There are numerous security tools that are open source and can therefore be used free of charge. It is no secret that even trained pentesters use many of these tools. The SANS Institute has listed a considerable number of tools that help to determine the level of IT security – … continue reading
Smishing – a word combination of SMS and fishing that most people know from phishing. The latter represents an attempt to “fish” for passwords. Smishing refers to the channel, namely SMS, as a means to an end. Since SMS is used for only a few purposes now, criminals focus on … continue reading
Google Docs – simple spreadsheet as well as a word processor in the web browser. Practical, free of charge and also therefore interesting for criminals. In fact, Google’s environment is currently being used for phishing attacks. Particular emphasis is placed on the comment function. Text lines can be marked and … continue reading
Fake QR codes are being placed on parking meters in the States to divert payments. Yet cities don’t even have QR codes in place for payment processing. The first cases have surfaced in Austin, Houston and San Antonio. It is to be expected that this method will find its way … continue reading
Having USB sticks with ransomware in the real mailbox is an unusual, even if not unrealistic, scenario. In the past, many companies have prepared for this eventuality with various measures. A current case shows that even this threat scenario cannot yet be put ad-acta. The defense industry in the United … continue reading
With a high number of dependencies on open source libraries, unwanted problems can occur. As a recent incident shows, these do not have to be of technical origin, but can have human motives. The open-source faker.js and colors.js libraries were intentionally tampered with by Marak Squires, the developer. Developers who … continue reading
Every company has a budget that is dedicated to IT. Consequently, some of that should go toward maintaining the company’s cybersecurity. This can take on very different dimensions. A budget for IT security! Within a company you have different budgets for certain areas. For example, every company has a budget … continue reading
Clouds are used a lot. It is often more clever and practical to be able to access your data from anywhere. That’s why cloud services are becoming more and more relevant and are indispensable these days. However, there are also certain disadvantages that can occur when using clouds. Pros and … continue reading
Nowadays, communication within companies increasingly takes place via business chats. External partners are also being added more and more to what are actually internal business chats, increasing the attack surface. Now we have found out that with a lot of chat tools it is possible to edit a profile in … continue reading
DNS stands for Domain Name System and is one of the most important services on the World Wide Web. Since it has such a central role, it is very important that it is configured properly. Incorrect configurations can cause errors as well as serious security vulnerabilities. What exactly is DNS? … continue reading
+49 (0) 209 - 8830 6760
info@aware7.de
Google Plus Code F4X5+M2
Resources
