Cyber Security Blog

Dive with us into the world of hackers, data espionage, and attack defense - several times a week for free!

With the passed IT Security Act 2.0 (IT-SIG), anomaly detection for CRITIS companies and organisations is enshrined in law. Now it is time for operators of critical infrastructures to act: According to IT-SIG 2.0, they must implement appropriate protective measures to defend against cyber attacks within one year that comply with the current legislation. How can it be done faster?

Industry 4.0 and the IoT are no longer a marginal phenomenon - but have long since arrived in many manufacturing companies. IT security in industry must counter the new threat situations and try to stay one step ahead of the cyber criminals. With specialized service providers and services, IT security in industry can counter all cyber attacks!

Supply chains in companies are increasingly turning out to be gateways for cyber attacks. In supply chain attacks, components may already be compromised when they arrive at the company. ENISA, the EU's cybersecurity agency, warns that companies underestimate the cyber threats posed by supply chain attacks and are usually not sufficiently prepared for such cyberattacks. What is worth knowing about this is highlighted in today's blog post.

You are still new to the topic of Cyber Threat Hunting and have many questions that you would like to have answered by a real expert? No one can do this better than a long-standing expert from the Cyber Threat Hunting scene, which originated in the USA: Chris Brenton from Active Countermeasures INC, our partner for Active Cyber Defense, answers the 10 most frequently asked questions about threat hunting in today's blog post.

Ransomware and Advanced Persistent Threats are challenging IT security - and cyberattacks are increasing not only in scope but also in professionalism as technology continues to advance. We present the five most relevant threat actors in the field of cyber threats - and provide tangible tips on which IT security strategies you can use to protect your network most reliably.

Cryptojacking is quite difficult to detect compared to other cyberthreats. At the same time, there are some very characteristic features that suggest an infection with mining software. In many cases, classic IT security defence mechanisms are not able to detect cryptomining. This is because virus scanners, for example, do not recognise many of the techniques used as harmful.

The standard for handling European personal data in the US is a thing of the past. This does not mean the end of any data transfer from Europe to the USA - but, as the Luxembourg judges of the ECJ emphasised, data protection authorities are obliged to prohibit the transfer of data as soon as the standard contractual clauses are not complied with in the recipient country. Find out in this article what this all means for companies and whether private internet users also have to fear consequences.

The Luca app has been available since March 2021. This app makes it possible to trace contacts in the event of infection with COVID-19 by registering whereabouts. The federal government favored a digital system, allowing a seamless transfer of information without time delay. Now the group LucaTrack has discovered and made public a serious security vulnerability in the app. What does this mean for users of the app?

The rapid increase in home offices during pandemic times has drastically increased the attack surface for cybercriminals in Germany. It has a relevant impact on the information security of commercial enterprises. The German Federal Office for Information Security (BSI) surveyed around 1,000 companies and businesses in a representative survey. Marcus Henschel, CEO of secion, comments on the study results, which were presented yesterday at a digital press conference in Cologne.