News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

January 28, 2024: European Data Protection Day
January 28, 2024: European Data Protection Day - KI MS

January 28, 2024 is European Data Protection Day. In this context, it is important to raise awareness of privacy and data protection and to raise awareness of relevant IT security issues - regardless of whether they concern the private or corporate environment. Advances in artificial intelligence (AI) and machine learning (ML) are an obvious theme on Data Protection Day 2024 - both because of the potential benefits that such tools bring with them and because of the dangers that come with them, which are certainly cause for concern care for. According to Carla Roncato, Vice President of Identity, WatchGuard Technologies. AI…

Read more

Insufficient collaboration within the company increases cyber risk
Insufficient collaboration within the company increases cyber risk

Poor internal communication, unclear responsibilities and a heterogeneous tool landscape make cyber risk management in companies more difficult. The requirements for an effective risk management of the external attack surface, which a company offers via IT assets accessible from the Internet, and the real situation in companies diverge widely. This is the conclusion of a thought leadership report prepared by the analyst firm Forrester and commissioned by CyCognito, market leader for External Attack Surface Risk Management (EASM). A total of 304 security and IT decision-makers in the USA, Germany, France, Great Britain and Canada, who are also responsible for risk assessment within the company, were surveyed.

Read more

Report: Cyber ​​criminals use 500 tools and tactics
Report: Cyber ​​criminals use 500 tools and tactics

In its Active Adversary Report, Sophos describes how and with what cybercriminals carried out the most attacks in 2022. The shocking result: they used more than 500 different tools and tactics. This is how ransomware stays on the rise. Sophos has released its Active Adversary Playbook for Business Leaders. The report provides an in-depth look at the changing behaviors and attack techniques attackers will employ in 2022. Data from more than 150 Sophos Incident Response cases was analyzed for this report. Sophos researchers identified more than 500 unique tools and techniques, including 118 "Living off...

Read more

Too many Microsoft 365 security features create an attack surface 
Too many Microsoft 365 security features create an attack surface

A survey conducted by Hornetsecurity shows that organizations turned on more Microsoft 365 security features over the past year as they became increasingly vulnerable to cyberattacks. The more functions they activated, the higher the number of attacks. A global IT security and compliance survey of more than 800 IT professionals found that the more Microsoft 365 security features used, the higher the number of IT security incidents. Businesses using Microsoft 365 and using one or two of the existing security features reported cyberattacks 24,4% and 28,2% of the time, respectively, while…

Read more

Open source data platform for Microsoft 365 
Open source data platform for Microsoft 365

The open source data platform ownCloud now offers extended integration into Microsoft 365. Files in the protected environment of ownCloud can now be edited online with the proven Office tools of the Microsoft Suite. The new integration makes it possible to create, open, edit and save Word, Excel and PowerPoint files with the online editor of Microsoft 365 directly from ownCloud. It offers organizations an optimal combination of usability and security: Instead of using the Microsoft OneDrive public cloud service, they can store sensitive files in ownCloud. You can use this data platform as a private…

Read more

Can IT forensics protect democracy?

A democracy offers many rights and freedoms to the people who live in it. Guaranteeing and protecting this is the task of the state. Exterro explains how IT forensics can help with digital forensic examinations of data carriers, IT systems and communication links. Smartphones, computers, instant messengers and online services have changed the work of the Office for the Protection of the Constitution, police authorities and other federal and state bodies. In order to protect the free-democratic basic order and to ensure the peaceful coexistence of people, they increasingly need solutions for IT forensics. Exterro, provider of legal GRC software that enables e-discovery, digital forensics, data protection and cybersecurity compliance...

Read more

Tools for IT forensics after cyber attacks
Tools for IT forensics after cyber attacks

Cyber ​​attacks are a daily occurrence for most companies, and it is usually only a matter of time before data security is breached. That's when forensic tools come into their own, helping investigative teams investigate incidents, secure evidence, and initiate countermeasures. There is no such thing as XNUMX% protection against cyber attacks – this is proven, among other things, by the numerous reports of ransomware attacks and data breaches in the news and daily newspapers. It is therefore important for companies to prepare for emergencies and coordinate processes for…

Read more

Ransomware group Conti dismantles itself in dispute 
Ransomware group Conti dismantles itself in dispute

According to experts, Conti has already extorted 2,5 billion dollars with ransomware in recent years. Now it is clear: the group is based in Russia and has internally backed the Russian war of aggression. However, some Ukrainians or opponents of the war probably worked in the group and did not agree with it. Now chats and codes have been leaked and, according to experts, also the crown jewels - the source code. It was probably no coincidence that the data with 60.000 internal chats of the Conti group was leaked to a Ukrainian security researcher. According to the first statements, in the…

Read more

Log4j alarm: Mandiant provides tools 

The BSI has issued the highest warning level for the security hole discovered a few days ago in the widely used Java library log4j. Mandiant provides free tools for creating rules for the systematic search for deserialization exploits. Mandiant released free tools on GitHub today that companies can use to create rules for systematically searching for deserialization exploits and other types of zero-day exploits. This also includes rules for finding the JNDI Code Injection Zero-Day, which was published for log4j last week. Rules Against Deserialization Exploits In a new blog post, Mandiant describes ...

Read more

Sophos Cloud Optix: Optimizing costs with tools
SophosNews

New tools for Sophos Cloud Optix ensure the compliance of Amazon Web Services and Microsoft Azure cloud environments and at the same time help to save costs for cloud services. The use of the public cloud harbors some stumbling blocks for companies. In addition to the traditional security concepts, which must also be implemented in the cloud, companies must also pay attention to the configuration and the assignment of rights for access to the cloud infrastructure. This is the only way to use the public cloud securely and avoid compliance problems. With Sophos Cloud Optix, companies and MSPs can monitor their cloud environments and at the same time automate reactions to ...

Read more