Chinese hacker group APT41 misuses Google Command and Control (GC2) tool for attacks
by Tina Siering
In the latest Google Threat Horizons Report (April 2023), Google experts warn that the Chinese state-sponsored hacking group APT41 is misusing the Google Command and Control (GC2) tool for cyber attacks. According to the experts, GC2 has been used to attack Taiwanese media companies and an unnamed Italian recruitment firm.
Read more … Chinese hacker group APT41 misuses Google Command and Control (GC2) tool for attacks
Only last November, we warned of aggressive phishing attacks using the Qakbot (QBot) malware. At that time, a malicious ISO file was used, which in turn contained an LNK file and the QakBot payload. Now the banking Trojan is strongly active again with a different attack method!
Read more … New QakBot(Qbot) Attack Wave: Emails with Malicious PDF Attachments
Darknet and Deepnet: What (not only) CISOs and CIOs should know
by Tina Siering
As the current Darknet Study 2023 by the security researchers of Botiguard shows, numerous data of German companies are available for download or purchase on the Darknet due to data leaks. Almost 60 percent of all companies and public institutions examined are affected. It can be assumed that some of those affected are unaware of this. A disturbing result, which gives reason to take a closer look at the three layers of the internet (clearnet, deepnet and darknet) and to give important security tips, especially for surfing the darknet.
Read more … Darknet and Deepnet: What (not only) CISOs and CIOs should know
Kellner Telecom strengthens IT security with the Managed Detection and Response service from Allgeier secion
by Tina Siering
IT security plays a particularly important role at Kellner Telecom GmbH. Not only because the medium-sized company works with corporate customers from the critical infrastructure sector who demand IT security standards that can be proven by ISO certifications. ACD, the Managed Detection and Response (MDR) service from Allgeier secion, helps the company to meet the high security requirements of its KRITIS customers.
Checklist "Cybersecurity for SMEs": Valuable tips - Part 2
by Tina Siering
After presenting the first five of the most important cyber security measures for SMEs in the first part of our checklist, we follow up in the second part: We present five more essential measures that will help your company to increase security in cyberspace and strengthen resilience against current and future threats.
Read more … Checklist "Cybersecurity for SMEs": Valuable tips - Part 2
North Korean cybercriminals have apparently manipulated the VoIP desktop client of the software manufacturer 3CX and used it for DLL sideloading attacks. The programme contacted a number of domains through which malicious code (mostly remote shells) was reloaded into the telephony software.
Read more … VoIP software 3CX distributes malicious code after sideloading attack
Checklist "Cybersecurity for SMEs": Valuable tips - Part 1
by Tina Siering
The threat situation does not allow companies and organisations any breathing space. In this first part of our two-part series of articles, we present five of a total of ten essential measures that help to deal with the issue and prepare for various attack scenarios.
Read more … Checklist "Cybersecurity for SMEs": Valuable tips - Part 1
From SolarWinds to the Sandworm OLE vulnerability, some cyberattacks have been particularly memorable over the past decade. In this article, we have remembered 5 of the most significant IT security incidents of the last 10 years.
Read more … The 5 most significant IT security incidents of the last 10 years
As part of the March patch day, Microsoft has closed a total of 80 IT security vulnerabilities in various products, including for two actively exploited zero days in Microsoft Outlook and in Windows SmartScreen. It is essential to update the affected Office and Windows versions now.
Read more … Update required: Microsoft fixes two zero-day exploits with March patch day
The cloud backup software "Veeam Backup & Replication" is affected by a critical vulnerability (CVE-2023-27532) that allows attackers to access backup infrastructure hosts and leak credentials - even if these data are stored in encrypted form. IT security managers should urgently apply the security update provided by the manufacturer.
Read more … Critical vulnerability in Veeam Backup & Replication requires immediate patching