News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Teamviewer reports cyberattack
B2B Cyber ​​Security ShortNews

As early as June 26, 2024, the security team of the remote service provider Teamviewer discovered an "anomalies" in their IT structure. It is now clear that there was a cyberattack by the APT group Midnight Blizzard. The specialist for remote and support access for companies announced that there was unauthorized access to its systems. After the initial investigations, there was only talk of an anomaly in the IT system. The internal response team was immediately activated and had initiated appropriate processes. Teamviewer wants to evaluate the attack together with globally recognized IT security experts. Midnight Blizzard also attacked...

Read more

Nuclear and chemical plants: Biometric scanners with vulnerabilities
B2B Cyber ​​Security ShortNews

Experts have found 24 vulnerabilities in the hybrid biometric access terminals of the international manufacturer ZKTeco. The affected scanners are increasingly used in nuclear and chemical plants as well as hospitals. In addition to unauthorized access, the theft and sale of biometric data is also possible. The security gaps allow unauthorized persons to access protected areas, steal biometric data and place a backdoor. Kaspersky proactively shared the vulnerabilities with the manufacturer before they were published; it is currently unknown whether patches have been made available to fix the security gaps. The affected biometric scanners from ZKTeco are used in many…

Read more

How attackers slip through vulnerabilities in web applications
How attackers slip through vulnerabilities in web applications - Image by Mohamed Hassan on Pixabay

Access control vulnerabilities and data disclosure risks are the most common security flaws in corporate-developed web applications. This is shown by a current analysis in the period 2021 to 2023. This makes it too easy for attackers to break into companies. For its report, security specialist Kaspersky examined vulnerabilities in self-developed web applications from companies in the IT, government, insurance, telecommunications, cryptocurrencies, e-commerce and healthcare sectors. Self-developed web applications defective The majority (70 percent) of the vulnerabilities found concern the areas of data protection with regard to confidential information such as passwords, credit card details, health records, personal data and confidential…

Read more

Russian hackers want to use ChatGPT for attacks

Customer access is required for full use of OpenAI's AI system ChatGPT. Russian hackers are currently looking for ways to bypass this access to use ChatGPT to achieve their malicious goals. But that's what a lot of hackers want right now. Conversation notes from the dark web. Check Point Research (CPR) is monitoring attempts by Russian hackers to bypass OpenAI restrictions to use ChatGPT for malicious purposes. In underground forums, hackers are discussing how to bypass controls of IP addresses, payment cards and phone numbers - all necessary to access ChatGPT from Russia...

Read more

Cloud security: Secure access against hackers 
Cloud security: Secure access against hackers

Therefore, when a company moves its data and workloads to the cloud, it opens up significantly more avenues for hackers to penetrate. The challenge of protecting them is therefore greater than ever: In the current Cloud Security Report, 76 percent of those surveyed stated that they use two or more clouds in their everyday work. To understand how best to protect cloud assets, consider the analogy of a door. Suppose every security door consists of a number of components that fit together. All the individual parts together form the structure of each door: hinges, handles, locks,...

Read more

SMEs: Do ex-employees still have access to data?
SMEs: Do ex-employees still have access to data?

Only half of the SMEs in Germany cannot rule out that ex-employees still have data access to systems in the company. When it comes to access to cloud data, only four out of ten SMEs are sure that ex-employees are locked out. Former employees can pose an additional IT security risk for medium-sized companies and SMEs in Germany, as the current Kaspersky SMB Cyber ​​Resilience Report shows. Because only 41 percent of all company managers surveyed can rule out that former employees still have access to company data stored in the cloud, and only 46 percent are sure that ex-employees...

Read more

Zero Trust: Promotion with hardware security keys for MFA
Zero Trust: Promotion with hardware security keys for MFA

Cloudflare makes hardware security keys more accessible than ever to millions of customers and increases security with MFA. An exclusive offer has been created in collaboration with Yubico to end phishing attacks once and for all. Cloudflare, Inc. is the security, performance and reliability specialist dedicated to creating a better Internet. The company presents a new offering that makes physical security keys the most accessible and economical solution for customers to better protect their business and employees. Cloudflare customers can use security keys from Yubico, the leading provider of hardware security keys and thus the…

Read more

Microsoft Entra: Identity and Access Capabilities for Azure AD and Cloud

Microsoft Entra is a new product family that integrates all of Microsoft's identity and access capabilities, including Azure AD and two new product categories: Cloud Infrastructure Entitlement Management (CIEM) and Decentralized Identity. A technology presentation from Microsoft. The Entra family of products will help enable secure access to anything and everything by integrating identity and access management, cloud infrastructure entitlement management and identity verification. Sealing off no longer works in the networked world When the world was even more manageable than it is today, it was relatively easy to control digital access. We have IT systems against…

Read more

Mobile working with encrypted documents

Security in your pocket: mobile work with encrypted documents from the company network on iOS and Android. Mobile clients for the encryption solution Conpal LAN Crypt. Process corporate documents securely on smartphones and tablets - this is made possible by the enterprise encryption solution Conpal LAN Crypt with its new mobile clients. They can be used by employees on iOS and Android devices to work with encrypted files from the company network. The protection of the data remains persistent, no matter how it reaches the device: via email, via cloud storage such as OneDrive or Dropbox, via another app or via a direct connection….

Read more