Fake QR codes pose a growing threat to email security - BSI speaks of quishing.
TECHNOLOGY POWERING BUSINESS
Security
An Interview With Chat GPT On AI And Cybersecurity
Chat GPT advises, "Contingency plans should be prepared and employees should be trained to properly respond to an attack."
After Hacker Attack: GoTo Resets Some Customer Passwords
Hackers apparently succeed in decrypting parts of the compromised backups. These also contained passwords of customers, which are, however, protected by salt and hash.
After Hacker Attack: PayPal Reports Loss of Customer Data
Around 35,000 accounts are affected. Unknown persons capture names, addresses and social security numbers, but no financial data. The trigger is a credential stuffing attack.
Hacking Attacks on Connected Vehicles
VicOne and TrendMicro join Panasonic and Hitachi Astemo to showcase new security solutions for connected vehicles.
Interview: Security and Sustainability Belong Together
In addition to security, IT solutions must also be able to demonstrate sustainability. Analyst Simon Mingay, Research Vice President, Gartner Research, explains why.
Study: One Third of German Employees Put the Company’s IT Security at Risk
The proportion of employees with low or very low competence in IT security is rising significantly. Only 27 percent consider themselves to have a high or very high level of competence.
Secure Self-Hacking For Vulnerability Detection
Free tool for vulnerability and risk detection of data exfiltrations via DNS.
Twitter: Data Leak Not Due to System Error
However, a small part of the currently offered data originates from an earlier security incident. Twitter assumes that the leak was compiled from sources already publicly available.
Crypto-Inspired Magecart Skimmer
Malwarebytes has discovered a skimmer that uses the "Mr.SNIFFA" framework and targets e-commerce websites and their customers.
Vulnerabilities in the Medical IT Infrastructure
Serious security vulnerabilities in the medical sector. Hospitals are increasingly falling victim to cyberattacks.
LastPass: Hackers Also Capture Customers’ Password Safes
The safes also contain non-encrypted data. However, these are in a proprietary format. LastPass emphasizes that all passwords are secured by 256-bit AES encryption.
How Companies Accelerate Detection and Response
After a network intrusion, it usually takes cybercriminals eleven days to capture or encrypt data, warns Wolfgang Kurz of indevis.
High-Security, Quantum-Resistant Networks
Munich Quantum Network at the University of the Federal Armed Forces Munich achieves milestone with newly developed key management system.
The Most Popular German Password 2022 is: 123456
The Hasso Plattner Institute (HPI) has been warning about the risks of weak passwords for years, and every year it produces a ranking of the most commonly used passwords.
Microsoft Closes Six Critical Security Gaps
The December patchday also brings a fix for a zero-day vulnerability. In total, Microsoft eliminates 56 vulnerabilities. Windows, Edge, Office, SharePoint, Azure and Hyper-V are among those affected.
Trends Episode 8: Security by Design and Deepfakes
Hybrid work models will become the gateway for criminals to enter corporate networks.
Trends Episode 7: Even Attackers Make Mistakes
2023 is a good year to start a cybercrime career. Internet marketplaces offer stolen credentials and ready-made ransomware.
Cyber Deception – One of the Most Powerful IT Security Approaches
Cyber-Deception is one of the most effective and powerful approaches the computer security industry has perhaps ever seen.
Apple Announces New Privacy Features for the Cloud
In the future, Apple will also offer end-to-end encryption for backups and photos. In addition, the Apple ID will support hardware security keys starting next year.
Europe Faces a New Wave of Cyber Attacks in 2023
Mandiant forecast assumes cyber operations due to energy crisis and Russian war of aggression.
Cybersicherheit: Unternehmen schätzen Verbraucher falsch ein
Umfrage zeigt, wie unterschiedlich Endnutzer und IT-Entscheider in puncto Datensicherheit ticken – und was daraus für die IT-Security folgt.
The Cloud in Crisis Mode
How are the current crises affecting the cloud and its security? An interview with Soeren von Varchmin, Chairman of the Advisory Board CloudFest.
BlackByte: Ransomware Disables Security Software
The cyber extortionists exploit a known vulnerability in a Windows graphics driver. They then manipulate drivers of anti-virus software. This way, the BlackByte group can access systems of its victims undisturbed.
13 Million Installs: Malicious Apps Discovered in Play Store and App Store
They are part of a large-scale malvertising campaign. 75 apps find their way into the Play Store. 10 more apps make it into the Play Store.
Hacker Penetrates Uber IT Systems
The hacker gained access to vulnerability reports and shared screenshots of internal systems, the email dashboard, and Slack server.
Risks and Side Effects of Missing Security Measures
Recent study by Mimecast highlights level of security threats in healthcare.
Forced to Use Original Printer Cartridges: HP Compensates Customers
A security function blocks third-party printer cartridges. HP is retrofitting the function to some printers via a firmware update. So far, only customers in Belgium, Italy, Spain and Portugal are receiving compensation.
Know Your Opponent
In his guest article, Yaroslav Rosomakho from Netskope explains how cybercriminals work and how companies can arm themselves against them.
Microsoft Warns of Possible Data Loss on Windows Systems with Current CPUs
Windows computers that support the VAES instruction set are affected. An update temporarily reduces the performance of AES-based operations significantly.