Cyber Security Blog

Dive with us into the world of hackers, data espionage, and attack defense - several times a week for free!

As an inclusive institution, Elbe-Werkstätten has an increased security risk when it comes to IT security. In addition to already existing, established security solutions, further measures in the area of "Managed Protection and Response" (MDR) should therefore be added. The condition: It had to work simply, be affordable and also be implementable with a small team. After some research, those responsible decided on Allgeier secion's lean but effective Active Cyber Defense (ACD) service instead of their own SIEM solution (Security Information and Event Management), which they had initially considered.

The use of multi-factor authentication (MFA) significantly increases the level of access security compared to the simple use of username and password and makes it more difficult for cybercriminals to access sensitive data. With MFA, two or more credentials are required to gain access to a system, for example, via additional confirmation of login via personal smartphone. Multi-factor authentication actually adds a significant amount of security - but that the process protects one hundred percent against successful account takeovers is a fallacy! Learn in this article which seven tactics are used by cybercriminals to circumvent MFA.

Ransomware attacks have been on the rise worldwide for years. Recently, four malware types have emerged that are used particularly frequently. They are responsible for more than two-thirds of all ransomware attacks and pose a major threat to both large corporations and small and medium-sized enterprises. Unfortunately, companies and organizations lack the necessary resources, especially smaller cybersecurity teams, to adequately position themselves in the fight against the aggressive hacker groups. However, effective protection is still possible with the right strategy.

Of all the dangers lurking on the Internet, botnets are considered one of the greatest threats of all. Whether in the form of a web crawler or as the sender of a spam mail - surely every user has already been confronted with robots (bots for short, derived from the English "robot"). Botnets are among the most important underground infrastructures that allow cybercriminals to access any number of infected computers simultaneously - and with an incredible variety of options. As a result, they are among the most lucrative illegal sources of income and pose an immense threat to companies and organizations. Accordingly, profit-oriented cyber organizations, syndicates and hacktivists act professionally. In this article, you will learn how botnets work and how you can best protect yourself against them.

The reports about critical security vulnerabilities in Atlassian products do not stop. The Australian software company is currently warning of three serious vulnerabilities in numerous of its applications and services. The manufacturer has already published updates and urgently advises users to install the latest software version in order to close the security gaps.

IT security not only depends on the infrastructure and security technologies used, but also to a significant extent on the people who use the digital systems. While the security technologies used are now highly reliable, people are increasingly becoming a weak point. Cyber criminals usually look for the easiest way to obtain data or penetrate a network - and this way too often leads through uninformed, uninformed employees. Establishing a functioning culture of cybersecurity, regularly sensitizing all employees to existing threats and integrating them into the security concept as a "human firewall" is crucial for a company's overall IT security today.

Deepfakes - media content deliberately manipulated by artificial intelligence - have been known to a broad public at least since the phone call between Minister Giffey and the (alleged) interlocutor Vitali Klitschko in June 2022. Deepfakes began as a technical gimmick in the digital world and have now reached a level that has become a real threat to organizations and companies worldwide. Through machine learning and the use of AI, videos and audio files can now be faked - and in such a way that they are almost indistinguishable from genuine content. Read this article to learn about the current threats posed by deepfakes and how companies, government agencies and private individuals can protect themselves from the manipulations.

Patches that are not applied in time can become a threat to your company. Cyber criminals rely on you neglecting your patch management and applying security updates too late or not at all. There are now so many vulnerabilities in applications that many companies can no longer keep up with patching - with fatal consequences for IT security. We show you how you can close security gaps in your systems in good time and protect your company from cyber attacks with a well thought-out patch management process.

In order for your business processes to run smoothly, your digital company data must be available at all times. However, it can quickly happen that your data falls into the hands of hackers or is accidentally deleted by employees. To avoid long downtimes and loss of revenue in such cases, you should always have a complete backup copy at hand with which you can quickly restore your data. We tell you which backup methods and storage media you need to be prepared for emergencies.