Mimikatz is a tool that can be used to display cached credentials of a computer running the Microsoft Windows operating system by exploiting vulnerabilities. The software is freely available and can be downloaded from GitHub in a 32-bit or 64-bit version. What is Mimikatz? Mimikatz is a tool that developer Benjamin Delpy originally intended to … Read more
What is Common Criteria? With the help of the Common Criteria for Information Technology Security Evaluation, IT products can be evaluated according to general criteria regarding their security. Common Criteria (CC) is an internationally recognized standard. “Curious about Common Criteria? Wondering how it boosts cybersecurity? Look no further! This guide unpacks the what, why, and … Read more
PKCS is a collection of specifications and standards for asymmetric cryptography. They were developed by the company RSA Security Inc. and its partners. The goal of the collection is to contribute to the dissemination of asymmetric encryption systems and to promote standardization. The Public-Key Cryptography Standards have been incorporated into various standardizations of the IETF … Read more
Social engineering is a method to gain knowledge of security-related data by exploiting human components. Depending on the authority level of the deceived person, social engineering causes considerable damage. Ever wondered how attackers convince people to reveal their deepest secrets or unknowingly grant access to their most secure systems? Welcome to our guide on Social … Read more
In the computer environment, a Trojan horse is a program that disguises itself as a useful application. In addition to the obvious functions, it has hidden functions that are executed unnoticed by the user. These can be harmful actions such as opening backdoors or downloading more malware. The terms Trojan horse or Trojan in the … Read more
Sender Policy Framework can be used to determine whether an e-mail server is authorized to send e-mails with a specific sender address. For this purpose, the receiving e-mail server checks the SPF record in the Domain Name System. The aim of the procedure is to detect and reduce certain types of e-mail spoofing and e-mail … Read more
What is DRaaS? Disaster recovery deals with the resumption of IT operations after a disruption or disaster. Disaster recovery planning includes various measures to restore IT infrastructures or important data, for example. Disaster recovery is an essential aspect of business continuity planning that aims to minimize the effects of disruptive events on a company’s operations. … Read more
A data protection officer monitors compliance with data protection regulations and is the contact person for data protection issues. Depending on the legal requirements and the organizational unit for which he or she works, he or she has specific tasks. Data protection officers may be appointed by the federal government, the states or by companies … Read more
A Red Team performs security and penetration testing from the perspective of real attackers. It consists of an independent group of qualified security experts with attacker expertise. The opponent of the Red Team is the Blue Team. The Blue Team gathers an organization’s internal IT experts, who are responsible for the security of IT systems … Read more
In data theft, unauthorized persons obtain secret, protected, or data not intended for them, such as personal data. The data can then be misused. Data theft can relate to digitally stored data or data stored on physical media such as paper. The term data theft refers to the unauthorized acquisition of secret, protected, or sensitive … Read more
Software security protects users or companies from risks that can arise when dealing with the use of the software. Insecure software endangers the integrity of data and the availability of applications or serves as a point of attack for hackers. In order to implement secure software, adapted development processes are necessary. Have you ever wondered … Read more
The term information protection covers organizational and technical measures to protect sensitive information. The measures apply to both digital and analog information. For example, it can be files, paper documents, or verbal information and know-how. The protection goals are to ensure confidentiality and to prevent a manipulation or undesired outflow of information. Are you curious … Read more
Open source vs closed source – an argument that many users fight with religious fervor. IT decision-makers think more pragmatically: they look for solutions that bring the greatest benefit to their company. Software plays a pivotal role in powering businesses and enhancing our daily lives. When it comes to selecting the right software model, the … Read more
What is DKIM? In the ever-evolving digital landscape, ensuring the integrity and security of email communication has become paramount. This is where DKIM, or DomainKeys Identified Mail, enters the picture. DKIM is a widely-used email authentication method that provides a powerful defense against email fraud and spoofing. If you’ve ever wondered how to ensure your … Read more
What is vulnerability management? If companies try to treat all vulnerabilities equally, they will quickly become overwhelmed. Given the sheer volume, cybersecurity can only be effective if vulnerabilities are considered in the right context and prioritized accordingly. Cybersecurity has become a paramount concern for businesses and individuals alike. Cyber threats lurk in the shadows, seeking … Read more
What is a compliance audit? A compliance audit checks the adherence to legal requirements or other guidelines in a private company or a public institution. Sanctions or fines due to violations of the requirements can be avoided with an audit. Compliance plays a pivotal role in ensuring ethical practices, mitigating risks, and upholding legal obligations. … Read more
What is ePrivacy Regulation? The ePrivacy Regulation (also known as ePrivacy Regulation or ePVO) is intended to regulate the protection of fundamental rights and freedoms of natural and legal persons in the provision and use of electronic communications services in the European Union. The ePVO is designed as a special law within EU data protection … Read more
In an era dominated by technology, the reliance on computers and the internet has become inevitable. However, with the conveniences of this digital age come vulnerabilities that malevolent actors exploit for their gain. This article aims to shed light on the concept of computer fraud, its various forms, and the measures that can be taken … Read more
In today’s digital age, online security and user convenience are of paramount importance. As the number of online platforms and services continues to grow, the need for a secure and seamless authentication system becomes increasingly crucial. This is where OpenID comes into play. In this article, we will dig deep into the world of OpenID, … Read more
What is VSaaS? Video Surveillance as a Service is a cloud-based service. The software functions and services required for video surveillance, such as storage space for video recordings, computing power for video analysis, remote viewing applications, and management and security functions, are provided by a provider via the Internet. Locally, only video surveillance cameras are … Read more