Perhaps you are also one of the 270 million people who actively used Microsoft Teams on a daily basis last year? The service is used frequently and with pleasure, especially in a professional environment, as it makes communication from the home office or remotely simple and convenient. However, a recently discovered security vulnerability significantly limits the convenience factor.
Read more … TeamsPhishers: New tool exploits vulnerability in MS Teams to send malware
Windows 11 security change: SMB signing becomes standard
by Tina Siering
Microsoft is working to further improve the security of the Server Message Block (SMB) protocol. In a new pre-release version of Windows 11, SMB signing is now enabled by default for Pro editions to enhance the security of network connections.
Read more … Windows 11 security change: SMB signing becomes standard
Cyber risks are steadily increasing due to skills shortages
by Tina Siering
Between 2021 and 2022, the number of companies that suffered at least five or more IT security breaches increased by a staggering 53 per cent. Approximately half of all companies experienced a security breach in the last 12 months that cost more than $1 million to resolve. These are just some of the worrying findings of Fortinet's latest Global Security Skills Gap Report 2023.
Read more … Cyber risks are steadily increasing due to skills shortages
Cyber resilience programmes fall short according to study
by Tina Siering
The study "2023 Cyber Workforce Resilience Trend Report" was published in mid-May. The study results support a clear trend: more and more companies are focusing on building sustainable cyber resilience, but many cyber resilience programmes fall short. Although 86 per cent of respondents have a cyber resilience programme, more than half said they lack a holistic approach to assessing cyber resilience.
The reason: The implemented mechanisms are not sufficient to prove the practical cyber capabilities of the teams.
Read more … Cyber resilience programmes fall short according to study
The Apache Foundation has announced that it has closed security vulnerability CVE-2023-25690 (CVSS score of 9.8) in Apache HTTP Server 2.4.56. What users should now take into account.
Read more … Apache HTTP Server: Vulnerability CVE-2023-25690 closed after PoC
Zero-day security vulnerability in MOVEit transfer
by Tina Siering
Attackers are currently actively exploiting a vulnerability in Ipswitch (a subsidiary of the US-based Progress Software Corporation) and gaining access to data when, for example, companies exchange documents with MOVEit, the Managed File Transfer (MFT) solution. Patch now!
Read more … Zero-day security vulnerability in MOVEit transfer
IT Security and the metaverse
by Tina Siering
A "revolutionary approach" or the "new Internet": There is no stinginess with superlatives when it comes to the topic of metaversum. Today's two-dimensional text and image landscapes on the monitors of our end devices are to become three-dimensional worlds of experience and shopping in the future. Today's metaverse platforms are still mainly in the gaming sector. But development is progressing steadily, and the way we work, socialise and live will change as a result. This will also open up new sales and growth opportunities for companies. But what does the metaverse mean for companies and organisations in terms of their IT security?
Managed Security Services: In demand as never before
by Tina Siering
Phishing, ransomware, data espionage - the list of cyber threats is long. At the same time, cyber criminals are becoming increasingly sophisticated and professional. Consequently, the risk of becoming a victim of a cyberattack continues to increase in Germany and around the world. Small and medium-sized enterprises in particular usually do not have the necessary resources to detect cyberattacks themselves in time and thus be able to defend themselves. The demand for Managed Security Service Providers (MSSP) and their diverse range of services is therefore unabatedly high. We reveal what you should look for when choosing an external service provider.
Read more … Managed Security Services: In demand as never before
The internet is integrated into almost all aspects of our daily lives. However, when systems connected to the internet are connected to (e.g. critical) systems that have a direct impact on our economic prosperity, our livelihoods or even our health, insecure technologies and IT vulnerabilities open the door to cyber criminals and can create serious potential security risks.
The latest appeal from the German Federal Office for Information Security (BSI) to manufacturers of IT solutions is therefore clear and unequivocal: make your information technology products more secure!
Read more … BSI and international cyber security authorities call for more secure IT products
How cybercriminals secretly build in backdoors via SFX archives
by Tina Siering
Cybercriminals abuse SFX (Self-Extracting Archives) archives to undetectably install a backdoor in the victim's environment and execute PowerShell.
Read more … How cybercriminals secretly build in backdoors via SFX archives