What is smishing? Smishing is an internet fraud method. Unlike phishing, it does not use e-mails or Internet links to elicit sensitive information such as passwords from victims but uses SMS text messages. The messages ask the victim to visit a link, install software or call a phone number, for example. In the second step, … Read more
What Is Vishing? Vishing is an Internet fraud method. Unlike phishing, it does not use emails or links to obtain sensitive information such as passwords or personal data of the victim but uses the personal conversation during a phone call. On the technical side, automated voice-over-IP calls with a falsified sender number are often used. … Read more
What is OPNsense? OPNsense is an open-source firewall distribution based on the UNIX-like operating system FreeBSD. It is licensed under a 2-clause BSD license and is freely available. The software evolved from a fork of pfSense. OPNsense offers a wide range of features, is easy to use, and can be used as a firewall and … Read more
What Is a Deepfake? Deepfakes are video or audio content faked with the help of artificial intelligence (AI). Artificial Intelligence methods such as Machine Learning (ML) and Artificial Neural Networks (ANN) are used, for example, to exchange persons in video sequences or to have actors speak different texts. Some deepfake methods are applicable in real-time. … Read more
What Is Encryption? Encryption is used to transform data into a form that can no longer be read by unauthorized persons. Digital keys (key files) are used for encryption in symmetric or asymmetric encryption processes. In the digital age, where information is constantly transmitted and stored online, the security and privacy of data have become … Read more
What Is a data breach? Data theft, data manipulation, encryption of data by ransomware, or data loss, all these incidents are classified as data breaches under data protection law. Reports of data breaches are piling up and many studies are investigating the consequences of a data loss. But what exactly is meant by a data … Read more
What is Credential Stuffing? Credential stuffing is a cyberattack method that uses previously leaked or illegally obtained credentials to try them out en masse for unauthorized access at other services. The attackers assume that users use their login credentials with the same usernames and passwords at multiple services simultaneously. This attack method is one of … Read more
What is a Remote Access Trojan (RAT)? A Remote Access Trojan(abbreviated RAT) is malware that enables remote control and administrative control of a foreign computer unnoticed by the user. The manipulation possibilities of a RAT are manifold and range from spying out passwords and stealing data to unnoticed use of the webcam or microphone. Remote … Read more
What is STIX? STIX (Structured Threat Information eXpression) is a language standardized by OASIS to describe threats in the cyber environment. STIX can be read by humans directly or via tools and can be processed automatically by machines. In modern days, the importance of cybersecurity cannot be overstated. Cyberattacks have become increasingly sophisticated and prevalent, … Read more
What Is Spam? Spam or junk refers to unsolicited electronic messages that often have an advertising character. The increased volume of messages and the additional work required to sort out or process them cause considerable economic damage. In digital and AI age, we’ve all encountered the relentless deluge of spam – those unsolicited and often … Read more
What Is Spear Phishing? Spear phishing is a personalized form of the classic phishing attack. A targeted attack on specific individuals or organizations is intended to steal data or install malware on systems. Spear phishing is usually carried out with the help of e-mails or messages on social networks. Attackers have obtained information in advance … Read more
What is a digital signature? A digital signature is the cryptographic implementation of an electronic signature. With the help of the digital signature, electronic documents can be signed digitally. The aim is to prove the identity of the signer beyond doubt and to ensure the integrity of the electronic message. The digital signature uses cryptographic … Read more
What Is Two-Factor Authentication (2FA)? Two-factor authentication (2FA) uses two independent components. With 2FA, an increase in authentication security can be realized compared to simple login procedures via password. This is intended to make identity theft more difficult. In an era where digital security is of paramount importance, Two-Factor Authentication (2FA) has emerged as a … Read more
What is WebAuthn? WebAuthn enables the authentication of users without a password. It is a W3C standard based on public-key methods and the use of factors such as biometric features, hardware tokens, or smartphones. Numerous browsers, operating systems, and Internet applications already support the method. Online security is of paramount importance in today’s digital age. … Read more
What is Homomorphic Encryption? Homomorphic encryption allows performing computations on data without having to decrypt it first. Confidentiality is maintained, and at the same time, the calculations yield the same results as if they had been performed with unencrypted data. The results are encrypted and can be viewed with knowledge of the appropriate key. Fully … Read more
What is a Hashmap? A hashmap is a data table with a special index structure that allows fast retrieval of data objects. The position of a data object is defined by a hash function. In the hashmap, the data is stored as key-value pairs. The values can be retrieved via the key. The time required … Read more
What is CWE (Common Weakness Enumeration)? Common Weakness Enumeration is a freely accessible list of typical vulnerabilities in software and hardware. It categorizes vulnerabilities and serves as a basis and common language for identifying security-related weaknesses. The list is maintained by the community and published by the MITRE Corporation. A top 25 list of the … Read more
Looking hard for secret tips on website maintenance? Without question, websites now serve as the primary norms of communication between businesses and their customers. It is true, as they say, “First impressions are lasting impressions.” Undoubtedly, you must invest money in a decent website for your business, but creating one is only the first step. … Read more
What is A Man-In-The-Middle Attack? In a man-in-the-middle attack, the attacker places himself logically or physically between the victim and the resources used. He is thus able to intercept, read or manipulate the communication. End-to-end encryption is an effective countermeasure against a man-in-the-middle attack. What Is a Man-In-The-Middle Attack? A Man-in-the-Middle (MITM) attack is a … Read more
What is a Pass-The-Hash Attack? Pass-the-Hash is an attack method that uses the hash value of a password to authenticate against a system. Through vulnerabilities in the system or in the authentication protocols, the hash value can be read out with tools and used for authentication. The attack method can be used in various operating … Read more