Recently, Microsoft informed about the vulnerability CVE-2021-40444 in the office software Office. The corresponding MS Office patch was already released in September 2021. Now it turns out that Microsoft did not even fix the cause of the vulnerability with the patch. Experts warn that criminals will continue to exploit the vulnerability and have even uncovered further potential dangers in connection with the exploit.
Read more … Patch me if you can: Microsoft cannot close critical security hole
The cyber threat situation will remain extremely tense in 2022: IT security threats will be characterized by optimized attack strategies and methods that target companies and employees more perfidiously than ever before. If 2021 were already a "successful" year for cybercriminals, the cyber security risks in the new year would be even more so. In this article, you can find out which IT security threats companies will face in 2022.
Read more … Cyber Security Trends 2022: The ten biggest IT security threats to your business!
A critical vulnerability in the Java logging library "Log4j" requires urgent patching.
by Svenja Koch
Attackers can gain access to affected systems via a critical vulnerability in the Java logging library "Log4j". Users of Log4j versions 2.0 to 2.14.1 should immediately apply a patch to close the gap. We provide concrete recommendations for action in the article and supply a regularly updated list of callback domains.
Read more … A critical vulnerability in the Java logging library "Log4j" requires urgent patching.
BSI Warning Exchange Server: Have Chinese hackers already exploited the vulnerabilities?
by Svenja Koch
Microsoft Exchange is used on many e-mail servers. There have been repeated attacks on vulnerable Microsoft Exchange servers in recent months. A BSI warning urges all administrators to check their systems and update Microsoft Exchange immediately. The reason for this lies in new IT security vulnerabilities in Exchange, which Microsoft closed with patches in October and November. Nevertheless, many servers are still vulnerable because no update has been made.
Read more … BSI Warning Exchange Server: Have Chinese hackers already exploited the vulnerabilities?
These six tips will help you achieve maximum home office safety for your employees for good measure!
by Svenja Koch
The home office has become a permanent part of many companies in the last two years. One primary reason for this is the Corona pandemic. At the same time, working from the home office has created a host of new IT security risks. The now more complex network structures and the human risk factor provide threats. With the following six tips, companies increase IT security in the home office and thus reduce the dangers posed by such a network structure.
Complex company structures predestined for supply chain attacks! Current study confirms secion blog article from May.
by Svenja Koch
While corporate IT security is becoming more and more powerful, cybercriminals are using open backdoors for supply chain attacks that are quite a sight to behold. Last May, cyberattacks such as SolarWinds and Passwordstate were public. A new study now shows that supply chain security has not changed much for the better. The supply chain remains a "blind spot" regarding potential risks threatening a company.
A large proportion of Internet users still believe that their data is of no interest to criminals. Many of them think that only well-known people are worthwhile targets for identity theft. In reality, however, fraudsters are particularly interested in the data of inconspicuous people. These are much easier to use for their fraudulent schemes, precisely because they are unknown persons.
Read more … Identity theft is made easy, but it has to be? 5 smart tips to protect your data!
Emotet is back - what action is needed now!
by Svenja Koch
Emotet belongs to the category of macro viruses. The malware has been known since 2014 and spreads via attachments in emails. At the beginning of 2021, we reported on our blog about how police authorities had dismantled the infrastructure behind Emotet. At the time, we already pointed out that the threat posed by the Emotet malware had not been banished for good. Now the malware is indeed back, as the latest analyses show.
Malware threats continue to advance in online banking - what is the legal position on this?
by Svenja Koch
Online and mobile banking are now widespread. Across the generations, banking transactions are gladly done on the PC or even via the smartphone. Cybercriminals take advantage of this and attack computers and cell phones with online banking Trojans. Experts see an alarming trend of increasing attacks of this kind, in which the hackers work with phishing and even more sophisticated methods. Those affected not infrequently have to bear the damages themselves because the jurisdiction in online banking is complicated.
Social Engineering Attacks Today: How to Proactively Protect Yourself with Emotional Insights!
by Svenja Koch
The daily battle between cyber security and cyber crime is a highly technical and at the same time extremely human contest of strength. With the Emotional Insights approach, social engineering attacks should be better prevented in the future. In this article, you will learn exactly what emotional insights are and how they can minimise the "human security risk" in the context of cyber attacks.