Assetmanagement
How well do you know your IT? Learn which questions to ask!
-
-
Attack via public links
This is actually a very interesting attack vector described in this post:As an attacker place a Google Ad for a keyword, which will be mapped to accidentally pasted unprotected Dropbox links (I’m sure, this will also work with other cloud providers) and see what you will get… LinkedIn Post
-
2FA phishing
A new hashtag#attack technique on the rise: 2FA phishing.Learn how it works: How do attackers try to get around multi-factor authentication? https://www.microsoft.com/en-us/security/blog/2022/07/12/from-cookie-theft-to-bec-attackers-use-aitm-phishing-sites-as-entry-point-to-further-financial-fraud
-
-
OT security testing
This was my start into the new week this morning! 🌞🚴 This week I’m at one of our customers laboratories. Certain tests with OT components require physical presence and can’t be done remotely – which is a difference to a lot of IT environments.
-
3 types of 2FA
Today you can learn about 3 types of two-factor authentication (2FA).
-
Company ID cards on social media
Be careful, what you post in your social media profile! Unfortunately, this is valuable input for a potential attacker. Especially the layout of the ID is interesting, in this case even with a valid ID… 🙁 In best case, the processes are designed in a way, that only this information will not lead to anything…
-
Secure easter holidays
Enjoy the Easter weekend!If you haven’t done yet, this weekend could be an opportunity to update your passwords / authentication methods. Remember those 3 basic measures:
-
BSI warns against Kaspersky
German Federal Office For Information Security (BSI) now officially warns to use anti-virus software of the russian manuafacturer Kaspersky. BSI – FAQ – Kaspersky
-
Password security
What’s the state of your password security? Do you consider the length and complexity and don’t use the same password for multiple services? Post | LinkedIn
