F-Blog: Phishing, Social Engineerung & Awareness

What's new?

Our cybersecurity blog keeps you up to date on the topics of phishing, social engineering and awareness and informs you about innovative solutions in the field of IT security.

Awareness kommunizieren - doch wie wird das gemacht?
Security Awareness

How should one communicate a security awareness campaign?

Reading time: 3 Mitarbeiter sind heutzutage ein wichtiger Faktor für die Informationssicherheit und benötigen entsprechende Trainings. Doch wie kommuniziert man Fortbildungsmaßnahmen und Awareness-Kampagnen, die wegen des Mitarbeiterschutzes auf den ersten Blick kritisch bewertet werden könnten?

Security Awareness

Video conferencing tools – what is a blessing to one is a curse to another

Reading time: 4 During the pandemic with the new type of a corona virus, many companies sent their employees to work from home or ordered so-called mobile working. Now that the initial escape from the office has subsided, many companies want to enable their employees to continue working from home. But which tool is the right one?

Alexa can use security holes for phishing attacks
Phishing

Alexa, do you hear or phish yet?

Reading time: 2 For some years now, so-called smart speakers have been conquering our homes. They are supposed to make our everyday life easier by playing our favourite music, reading out recipes or maintaining digital shopping lists. But what do they eavesdrop when they shouldn't actually be listening?

A bad phishing awareness campaign damages the internal IT security.
Security Awareness

Customer fail story: Fail with phishing simulations – or celebrate success

Reading time: 6 Cybercrime has evolved: Through smuggled ransomware and following public shaming, companies are blackmailed to pay ransom or to hand over sensitive information. For many companies it is therefore more important than ever to increase security awareness. However, a lot of things can go wrong.

Sodinokibi attacks often start with a phishing email.
Security Awareness

Sodinokibi – when data is encrypted and published

Reading time: 2 Backdoor programs and ransomware such as Emotet and Ryuk, which ensured that the Justus Liebig University, among others, went offline in 2019, do indeed steal data from time to time. However, they focus on encryption and "ransom" by companies. However, Sodinokibi ("REvil") steals sensitive data every time it is infected - and increases the pressure.

An absence note can help hackers to prepare  their next phishing attack.
Security Awareness

The e-mail absence note as a threat for IT security

Reading time: 2 Who doesn't know them - e-mails from business partners with the information that the counterpart is unresponsive at the moment, frequently with the indication from when to when, and to whom one can someone turn instead. In itself a helpful tool for both sides - but is it really wise to set up such an absence note?