secured more and more reliably by versatile IT security solutions, but "human hacking" still remains the biggest vulnerability in cybersecurity. In this article, you will learn which social engineering tactics cybercriminals use and which tools attackers use to take over compromised systems.

For several days now, there has been a strong accumulation of successful compromises by the "QakBot" malware (also known as "QBot" and "QuackBot") worldwide. We have also already identified successful attacks as part of our ACD monitoring. After infection, criminals can gain access to online banking accounts, leak user data, and reload further malware. As one measure to mitigate the risk, we urgently recommend adjustments to the Group Policy Objects (GPO).

Cybercriminals are true masters at constantly adapting their attack mechanisms to effective IT security measures. New tools and iterative changes to existing malware are used to mercilessly exploit security vulnerabilities. Among the numerous threats, ransomware stands out as one of the biggest. More and more companies have to face extortion Trojans. A completely new threat called LockFile now relies on intermittent encryption. LockFile not only encrypts much faster than previous ransomware, but also bypasses security solutions that work reliably. This article shows why criminals are increasingly relying on intermittent encryption and how companies should react to the new threat.