NIS2: New cybersecurity regulation in 2023
by Nico Pätzel
In the current world situation, where cyber threats are growing exponentially at a rapid pace, the European Union has taken a decisive step towards increased security with the introduction of the NIS2 Directive. The expanded set of rules not only serves as a guide for the protection of network and information systems, but also puts the focus on critical infrastructures (CRITIS) - the heart of our modern society. But why exactly is this revised directive so important for IT security managers? What innovations does it bring with it, and what challenges might we face? This article provides an in-depth look at the NIS2 directive, its key points and its relevance in today's digital era. Learn here how the NIS2 Directive serves as an enabler for a more robust and secure digital future.
Social engineering: A look at the spectacular hack of MGM
by Tina Siering
That's how fast social engineering can go. A remarkable hack hit the billion-dollar casino chain MGM, paralysing the technical infrastructure and causing disruptions within the casinos. What happened and how the attackers proceeded, we explain in this article.
Read more … Social engineering: A look at the spectacular hack of MGM
Perhaps you are also one of the 270 million people who actively used Microsoft Teams on a daily basis last year? The service is used frequently and with pleasure, especially in a professional environment, as it makes communication from the home office or remotely simple and convenient. However, a recently discovered security vulnerability significantly limits the convenience factor.
Read more … TeamsPhishers: New tool exploits vulnerability in MS Teams to send malware
Windows 11 security change: SMB signing becomes standard
by Tina Siering
Microsoft is working to further improve the security of the Server Message Block (SMB) protocol. In a new pre-release version of Windows 11, SMB signing is now enabled by default for Pro editions to enhance the security of network connections.
Read more … Windows 11 security change: SMB signing becomes standard
Cyber risks are steadily increasing due to skills shortages
by Tina Siering
Between 2021 and 2022, the number of companies that suffered at least five or more IT security breaches increased by a staggering 53 per cent. Approximately half of all companies experienced a security breach in the last 12 months that cost more than $1 million to resolve. These are just some of the worrying findings of Fortinet's latest Global Security Skills Gap Report 2023.
Read more … Cyber risks are steadily increasing due to skills shortages
Cyber resilience programmes fall short according to study
by Tina Siering
The study "2023 Cyber Workforce Resilience Trend Report" was published in mid-May. The study results support a clear trend: more and more companies are focusing on building sustainable cyber resilience, but many cyber resilience programmes fall short. Although 86 per cent of respondents have a cyber resilience programme, more than half said they lack a holistic approach to assessing cyber resilience.
The reason: The implemented mechanisms are not sufficient to prove the practical cyber capabilities of the teams.
Read more … Cyber resilience programmes fall short according to study
The Apache Foundation has announced that it has closed security vulnerability CVE-2023-25690 (CVSS score of 9.8) in Apache HTTP Server 2.4.56. What users should now take into account.
Read more … Apache HTTP Server: Vulnerability CVE-2023-25690 closed after PoC
Zero-day security vulnerability in MOVEit transfer
by Tina Siering
Attackers are currently actively exploiting a vulnerability in Ipswitch (a subsidiary of the US-based Progress Software Corporation) and gaining access to data when, for example, companies exchange documents with MOVEit, the Managed File Transfer (MFT) solution. Patch now!
Read more … Zero-day security vulnerability in MOVEit transfer
IT Security and the metaverse
by Tina Siering
A "revolutionary approach" or the "new Internet": There is no stinginess with superlatives when it comes to the topic of metaversum. Today's two-dimensional text and image landscapes on the monitors of our end devices are to become three-dimensional worlds of experience and shopping in the future. Today's metaverse platforms are still mainly in the gaming sector. But development is progressing steadily, and the way we work, socialise and live will change as a result. This will also open up new sales and growth opportunities for companies. But what does the metaverse mean for companies and organisations in terms of their IT security?
Managed Security Services: In demand as never before
by Tina Siering
Phishing, ransomware, data espionage - the list of cyber threats is long. At the same time, cyber criminals are becoming increasingly sophisticated and professional. Consequently, the risk of becoming a victim of a cyberattack continues to increase in Germany and around the world. Small and medium-sized enterprises in particular usually do not have the necessary resources to detect cyberattacks themselves in time and thus be able to defend themselves. The demand for Managed Security Service Providers (MSSP) and their diverse range of services is therefore unabatedly high. We reveal what you should look for when choosing an external service provider.
Read more … Managed Security Services: In demand as never before