Uncategorized

USB sticks with ransomware – FIN7 hacker group uses hardware!

12. January 2022 by M.Sc. Chris Wojzechowski

Having USB sticks with ransomware in the real mailbox is an unusual, even if not unrealistic, scenario. In the past, many companies have prepared for this eventuality with various measures. A current case shows that even this threat scenario cannot yet be put ad-acta. The defense industry in the United … continue reading

CTF: Learning Format for Cybersecurity

12. January 202221. October 2020 by M.Sc. Chris Wojzechowski

A Capture the Flag (CTF) contest is an event that is well known in the field of information security. Regardless of whether they are experts or newcomers, a CTF can help build information security capabilities. The competitive character makes the whole thing competitive. What is a CTF? A CTF is … continue reading

Duckduckgo directions are now available!

5. January 202212. October 2020 by M.Sc. Jan Hörnemann

The Internet search engine Duckduckgo has now integrated directions. The possibility to access a map and directions directly via different search engines, such as Google, is already known. But now the search engine Duckduckgo can also shine with this feature.

Pentest Tool #5 – Naabu

5. January 20222. October 2020 by M.Sc. Jan Hörnemann

In week 5 we will introduce the Pentest Tool #5 Naabu. Naabu is a scanner like the tools we already know. We are still in the reconnaissance phase, in which we as attackers try to get to know the target system as well as possible. Using Naabu, the goal is to detect open ports on the target system with a very fast scan.

Big Covid19 scam has been exposed!

5. January 202230. September 2020 by M.Sc. Jan Hörnemann

A major Covid19 scam that caused a sensation in mid-April of this year has now finally been completed. At the beginning of September the two criminals behind the big scam were arrested in the Netherlands.

Pentest Tool #4 – Arjun

5. January 202225. September 2020 by M.Sc. Jan Hörnemann

In the fourth week of the blog series, in which we present various hacking tools, we will deal with Arjun, but we are still in the reconnaissance phase, which means that we want to get to know our target system as well as possible. Unlike the previous tools, our pentest tool #4 Arjun is not pre-installed in Kali Linux.

Phish Scale – A new way of weighting phishing emails!

5. January 202224. September 2020 by M.Sc. Jan Hörnemann

Phishing is the most common attack vector currently used by hackers. Phishing refers to the sending of e-mails that are intended to intercept sensitive information. For this purpose, these e-mails are disguised as if they come from a trusted person. Since phishing is a well-known problem, many companies train their employees with phishing campaigns. A US institute has now created a new form of evaluation, the so-called Phish Scale, which is intended to help to better understand the results of such phishing campaigns.

Microsoft products do not comply with German data protection laws!

5. January 202223. September 2020 by M.Sc. Jan Hörnemann

Microsoft products have become an integral part of most companies and schools. Due to the Corona pandemic, Microsoft teams in particular gained users in addition to the usual products, such as Microsoft Word or Microsoft Power Point. At the data protection conference, data protection activists from Germany have now announced that Microsoft products do not comply with data protection laws in Germany.

Pentest Trends 2020 – You can expect these topics in the webinar on 25.09!

5. January 202221. September 2020 by M.Sc. Jan Hörnemann

On Friday 25.09.2020, AWARE7 will host a webinar on the Pentest Trends 2020. Matteo Große-Kampmann will provide current figures and internal details on penetration tests performed from 10:00 a.m. How to register for this free webinar and what topics you can expect to hear is explained in this blog post.

Pentest Tools #3 – SSLScan

5. January 202218. September 2020 by M.Sc. Jan Hörnemann

In the third week of the blog series, in which we present various hacker tools, we are still in the reconnaissance phase, in which the attacker collects as much information as possible about the targets. The Pentest tool #3 is SSLScan. This scanner provides quick information about which encryption methods are used on the scanned server. So it can be quickly determined whether the encrypted connection is still at the current security standard.