Cyber Security Blog

Dive with us into the world of hackers, data espionage, and attack defense - several times a week for free!

LastPass confirms security incident

by

Back in mid-August 2022, unknown attackers gained access to servers of the password manager provider LastPass and were able to successfully copy internal data.

The company has now acknowledged the incident in a blog post and assured: Master passwords and user data in the encrypted password vault should not be affected. What users of the service should consider, however, can be read in the short blog post on the topic.

In order to close potential IT security gaps, sensitize its own employees and be prepared for the worst case scenario, the Versorgungswerk der Zahnärztekammer Berlin commissioned Allgeier secion with a comprehensive, three-part IT security audit. In addition to a black box and a social engineering audit, the incident response readiness strategy was also put to the test.

The abbreviation IoT stands for "Internet of Things" and refers to the increasing networking between "smart" devices and machines both with each other and with the Internet. To achieve this, the devices are equipped with network cards (LAN or WLAN). Often used for cost-saving reasons, smart building objects found in companies, such as fire detectors or IP cameras, already form the standard today. However, when acquiring IoT devices, many organisations are not aware that they entail major risks for IT security. To protect themselves from data espionage, operational failures and network compromises, companies and organisations should take effective security precautions.

As an inclusive institution, Elbe-Werkstätten has an increased security risk when it comes to IT security. In addition to already existing, established security solutions, further measures in the area of "Managed Protection and Response" (MDR) should therefore be added. The condition: It had to work simply, be affordable and also be implementable with a small team. After some research, those responsible decided on Allgeier secion's lean but effective Active Cyber Defense (ACD) service instead of their own SIEM solution (Security Information and Event Management), which they had initially considered.

The use of multi-factor authentication (MFA) significantly increases the level of access security compared to the simple use of username and password and makes it more difficult for cybercriminals to access sensitive data. With MFA, two or more credentials are required to gain access to a system, for example, via additional confirmation of login via personal smartphone. Multi-factor authentication actually adds a significant amount of security - but that the process protects one hundred percent against successful account takeovers is a fallacy! Learn in this article which seven tactics are used by cybercriminals to circumvent MFA.

Ransomware attacks have been on the rise worldwide for years. Recently, four malware types have emerged that are used particularly frequently. They are responsible for more than two-thirds of all ransomware attacks and pose a major threat to both large corporations and small and medium-sized enterprises. Unfortunately, companies and organizations lack the necessary resources, especially smaller cybersecurity teams, to adequately position themselves in the fight against the aggressive hacker groups. However, effective protection is still possible with the right strategy.

Of all the dangers lurking on the Internet, botnets are considered one of the greatest threats of all. Whether in the form of a web crawler or as the sender of a spam mail - surely every user has already been confronted with robots (bots for short, derived from the English "robot"). Botnets are among the most important underground infrastructures that allow cybercriminals to access any number of infected computers simultaneously - and with an incredible variety of options. As a result, they are among the most lucrative illegal sources of income and pose an immense threat to companies and organizations. Accordingly, profit-oriented cyber organizations, syndicates and hacktivists act professionally. In this article, you will learn how botnets work and how you can best protect yourself against them.

The reports about critical security vulnerabilities in Atlassian products do not stop. The Australian software company is currently warning of three serious vulnerabilities in numerous of its applications and services. The manufacturer has already published updates and urgently advises users to install the latest software version in order to close the security gaps.