News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: BSI

AOK: Software vulnerability - BSI confirms data leak
June 4, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The AOK and many of their nationwide offices use the software product MOVEit Transfer. There is now the dangerous vulnerability CVE-2023-34362, which is not yet classified. However, the BSI has given the vulnerability the second-highest internal warning level, Orange, and writes “The BSI is monitoring the active exploitation of the vulnerability with confirmed data leakage.” The manufacturer Progress already published on May 31, 2023 that a critical vulnerability had been found in its software product MOVEit Transfer. Exploitation of the vulnerability allows privilege escalation and unauthorized access to the file system. Progress is already providing…

Read more

SME security: BSI defines CyberRiskCheck according to DIN
8 May 2023
| No comments
| PR News
SME security: BSI defines CyberRiskCheck according to DIN

The BSI has specified security advice for small and medium-sized companies according to DIN SPEC 27076. The so-called CyberRisikoCheck gives non-specialist customers and SMEs the certainty that their cyber security really does meet standards. More and more managers in small and medium-sized enterprises (SMEs) are realizing that they can no longer work without their IT systems and therefore need to protect them appropriately. Often, however, they neither know how good or bad their information security is, nor which paths it makes sense to take to increase the level of protection. CyberRiskCheck – 27…

Read more

IT-SiG 2.0: IT Security Act 2.0 comes into force!
1 May 2023
| No comments
| PR News
IT-SiG 2.0: IT Security Act 2.0 comes into force!

Now the time has come: the IT Security Act 2.0 will come into full effect on May 1st. This means that the transition period for the obligation to provide proof of attack detection for critical infrastructure KRITIS has expired. The law has been in force for 2 years, but only now in a tightened form. Now the suppliers of KRITIS also have an obligation and may still not know it. Information from RADAR Cyber ​​Security, Sophos, Rhebo. Even a few days before the end of the transition period, there is still some ambiguity about what the IT Security Act 2.0 means in detail: What requirements...

Read more

BSI study: Industrial IoT microcontrollers are vulnerable
21 April 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The BSI publishes a study on possible attacks on microcontrollers that are installed in industrial IoT in the aviation or automotive sectors in particular. The study shows that several attacks on microcontrollers are possible, but can be prevented with the right software. The Fraunhofer Institute AISEC prepared the study "A Study on Hardware Attacks against Microcontrollers" on behalf of the Federal Office for Information Security (BSI), which presents the current status of hardware attacks on microcontrollers. Study shows attack possibilities The publication describes easy-to-implement countermeasures that can prevent many attacks or reduce the effort for…

Read more

BSI: IT security check of medical practices
March 31, 2023
| No comments
| PR News

The Health Situation Report 2022 from the BSI shows: The security situation in the network of the telematics infrastructure (TI) is very secure thanks to strict specifications. But what about IT security in medical practices? The BSI starts new research projects. The strict controls and specifications of the telematics infrastructure have ensured that the number of security incidents in this area is very low. The Health Situation Report 2022 from the BSI shows the structure and specifications of the telematics infrastructure. The security situation in the connected networks, such as that of the doctor's offices, has hardly been recorded, although it is essential for the...

Read more

Security: BSI handbook for company management
March 29, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The BSI distributes the new international manual "Management of Cyber ​​Risks" for company management. The Internet Security Alliance manual is intended to increase the resilience of companies through more cyber security knowledge in management. Cyber ​​attacks on companies are the order of the day, and the threat level is higher than ever. Company management must be aware of this and make cyber security an integral part of risk management. The internationally published manual "Management of Cyber ​​Risks", which was developed by the Federal Office for Information Security (BSI) in cooperation with the Internet Security Alliance (ISA), is now receiving...

Read more

Cloud security according to BSI criteria: C5 attestation for Trend Micro 
27 January 2023
| No comments
| Short news, TrendMicro
Trend Micro News

Trend Micro, one of the world's leading providers of cyber security solutions, received the attestation according to the criteria of the C2023:5 standard (Cloud Computing Compliance Criteria Catalogue) in January 2020. These are based on the catalog of requirements of the Federal Office for Information Security (BSI) and have become the recognized security standard for cloud computing in Germany. The Japanese company thus offers its customers cloud security based on Software as a Service (SaaS) solutions for a modern and up-to-date level of security that meets the strict and demanding criteria of the BSI. C5: Cloud security according to BSI criteria The C5 catalog has been around since 2016. It…

Read more

BSI: Critical vulnerability in Control Web Panel
19 January 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The well-known and widely used Web Hosting Control Web Panel (CWP) has a critical security vulnerability from 9.8 to CVSSv3.1. Attackers can install shells on the server or collect and extract information. On January 3, 2023, IT security researcher Numan Türle from Gais Cyber ​​Security published a proof of concept for a vulnerability in the server management software Control Web Panel (CWP) - formerly CentOS Web Panel. The vulnerability allows a remote, unauthenticated attacker to execute code on the affected system based on a lack of input neutralization. The information was released...

Read more

BSI warns: Multiple vulnerabilities in Microsoft Edge
17 January 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The BSI has issued a warning about vulnerabilities in the new Chromium-based web browser Edge. Users should update the browser on MacOS X or Windows, since attackers could execute arbitrary program code and escalate their privileges. The Federal Office for Information Security warns of two vulnerabilities in the new Chrome-based browser Edge. The vulnerabilities CVE-2023-21775 and CVE-2023-21796 are classified as “High” dangerous with a CVSS Base Score of 8.3. In this way, attackers could exploit the vulnerabilities to execute arbitrary program code and thus increase their privileges on the system. Open Edge...

Read more

BSI magazine on ransomware
3 January 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

As usual, the BSI publishes the second edition for 2022 of the BSI magazine "Mit Sicherheit". In this BSI magazine, the Federal Office for Information Security (BSI) focuses on one of the currently greatest threats to IT security in a special section: ransomware. What happens when a ransomware incident is reported? How do we know what countermeasures are necessary in the event of a ransomware attack? And what do cybercrime and the economy have in common? These and other questions are answered in the current issue of the BSI magazine "Mit Sicherheit". Magazine on the topic of ransomware Other topics include automotive security, the…

Read more

© 2024 MedPressIT GbR
Cookie Settings