Cyber Security Blog

Dive with us into the world of hackers, data espionage, and attack defense - several times a week for free!

Security culture is considered extremely important by experts - but 94% of respondents to the study "The Rise of Security Culture" did not agree on what the term should mean. Reason enough for us to take a closer look at the topics of "security culture in companies" and "security awareness"!

The constantly growing number of cyber attacks makes it clear that an IT security early warning system for the defence against cyber threats is becoming increasingly important. Such a system can be implemented with the help of network monitoring and anomaly detection. However, the basis for an efficient implementation is to ensure the complete control and analysis of the data.

There are a variety of cyber threats to corporate information security. Some of them are characterized by their particularly high threat potential or an insidious infection path. Other threats are difficult to detect and that is why they are so dangerous. This article looks at the five most dangerous cyber threats to network security today - and which defense techniques are effective.

On the one hand, the GDPR is intended to ensure the protection of personal data, but on the other hand, it is also intended to ensure the free movement of data within the European single market. Since its introduction in 2018, the GDPR has placed high demands on employers and employees - since then, a data protection breach can be sanctioned with high penalties. In this article, you will learn what you need to pay particular attention to as an employer when it comes to data protection in order to avoid a data breach.

For a long time, industrial controls were isolated local systems. Through further development and integration into the modern IT infrastructure, this industrial sector is now connected to networks and the Internet. Suddenly, critical ICS vulnerabilities are emerging that threaten industry and CRITIS. There is therefore an acute need to catch up in the area of industrial security - this is the conclusion of a recent study by Claroty.

An unusual incident provides insights into the business of the ransomware developers of this malware. An apparently dissatisfied user of a Ransomware as a Service model published operating instructions and scripts of this platform. The information from the Conti Leak allows a look behind the scenes of a modern ransomware and how hackers copy as well as monetise the concept of cloud services.

IP cameras, digital video recorders or baby monitors definitely make our everyday lives more comfortable. IoT devices of all kinds are now used in millions of households and businesses around the world - and are now under attack! This is because a recently discovered IoT security vulnerability allows cyber attacks on the networked devices, where attackers can take control of the networked smart devices via the internet. The vulnerability, named CVE-2021-28372, is classified with a threat level of "critical".

The expectation of being able to exclude certain types of security incidents by choosing a certain endpoint security solution does not fit the reality of IT, but is equally symptomatic of cybersecurity practice in practice. In his article, Clemens Rambow, Offensive Security Consultant at secion GmbH, highlights the characteristics of the individual ransomware attack phases and draws a noteworthy conclusion.

The headlines about successful cyber attacks are not coming to an end - on the contrary. The topic of IT security has become a central issue for companies, and most of those responsible have realised the dangers posed by hacker attacks. But what about the IT security situation in municipalities? Both financially and in terms of knowledge, the cyber security of cities in Germany often lags behind the minimum standards. With what consequences?