Ein Bericht von Microsoft zeigt, wie wichtig es für CISOs ist, das Sicherheitsbewusstsein ihrer Mitarbeiter zu schulen. shutterstock – Hernan E. Schmidt Malware ist und bleibt ein massives Problem, welches CISOs zunehmend Kopfzerbrechen bereitet. Insbesondere wenn Mitarbeitende durch unvorsichtiges Online-Surfen ihre Geräte und ganze IT-Netzwerke mit Schadsoftware infizieren. Sind Systeme kompromittiert, kann das schwerwiegende Konsequenzen […]
Cybersecurity in Kommunen: Eigeninitiative gefragt
width=”2480″ height=”1395″ sizes=”(max-width: 2480px) 100vw, 2480px”> Deutsche Kommunen erscheinen in Sachen Cybersicherheit eine leichte Beute zu sein. motioncenter – shutterstock.com Das cyberintelligence.institute hat in Zusammenarbeit mit dem Cybersicherheitsunternehmen NordPass in einer Studie die kommunale Cybersicherheit in Deutschland aus juristischer und organisatorischer Sicht analysiert. Demnach befinden sich Städte und Gemeinden in einer Zwickmühle. Auf der einen […]
Epidemic of Flaws in Commercial and Open Source Code
Enterprises spend billions of dollars annually on cybersecurity products to keep them from getting hacked. And yet, the hacks keep coming – and they’re getting worse. Why? A new report out from ReversingLabs* a malware analysis and software supply chain security firm, has an answer: because the open source and commercial software and services those […]
Next-Gen Phishing Techniques – How Back-End Tech Made Scams More Effective
Phishing scams are no longer just poorly written emails full of typos. The era of messages from long-lost, wealthy relatives leaving fortunes to unknown heirs has passed its peak. Today’s sophisticated back-end technologies take phishing and social engineering to the next level. Hackers are now able to create not only better messages but also more […]
SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks
SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks Pierluigi Paganini March 14, 2025 Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks. Between January and March, researchers at Forescout Research – Vedere Labs observed a threat actors exploiting two Fortinet vulnerabilities to deploy the SuperBlack ransomware. The experts […]
Next-Gen Phishing Techniques – How Back-End Tech Made Scams More Effective
Phishing scams are no longer just poorly written emails full of typos. The era of messages from long-lost, wealthy relatives leaving fortunes to unknown heirs has passed its peak. Today’s sophisticated back-end technologies take phishing and social engineering to the next level. Hackers are now able to create not only better messages but also more […]
Trimble Cityworks: CVE-2025-0994: Active Exploitation
CVE-2025-0994 is a high-severity deserialization vulnerability in Trimble Cityworks, an asset management and work order software designed for local governments and utilities. The critical infrastructure sectors Cityworks services include water and wastewater systems, energy, transportation systems, government services and facilities, and communications. The vulnerability affects Cityworks versions before 15.8.9 and Cityworks with Office Companion versions […]
Swiss critical sector faces new 24-hour cyberattack reporting rule – DataBreaches.Net
AI generated. DataBreaches.net. Bill Toulas reports: Switzerland’s National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the agency within 24 hours of their discovery. According to the NCSC announcement, this new requirement is introduced as a response to the increasing number […]
Swiss critical sector faces new 24-hour cyberattack reporting rule – DataBreaches.Net
AI generated. DataBreaches.net. Bill Toulas reports: Switzerland’s National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the agency within 24 hours of their discovery. According to the NCSC announcement, this new requirement is introduced as a response to the increasing number […]
Europäische Unternehmen haben keinen (Krisen)-Plan
Cyberangriffe (56 Prozent), Lieferkettenausfälle (58 Prozent) oder Angriffe aktivistischer Investoren (54 Prozent), die die Strategie des Unternehmens durch Beteiligungen beeinflussen wollen, verfügt. US-Amerikaner deutlich besser vorbereitet Vor allem Unternehmen in Europa, dem Nahen Osten und Afrika (EMEA) haben den Studienautoren zufolge Nachholbedarf: Während in EMEA sich 56 Prozent der Entscheider auf Cyberangriffe vorbereitet fühlen, sind […]