Data theft

Browser-in-a-Browser attack: We explain it

3. February 202327. January 2023 by M.Sc. Chris Wojzechowski

Have you ever heard of a so-called browser-in-a-browser attack? This is a resourceful phishing method that hackers increasingly use to try to get hold of your passwords and thus gain access to the corresponding IT systems. But what sounds quite simple at first, then requires a bit more explanation for … continue reading

Start-ups and their indispensable IT security

9. December 2022 by M.Sc. Chris Wojzechowski

Startups have recently become a popular target for cyber attacks. Meanwhile, cybercriminals are no longer necessarily trying to catch the big companies, but are nesting in the IT systems of small companies and businesses. Once they have gained a foothold there, all doors are usually open to them, because most … continue reading

Call ID spoofing becomes more difficult

9. December 20222. December 2022 by M.Sc. Chris Wojzechowski

Call ID spoofing, the concealment of telephone numbers, will be made more difficult in Germany as of 1.12.22 by an amendment to the Telecommunications Act (TKG). But how exactly is this implemented? How does Call ID Spoofing work? We’ve dealt with Call ID spoofing on the blog before. To summarize … continue reading

Caffeine – A new phishing toolkit keeps us awake

21. December 202214. October 2022 by M.Sc. Chris Wojzechowski

Caffeine is a phishing-as-a-service (Phaas) toolkit. Just recently, we presented EvilProxy, a phishing toolkit. Unlike EvilProxy, Caffeine has a special feature: the registration process is significantly simplified and is accessible from the normal Internet. Anyone who knows the address of the site can register. The purpose of Caffeine As a … continue reading

What is a phishing simulation?

20. October 202219. September 2022 by M.Sc. Chris Wojzechowski

Running a phishing simulation is a topic that is often underestimated. At first listen, it sounds like a video game for anglers, but it protects companies from compromise. Since we offer a phishing simulation as a service and have customers who ask about this again and again, we would like … continue reading

The same passwords everywhere? That’s how fast you get hacked!

23. December 202227. May 2021 by Jonas Michl

Not much works on the Internet without passwords – but whether you always use the same passwords is very rarely checked. Criminals have also long since acquired a taste for this and therefore carry out the so-called “credential reuse attacks”. Once attackers on the network have found the login data … continue reading

Bar association affected by ransomware – perpetrators demand ransom!

5. January 202213. October 2020 by M.Sc. Jan Hörnemann

The Bar Association’s electronic lawyer mailbox (BeA) has apparently fallen victim to a ransomware attack. A misconfigured database now allowed the attackers to demand ransomware, among other things. Bar association hit by ransomware 2 weeks ago The news website Golem already reported about 2 weeks ago that the information page … continue reading

Internal Hacker Attack – Several companies report security incidents!

5. January 202228. September 2020 by M.Sc. Jan Hörnemann

Hacker attacks are more and more in the spotlight, as the number of expensive attacks is increasing. In a hacker attack, most people imagine that a criminal finds a security hole in the system from a distance and exploits it. However, there is also a so-called internal hacker attack, in which the own employees cause damage. This is exactly what happened recently at the three companies Shopify, Tesla and Instacart.

Contactless Payments – but secure!

5. January 20227. April 2020 by Dr. Matteo Große-Kampmann

Contactless payment is on the rise. It works in seconds and is available at more and more locations. This is made possible by so-called Near Field Communication (NFC). This works with EC and credit cards, but also with mobile devices such as smartphones or intelligent watches.

8.5 billion data records were stolen in 2019!

5. January 202218. March 2020 by M.Sc. Chris Wojzechowski

In 2019, a total of 8.5 billion data records will have flowed out. It is frightening to realize that 85% of the reasons for this are wrongly configured systems. It does not matter whether it is the own or external operation of servers. But also the lack of password hygiene is still a big problem.