News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Day: danger

Email vulnerability: BSI warns of SMTP smuggling
8 January 2024
| No comments
| PR News

Using smuggling, an email can be split and the fake senders bypass authentication mechanisms such as SPF, DKIM and DMARC. While large companies and email service providers Microsoft, GMX and Ionos immediately stopped smuggling, Cisco continues to consider the danger to be a great function, according to the BSI. On December 18, cybersecurity firm SEC Consult released information about a new attack technique using “Simple Mail Transfer Protocol (SMTP) Smuggling.” With SMTP smuggling, attackers take advantage of the fact that different SMTP implementations interpret the marking of the end of an email message differently. SPF, DKIM and DMARC undermined you...

Read more

Increased QR code attacks via email
2 December 2023
| No comments
| PR News
Increased QR code attacks via email

Check Point security researchers are observing a new type of phishing attack that uses a dangerous QR code. The new “quishing” is becoming more and more prevalent as many users scan the codes without hesitation. The new variant of phishing with QR codes is becoming increasingly popular: quishing or QR code phishing. The actually harmless QR codes are ideal for disguising malicious intentions. A common QR code image can hide a malicious link, which is hardly visible. Since users are used to QR codes, such a code in an email is often not recognized as a threat. Out of…

Read more

Microsoft Office: dangerous Excel XLL add-ins  
8. February 2023
| No comments
| PR News
Microsoft Office: dangerous Excel XLL add-ins

Now that Microsoft has again deactivated foreign VBA macros in Office by default and does not run them, there is one less attack vector. Again and again there were dangerous Excel add-ins with the XLL file extension that executed malware after a click. Now Microsoft is shutting down that threat as well—but not until March 2023. According to The Register, Microsoft will begin blocking Excel XLL add-ins from the web in March to take down an increasingly popular attack vector for cybercriminals. In a brief note on the Microsoft 365 roadmap, the manufacturer explained that this move was in response to "the increasing...

Read more

Is TikTok a threat to government workers' mobile devices? 
12 January 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The US Senate has passed legislation to ban federal employees from using TikTok on state-owned devices. Is the Chinese operator of TikTok, ByteDance a danger? Possibly also for European or German officials and government employees? The vote is the latest action by US lawmakers to crack down on Chinese company ByteDance amid national security agencies' fears Beijing could misuse the TikTok app deployed on officials' mobile devices to spy on Americans. A comment from Akhilesh Dhawan, Senior Director of Security Solutions at Lookout. Want to spy on TikTok too?…

Read more

More protection for SMBs against ransomware
14 December 2022
| No comments
| PR News
More protection for SMBs against ransomware

In 2022 alone, a total of 61 percent of all cyber attacks were aimed at small and medium-sized enterprises - SMEs. Ransomware was particularly successful. Therefore, the protection must be improved and also fit into the budget. Ransomware – a threat we are all increasingly aware of and would prefer to stay away from. It affects every sector and the attacks are becoming more frequent and more sophisticated. Yet few small and medium-sized enterprises (SMEs) are aware that they are just as, if not more, at risk than larger companies….

Read more

Phishing tests: Business-related emails as a threat
25 November 2022
| No comments
| Stories
Phishing tests: business-related emails as a threat

Results of a major phishing test show a trend towards business-related emails. KnowBe4 releases Q3 2022 Global Phishing Report and finds that more business-related email topics are being used as a phishing strategy. KnowBe4, provider of the world's largest security training and phishing simulation platform, announces the results of its report on the top clicks on phishing emails in Q3 2022. Results include the top email topics clicked in phishing tests. They reflect the shift from personal to business-related email topics, including internal inquiries and updates from HR, IT, and managers. Exchange OP and Defender to…

Read more

Dangerous vulnerabilities in Thunderbird and Firefox
September 22, 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Mozilla publishes new vulnerabilities in Thunderbird, Firefox and Firefox ESR and rates them as Important. Users or company admins should ensure quick updates, as there is a risk that malicious code can be executed. In the list of vulnerabilities, these are all classified as “high” in terms of danger. After that, only Critical comes as the highest level. Mozilla defines it this way: “Vulnerabilities can be used to collect sensitive data from websites in other windows or to inject data or code into these websites, requiring no more than normal browsing actions.” It sounds…

Read more

New attack paths: Dangerous macros hidden in ISO, LNK, RAR & Co
August 28, 2022
| No comments
| PR News
New attack paths: Dangerous macros hidden in ISO, LNK, RAR & Co

The use of macros to spread malware has declined significantly: by as much as 2021 percent between October 2022 and June 66. However, attackers are beginning to use tricks to circumvent the protection. Commonly, cyber criminals use VBA macros to automatically execute malicious content if a user has macros enabled in Office applications. XL4 macros, on the other hand, are specific to the Excel application, but can also be used by attackers as a tool for spreading malware. The masterminds behind macro-based attacks typically use social engineering to convince the recipient…

Read more

Phishing trap: Malicious HTML attachments in emails
August 12, 2022
| No comments
| Stories
Phishing trap: Malicious HTML attachments in emails

HTML attachments are commonly used in email communication. They are particularly common in system-generated e-mail reports that users receive in order to be directed to the actual report via a link. Dangerous: because this is where malicious phishing links are hiding more and more often. In this way, companies can protect themselves better. A comment from Dr. Klaus Gheri, General Manager Network Security at Barracuda. In an attack, hackers often take advantage of this form of email, embedding HTML attachments in emails disguised as reports to trick victims into clicking phishing links. So can…

Read more

IoT security: the sore point in the hospital
11 December 2021
| No comments
| PR News
IoT security: the sore point in the hospital

The attackers are interested in IoT devices in hospitals. Independent of the industry, experts have been warning of corresponding IoT vulnerabilities for years. An analysis by Marc Laliberte, Technical Security Operations Manager at WatchGuard. Since January 2021, the German federal government has provided three billion euros for the digitization of hospitals as part of the Hospital Future Act. A further 1,3 billion come from the federal states. The goal: a comprehensive investment program for modern emergency capacities, digitization and, last but not least, measures to increase IT security. With the last point in particular, the urgency to act is obvious, because clinics are always ...

Read more

© 2024 MedPressIT GbR
Cookie Settings