Rene Neff

1. 

   Stealer logs: How hackers gain access to vehicle functions through stolen login data

   Together with ZDF WISO, we show how criminals can use stolen login data from stealer logs to locate, open and drive away cars.

2. 

   Protection against identity theft through the extension of PHP with Argon2d

   With Argon2d in PHP, users are better protected against identity theft. Read about the implementation and how to protect yourself.

3. 

   The Banshee Information Stealer: The New Threat for Macs

   A new type of malware is spreading and primarily infects macOS devices. The spread of Banshee relies particularly on human factors.

4. 

   Phishing #7: Social Engineering

   In this special edition of our phishing series, we explore social engineering. We show how it works in real life and how it can impact the digital world.

5. 

   A Pentest for Identeco

   The Identeco solutions were subjected to a penetration test. Reason enough to talk about security tests, penetration tests and code audits.

6. 

   Phishing #6: Spearphishing, Watering-Hole Attack and Whaling Attacks

   Discover the dangers of spearphishing, watering hole, and whaling. Learn how these phishing methods work and how to spot them.

7. 

   Malware #1: Malware, Virus and Worm

   We are starting a blog series on malware. In the first part, we explain what malware is and the difference between viruses and worms.

8. 

   The invisible threat: How stealer malware steals your information

   Our article explains stealer malware, which steals sensitive data. We explore its operation, infection origins, and provide tips on defense measures.

9. 

   ProSBAcT Unites Identeco and StartUp Secure in Battle Against Account Takeovers

   Starting in June 2023, the project ProSBAcT begins with StartUp Secure of the FMER. We share goals, collaborations, and how ProSBAcT enriches our work.

10. 

    Phishing #5: Malvertising, Https-Phishing und Evil Twin

    Our blog series on phishing continues. Learn about malvertising, HTTPS phishing, and Evil Twin, as well as how to protect yourself from these attacks.

11. 

    Hogwarts and email accounts: lessons for the Muggle world

    In Harry Potter, spells and passwords play a role. In the digital world, passwords are becoming more important. We compare these aspects.

12. 

    Man-in-the-Middle Attacks: How do you protect yourself from the invisible threat?

    Man-in-the-middle attacks redirect connections to a website to eavesdrop on user input. Learn how to protect yourself.

13. 

    Understanding DoS, DDoS, and DRDoS Attacks: What Every Business Should Know

    Protect your business from DoS, DDoS, and DRDoS attacks. Learn the differences and implement effective defense strategies.

14. 

    World Password Day 2023 - Current Recommendations

    World Password Day in May highlights the importance of strong passwords. NIST and BSI recommend passphrases, MFA, and regular checks for compromise.

15. 

    Phishing #4: Pharming Attack, Browser in browser Attacks and Doc Clouding Attacks

    Learn about phishing types like pharming (redirection to fake websites) and doc clouding (attackers sharing links while posing as colleagues).

16. 

    Multifactor Authentication (MFA): Only as strong as the weakest link in the chain

    In this article we are discussing multifactor authentication. The different kinds will be explained, as well as some examples of possible attacks.

17. 

    Phishing #3: Smishing, Vishing and Email Clone Phishing

    We present three types of phishing attacks: smishing, vishing, and email clone phishing. The goal is to obtain information or install malware.

18. 

    Phishing in 2023 - Our Predictions

    Phishing attacks are a major threat in the digital world, including in 2023. Criminals are specializing and using AI for deepfakes and convincing campaigns.

19. 

    Verify Login Credentials to Protect against Credential-Stuffing Attacks

    Online platforms must ensure high security standards to protect users from ATO attacks. A specialized service provider offers advantages.

20. 

    Risks to Users and Operators of Online Platforms from Credential-Stuffing Attacks

    Credential stuffing attacks threaten the security of users and platform operators. This article explains the causes and risks for users and platform operators.

21. 

    Credential Stuffing: A Threat to Online Platforms and Their Users

    Credential stuffing with leaked login data threatens web portals. Service providers offer secure solutions through regular checks for leaked credentials.

22. 

    Dark Web vs. Deep Web - What can you find there?

    Ordinary users rarely encounter the deep or dark web, but dangers lurk in the depths of the internet. How do these areas differ from the regular web?

23. 

    How often should you change your passwords?

    After choosing the right password, the question arises if and how often you should change your passwords.

24. 

    Phishing #2: CEO Fraud, Corporate Phishing and Angler Phishing Attacks

    In this second part of our series on Phishing CEO Fraud, Corporate Phishing and Angler are introduced.

25. 

    Phishing #1: Email Phishing, Baiting and Search Engine Phishing

    As the start of a series, this first article introduces email phishing, baiting, and search engine phishing, showing how users are deceived.