Cyber Security Blog

Dive with us into the world of hackers, data espionage, and attack defense - several times a week for free!

Every year, the Allianz insurance group publishes its Risk Barometer. In this context, the insurer asks more than 2,500 companies from almost 90 countries and 22 sectors which risks they see as the greatest threat to their own business activities. The 2022 report shows a significant change in companies' perceptions compared to the previous year.

IT security is a top priority at Gartner KG, one of Europe's leading logistics service providers. The company's project managers were looking for a service provider who could bring the test quality and thus also the resilience of the IT infrastructure to the next level. They found the right sparring partner in secion.

The security vulnerability in the Java framework Log4Shell caused an uproar in the IT world. Hackers discovered the vulnerability in December 2021 and exploited it on the spot. Since then, the incidents have been accumulating, and the full extent cannot yet be estimated. At the same time, security experts warn about the long-term consequences of the vulnerability. Due to the wide distribution and the particular way Log4Shell is implemented, an unknown number of users are still at risk.

Recently, Microsoft informed about the vulnerability CVE-2021-40444 in the office software Office. The corresponding MS Office patch was already released in September 2021. Now it turns out that Microsoft did not even fix the cause of the vulnerability with the patch. Experts warn that criminals will continue to exploit the vulnerability and have even uncovered further potential dangers in connection with the exploit.

The cyber threat situation will remain extremely tense in 2022: IT security threats will be characterized by optimized attack strategies and methods that target companies and employees more perfidiously than ever before. If 2021 were already a "successful" year for cybercriminals, the cyber security risks in the new year would be even more so. In this article, you can find out which IT security threats companies will face in 2022.

Attackers can gain access to affected systems via a critical vulnerability in the Java logging library "Log4j". Users of Log4j versions 2.0 to 2.14.1 should immediately apply a patch to close the gap. We provide concrete recommendations for action in the article and supply a regularly updated list of callback domains.

Microsoft Exchange is used on many e-mail servers. There have been repeated attacks on vulnerable Microsoft Exchange servers in recent months. A BSI warning urges all administrators to check their systems and update Microsoft Exchange immediately. The reason for this lies in new IT security vulnerabilities in Exchange, which Microsoft closed with patches in October and November. Nevertheless, many servers are still vulnerable because no update has been made.

The home office has become a permanent part of many companies in the last two years. One primary reason for this is the Corona pandemic. At the same time, working from the home office has created a host of new IT security risks. The now more complex network structures and the human risk factor provide threats. With the following six tips, companies increase IT security in the home office and thus reduce the dangers posed by such a network structure.