Browse through exciting articles, current news and helpful tips & tricks from our experts on all aspects of cybersecurity.
Did you know that PDF files often serve as a gateway for cyberattacks? These seemingly harmless documents can be infected with dangerous viruses that damage to your computer without you realizing it. Viruses often hide in PDF files to exploit security vulnerabilities and steal your sensitive data.
During a recent penetration test of an IBM AIX environment, I uncovered two critical vulnerabilities, including one that had gone unnoticed for almost 30 years. The identified flaws in the AIX Network Installation Manager (NIM) allow for remote command execution with root privileges — potentially compromising entire AIX infrastructures. In this blog post, I will walk you through the discovery of CVE-2024-56346 and CVE-2024-56347, the impact of these vulnerabilities, and the steps you should take to secure your systems.
The Digital Operational Resilience Act (DORA) and the TIBER-EU framework work hand in hand to strengthen the cybersecurity and resilience of financial institutions in the EU—DORA sets the regulatory foundation, while TIBER-EU enables realistic, threat-led testing. Together, they promote a proactive approach to identifying and mitigating cyber risks. We spoke with two of our TIBER-experienced experts to explore what makes these tests unique, the challenges they pose, and why elements like social engineering and physical security are key factors.
In today’s cybersecurity threat landscape, it is no longer sufficient to rely on technical measures alone to ensure a company’s information security. From an organizational point of view, clear responsibilities and processes, as well as continuous testing of all these activities, are also required. Yet for cybersecurity, people are often the most vulnerable to attacks and this is precisely where cybersecurity awareness comes in: to train employees to recognize cyberattacks at an early stage and therefore to minimize the risks they pose to the company. This article explains why cybersecurity awareness is a central component of any Information Security Management System (ISMS), how organizations can benefit from appropriate awareness measures, and how important the engagement of top management is in this regard.
An analysis of the most frequently lists of the most frequently used passwords shows that even today, passwords tend not to be very complex. This suggests that password managers, which would make it easier to create secure passwords, are rarely being used. As a consequence, many service providers rely on the addition of a second factor during the login process in order to reduce the dependency on the password. However, this solution is not an optimal measure as it does not fully address the problem of password security. A promising approach that could offer an alternative to passwords is the use of passkeys.
Vulnerability Management is making waves again. Successful attacks requiring no user interaction are becoming more frequent once again. At the same time, the number of publicly known vulnerabilities is increasing from year to year. This raises the question of how these vulnerabilities can be detected and remedied as early as possible.
In an increasingly digitalized world, companies of all sizes and in all industries are at risk of cyberattacks. It is therefore crucial for businesses to prioritize network security in order to protect sensitive information and business processes. Every year, thousands of attacks on corporate networks are recorded, whether by hackers, insiders, or automated malware. The consequences of such attacks can be severe, including data loss, business interruptions, significant financial losses, and a loss of customer trust.
With the Information Security Act* (Informationssicherheitsgesetz, ISG) coming into force on January 1, 2024, new standards for securing information and infrastructure were set in Switzerland. The law brings comprehensive innovation in the field of cybersecurity and strengthens the security of information and infrastructure at various levels, as well as cyber resilience in general. The ISG applies to both government authorities and private companies that are significant for the security of the federation. A particular focus is on operators of critical infrastructure. This article provides an overview of the main changes and requirements that the ISG brings.
It is estimated that companies worldwide suffer billions worth of damages each year due to social engineering attacks. In response to the significant advancements made by companies in strengthening their technical defenses against cyberattacks in recent years, attackers are seeking new methods to gain unauthorized access to networks and obtain data. In essence, this is not a new phenomenon, but rather a shift back to the traditional methods used by attackers.
The advent of the internet, along with the concurrent increase in computer processing power, ushered in the digital age for businesses. This technological progress, however, also gave rise to new threats in cyberspace, which presented significant challenges for companies. Consequently, there was a tendency to prioritize the hardening of the information infrastructure, with the “old” threats largely being relegated to the background.
Tabletop exercises allow organizations to test and improve their crisis management capabilities in a safe environment. Realistic scenarios are played out, allowing participants to refine their response strategies to potential security incidents and identify weaknesses in their existing processes.
There has been a dramatic increase in the number of cyberattacks in recent years, affecting both companies and private individuals alike. Phishing emails and other attacks have become more or less an everyday reality at work. Ransomware attacks have a particularly high potential to cause severe damage – which is why they receive a lot of media attention.
Over the past few years, ransomware has become a serious threat to businesses that can cause significant damage. The financial impact of ransomware attacks is enormous – in addition to the cost of business interruption, organizations that fall victim to such an attack must also pay for the analysis and recovery of affected systems and data, as well as, in some cases, ransom demands.
Ransomware represents one of the most significant and pervasive cyberthreats today. What originated as a relatively rudimentary blackmail tool has evolved into a highly sophisticated and organized criminal industry. Businesses and private individuals worldwide are confronted with this growing threat due to its relentless and indiscriminate nature.
The importance of having a high level of cyber resilience is increasing exponentially these days as cyberattacks become more complex and frequent. Cyber resilience is the ability of a company to maintain business operations in the event of a cyberattack and to return to normal state as quickly as possible. This requires both preventive measures to avoid cyberattacks and strategies for rapid response and recovery in the event of a successful attack.
The prevalence of cyberattacks has increased markedly in recent years, becoming a common occurrence in the contemporary business environment. The vast majority of us utilize information technology tools, are connected to networks, and benefit greatly from this connectivity. Nevertheless, an increasing number of companies are coming to recognize that malicious actors are also exploiting this networking and the resulting dependence on digital resources to their advantage. Ransomware attacks for example have become part of the everyday problems faced by many organizations.
In an increasingly complex and dynamic world, it is essential for organizations to continually review and improve their security and defense strategies. One of the most effective ways to uncover vulnerabilities and build resilience is through red teaming. But what exactly is red teaming? And for what types of organizations is it best suited?
Cyberattacks, particularly those involving ransomware, are becoming more prevalent and pose a threat to companies of all sizes. Organizations must be able to respond quickly to minimize financial and reputational damage.
Many businesses today rely on Microsoft 365 services. As these services become more popular, they also become more likely targets for hackers. Experience shows that there are still organizations that have not secured their Microsoft Cloud clients. Therefore, organizations should take protective measures against cyberattacks – Conditional Access policies are one such measure. This article provides an overview of how Conditional Access policies work.
In the digital world, companies are constantly exposed to new threats. Phishing attacks are among the most insidious forms of such threats, as what looks like a simple click on an email can have devastating consequences – from financial loss to data breach.
With the Digital Operational Resilience Act (DORA), the EU has created a sector-wide regulation regarding cybersecurity, ICT risks and digital operational resilience for the finance industry. It will come into force in January 2023 and must be complied with by January 17, 2025.
Never miss the latest news about cybersecurity topics again? Subscribe to our Newsletter.
Don’t miss anything! Subscribe to our free newsletter.
Availability Monday to Friday 8:00 a.m. – 6:00 p.m (exception: customers with SLA – please call the 24/7 IRR emergency number).
Private individuals please contact your trusted IT service provider or the local police station.
For more information about our DFIR services here:
