QakBot malware: Warning of increasing attacks
by Tina Siering
For several days now, there has been a strong accumulation of successful compromises by the "QakBot" malware (also known as "QBot" and "QuackBot") worldwide. We have also already identified successful attacks as part of our ACD monitoring. After infection, criminals can gain access to online banking accounts, leak user data, and reload further malware. As one measure to mitigate the risk, we urgently recommend adjustments to the Group Policy Objects (GPO).
Cybercriminals are true masters at constantly adapting their attack mechanisms to effective IT security measures. New tools and iterative changes to existing malware are used to mercilessly exploit security vulnerabilities. Among the numerous threats, ransomware stands out as one of the biggest. More and more companies have to face extortion Trojans. A completely new threat called LockFile now relies on intermittent encryption. LockFile not only encrypts much faster than previous ransomware, but also bypasses security solutions that work reliably. This article shows why criminals are increasingly relying on intermittent encryption and how companies should react to the new threat.
Read more … New ransomware trend: Why criminals increasingly rely on intermittent encryption
Ad Hoc News: Warning of "BlueBleed" data leak at Microsoft
by Tina Siering
In a blog post on 19.10.2022, Microsoft confirmed that sensitive customer data had been exposed!
The reason was a misconfigured Microsoft endpoint server that was publicly accessible via the internet. In total, it can be assumed that sensitive data from approx. 65,000 companies in 111 countries was publicly accessible.
Read more … Ad Hoc News: Warning of "BlueBleed" data leak at Microsoft
Successful KRITIS audit: Allgeier secion reviews IT security measures of Stadtwerke Tuttlingen
by Tina Siering
Counting as part of the critical infrastructure (KRITIS), Stadtwerke Tuttlingen must meet particularly strict, legally prescribed security requirements in the area of IT security, among other things, in accordance with Section 10 (1) BSIG (BSI Criticality Ordinance). The basic utility brought Allgeier secion on board as an external IT security expert to have its own IT protection measures audited and to position itself securely for the future.
Emails: The five biggest security mistakes
by Tina Siering
In 1972, a Canadian IT consultant named Ian Sharp ventured a prediction that would go down as one of the biggest miscalculations in computer technology. At the time, Mr. Sharp was rock-solidly convinced that "e-mail was a totally unsaleable product." Today, 50 years later, electronic mail has become the most important digital communications tool of all. More than 200 billion e-mails will be sent in 2022 - and that's every day. But e-mail has not only become indispensable for communication between private individuals or companies; it is also used frequently and with pleasure as a marketing tool. The German economy invests around two billion euros in e-mail advertising every year. Despite or perhaps because of its long history, e-mail is still surrounded by security myths. In this article, we have summarized the five biggest security errors in dealing with e-mails. Not surprisingly, email is still one of the main gateways for cyber attacks on companies.
"A valuable investment in our security": Yager Development GmbH protects its networks with ACD from Allgeier secion
by Tina Siering
The game developer Yager Development GmbH complements preventive IT security measures with a managed detection and response solution. The company opted - instead of initially considering a SIEM solution - for the Active Cyber Defense (ACD) service, the effective, resource-saving solution for early attack detection.
Whether white-hat, black-hat or grey-hat: the basis for successful hacking is always the willingness to learn. Ambition, motivation and personal commitment pay off particularly well in the field of ethical hacking. This is because pentesters are sought-after specialists who are inundated with well-paid job offers, especially in times of extensive digitization. If you are interested in hacking, are considering a career in the field, or simply want to learn more about the methods and techniques of ethical hackers, we recommend the TOP 5 YouTube recommendations of our IT security consultants.
Read more … Learn to hack - the TOP 5 YouTube recommendations of our IT Security Consultants
Top News Exchange Hack: New Microsoft Exchange zero-days are actively exploited for attacks
by Tina Siering
Attention: On September 29, 2022, GTSC published a blog article about high-risk vulnerabilities! It reports on a new attack opportunity that exploits two not yet disclosed vulnerabilities (0-Day). In doing so, attackers can perform remote code execution (RCE) on affected Microsoft on-premise Exchange servers. Our security analysts have also verified anomalies in connection with the new zero-day vulnerabilities during active analysis as part of our Managed Security Services. The vulnerability occurs, among other things, in Outlook Web Access (OWA) or in a related component and has not yet been fixed by Microsoft.
Malware, composed of "MALicious" and "SoftWARE", is the generic term for malicious software explicitly created to infect IT systems. This buzzword covers a wide variety of malware - from viruses and worms to adware and spyware, rootkits and ransomware. In this article, we show the different types of malware, assess the threat potential for your company and provide valuable tips on how you can protect IT systems, networks and end devices from the numerous threats.
Read more … Different types of malware, potential threats and tips for protection!
Why are software updates and system maintenance so important?
by Tina Siering
Many of the current malware threats exploit vulnerabilities in operating systems and deployed software to compromise systems. As soon as they are known, the manufacturers patch the entry points as part of updates - i.e., they close them with minor or major adjustments to the architecture. "A software update is available": Surely you are also familiar with this message that pops up on the screen at regular intervals. This article shows why you should not simply click away from this message, but rather treat it as a top priority.
Read more … Why are software updates and system maintenance so important?