For German companies, the damage caused by cybercrime now totals more than 40 billion euros per year. And while it is often assumed that cyberattacks are carried out by external hackers or by state sponsored agents, the reality is quite different. For example, the German Federal Bureau for Information Security (BSI) sees so-called insiders as a greater dange

A spokesperson for the chemical company LANXESS has confirmed a hacker attack, which was discovered in the middle of last year. The extent of the damage is as yet unknown. Hacker group WinNTI suspected to be behind the attack According to research by Bayerischen Rundfunks and NDR, a hacker group called WinNTI was behind the attack. According to the company,

Intel  has released information about two potentially dangerous flaws in the processor architecture of its CPUs. The chip manufacturer had already provided security updates for similar gaps in May and November 2019. Although the new vulnerabilities seem to be less critical than the previous ones, side-channel attacks are still possible. The third Intel patch

Cybercriminals have published the access data and IP addresses of over 515,000 servers, routers and IoT devices on a hacker forum. This data can be used to control vulnerable devices using the remote maintenance service Telnet. This could allow attackers to connect to the devices, install malware and use it for their own benefit, for example to set up a botn

Several German DAX companies were spied on by a hacker group called WinNTI in mid-2019. The German Federal Office for the Protection of the Constitution (BfV) assumes that the German industry will be an attractive target for ongoing waves of attacks. In December 2019, the BfV published a Cyber Brief with hints on current attack campaigns and sent it to many

A critical vulnerability in Internet Explorer, with the identifier CVE-2020-0674 has been published by Microsoft. It allows attackers to remotely execute code using the JScript.dll library. A security patch is currently being created. On the first patch Tuesday of 2020, Microsoft released 49 updates; shortly afterwards, the vendor reported a new zero-day sec

Following another official vulnerability alert issued in the past 48 hours, which has been known since December, companies still protected from this new attack are continuously receiving new requests for help. CISA considers the vulnerability to be one of the most dangerous exploits of recent years. Potentially, some 80,000 companies worldwide are at risk. T

Security researchers at SEC-Consult found severe vulnerabilities in the German e-government Communication Library OSCI (Online Services Computer Interface). According to the experts at SEC-Consult, the German e-government system OSCI (Online Services Computer Interface) is open to padding oracle attacks and other vulnerabilities due to the use of an insecure

This is my wrap-up for the 2nd day of “NGI” at TROOPERS. My first choice for today was “Authenticate like a boss” by Pete Herzog. This talk was less technical than expected but interesting. It focussed on a complex problem: Identification. It’s not only relevant for users but for anything (a file, an IP address, an application, …). Pete started by providing

The third day is already over! Today the regular talks were scheduled split in three tracks: offensive, defensive and a specific one dedicated to SAP. The first slot at 09:00 was, as usual, a keynote. Enno Rey presented ten years of TROOPERS. What happened during all those editions? The main ideas behind TROOPERS have always been that everybody must learn so

I’m just back from Heidelberg so here is the last wrap-up for the TROOPERS 2017 edition. This day was a little bit more difficult due to the fatigue and the social event of yesterday. That’s why the wrap-up will be shorter…  The second keynote was presented by Mara Tam: “Magical thinking … and how to thwart it”. Mara is an advisor to execut

I’m in Heidelberg (Germany) for the 10th edition of the TROOPERS conference. The regular talks are scheduled on Wednesday and Thursday. The two first days are reserved for some trainings and a pre-conference event called “NGI” for “Next Generation Internet” focusing on two hot topics: IPv6 and IoT. As said on the website: “NGI aims to provide discussion on h

The UK National Cyber Security Center (NCSC) is warning of Russian political hacking capabilities, the risk of cyber attacks against the political system is high. The alert was raised by the UK National Cyber Security Center (NCSC) that is informing political parties in the UK to warn about “the potential for hostile action against the UK political sys

The prosecutor’s office in Cologne and the Federal Criminal Police Office have arrested the alleged mastermind of the MIRAI attack on Deutsche Telekom The agents at the UK National Crime Agency (NCA) have a man that is suspected to be involved with the massive attack on Deutsche Telekom that affected more than 900k routers in November 2016. The affecte

IBM X-Force researchers following the development of the TrickBot Trojan noted that the malware is rapidly adding new targets and attack capabilities and has now officially advanced into Germany. The most recent additions to TrickBot’s configurations target 10 savings banks in the European country. At this time, TrickBot is configured to use serverside