Spear phishing is a personalized form of the classic phishing attack. A targeted attack on specific individuals or organizations is intended to steal data or install malware on systems. Spear phishing is usually carried out with the help of e-mails or messages on social networks. Attackers have obtained information in advance to ensure that the …
A backdoor is alternative access to a software or hardware system that bypasses normal access protection. A backdoor can be used to bypass the security mechanisms of hardware and software. The access may be intentionally implemented or secretly installed. What Is a Backdoor Attack? In the IT environment, a backdoor is an alternative access method …
Common Weakness Enumeration is a freely accessible list of typical vulnerabilities in software and hardware. It categorizes vulnerabilities and serves as a basis and common language for identifying security-related weaknesses. The list is maintained by the community and published by the MITRE Corporation. A top 25 list of the 25 most significant vulnerabilities are published …
A PUP is a potentially unwanted program on the computer, which often gets onto the computer as part of the installation of another software. The PUP usually serves as a marketing tool and, for example, displays unsolicited advertisements or changes browser settings. The most common form of PUP is advertising software, so-called adware. What is …
Spyware is software that spies on and records activities on the computer or on the Internet without the user’s knowledge. This information can be passed on to third parties and misused for purposes such as advertising. What is Spyware? Spyware in German means spying or snooping software and refers to a program that spies on …
Malware, also known as malicious software, is one of the biggest risks for IT systems and data. When detecting and defending against malware, the specifics of the different types of malware must be taken into account. What is malware? Malware refers to malicious, harmful software. Unlike software that unintentionally causes damage because it is faulty, …
Attack vector refers to a specific way and/or technique to perform an attack on an IT system. Cybercriminals use attack vectors to compromise or take over foreign computers and systems. Often, the exploitation of one or more attack vectors takes place in multi-step manual or automated procedures. What is an attack vector? In the IT …
The open-source TOR Browser (The Onion Router) allows secure and anonymous use of the Internet. The open source web browser is based on Mozilla Firefox and comes with an additional selection of extensions that are automatically active after unpacking. Safe and Anonymous on the Internet and Darknet When using TOR Browser, there is of course …
A computer worm is a malware that copies itself and spreads autonomously without needing a host file. Typical propagation paths of the worm are networks or removable media. The malicious functions of the computer worm can be very diverse. What is a computer worm? Like the computer virus or the Trojan, the computer worm belongs …
BSI Standard 200-3 is an elementary component of the BSI’s IT-Grundschutz methodology, along with Standards 200-1 and 200-2. The standard contains procedures for performing risk analyses to ensure basic IT protection. The standard bundles all risk-related work steps for implementing IT-Grundschutz. In 2017, standard 200-3 replaced the previous standard 100-3. What is BSI Standard 200-3? …
Hackers are technically skilled people in the hardware and software environment. They find vulnerabilities of systems to draw attention to them or to use them for specific purposes such as unauthorized intrusion or to change functions. What is a hacker? Hackers in the hardware environment try to specifically change the functions of devices by modifying …
Indicator of Compromise (IoC) is characteristics and data that indicate that a computer system or network has been compromised. For example, they are unusual network activities, special files, entries in log files, or started processes. The indicators of compromise can be put into a structured form and evaluated automatically. What is an Indicator of Compromise? …
A computer virus is a program code that attaches itself to a host file and multiplies itself independently. It changes the functions of the infected computer. It is usually programmed as malware and executes harmful functions or manipulates the computer and its data. What is a computer virus? A computer virus is capable of replicating …
Almost all organizations rely on Active Directory as the primary authentication mechanism on their network. As a result, Active Directory is also the most popular target for attacks. Microsoft’s Active Directory Red Forest design, aka Enhanced Security Administrative Environment (ESAE), is intended to provide an additional level of security. Active Directory Management with the “Red …
Active Directory Management with the “Red Forest” Read More »
Emails are still the most important means of communication for companies, and at the same time they are the most important entry route for malware into a company network. Ransomware, phishing, virus-infected attachments and even spam are concrete threats to IT security. Administrators need to know what to do to secure the mail transmissions in …
Basics of Email Security: No Chance for Phishing and Trojans! Read More »
Zoom is one of the most popular services for video conferencing. In this article, we will show what options are available to make the web service secure. For this purpose, users and administrators of the environment can optimize settings. First of all, users should be aware that there can be no perfect protection of data …
Identity and Access Management (IAM) provides central administration of identities and access rights to different systems and applications in companies. Authentication and authorization of users are central functions of IAM. What is Identity and Access Management (IAM) and How It is Used? Identity and Access Management (IAM) can be translated as identity and access management. …
No, a virus is one type of malware actually. Viruses are a type of malware. By their definition, malware is any type of harmful or malicious software. This includes viruses, worms, spyware, adware, and so on. When you install a virus onto your computer, it can take over your system as well as corrupt files …
There is no such thing as 100% security. No matter how careful you are, there is always some risk that your computer will be compromised by a virus, Trojan or other type of malware. Many people don’t even know their computers are at risk because many of the “security” features built into today’s operating systems …
Spyware: What to do if you suspect you are being watched or hacked Read More »
Have you ever occurred to see ads pop up on your PC desktop? Or even on your phone screen, at the most inopportune moments? Maybe you have. You might not realize it but this is actually adware. One might think, “Ads are annoying so this can’t be good!” But before your head spins with all …
