For nearly two decades, stolen credentials have been the focus of many analyses of security breaches. This picture is now changing. According to the Verizon 2026 Data Breach Investigations Report (DBIR), vulnerability exploitation has overtaken credential abuse as the top breach vector for the first time — accounting for 31% of breaches, compared to just […]
Artificial intelligence (AI), the security of AI systems and the use of AI in security are no longer a thing of the future – they are our present. And they have long been an integral part of our daily work to improve IT security. At the same time, they bring with them a new quality […]
“The Future of the enterprise is private”: This was announced by none other than Broadcom CEO Hock Tan in a blog post. Broadcom, in particular, has so far tried to push the many VMware customers into the cloud with a very aggressive pricing policy. Now it seems they want to stop doing that. Virtualization on-premises […]
“Your company can be ruined in just 62 minutes”: This is how the security provider Crowdstrike advertises. Now the US manufacturer has itself caused an estimated multi-billion-dollar loss due to a faulty product update – at breakneck speed. On 19 July at 04:09 (UTC), the security specialist CrowdStrike distributed a driver update for its Falcon […]
How is artificial intelligence (AI) changing the cybersecurity landscape? Will AI make the cyber world more secure or less secure? I was able to explore these questions at the panel discussion during the “Potsdam Conference for National Cybersecurity 2024” together with Prof. Dr. Sandra Wachter, Dr. Kim Nguyen, Dr. Sven Herpig. Does AI deliver what […]
Update from 2023-12-06: Last week, we reported on pro-Russian hacktivists scanning for vulnerable SharePoint Servers to exploit a critical vulnerability (CVE-2023-29357). New findings suggest that the group, calling themselves “Zarya”, is undertaking various exploit-attempts, including directory traversal and targeting specific vulnerabilities in systems such as OpenWRT-Routers. The IP address 212.113.106.100, associated with these activities, has […]
On November 2, Federal Minister of the Interior Nancy Faeser and Claudia Plattner, President of the Federal Office for Information Security (BSI), presented the latest report on the state of IT security in Germany. Attacks with ransomware represent the largest and most frequent risk, but by far not the only one. As long as these […]
We live and work in the digital world. The issue of cybersecurity therefore affects us all – both companies and government administrations, as well as each and every one of us. This applies not only to our own direct use of digital systems, but also – sometimes even in particular – where others provide us […]
For this study commissioned by the OSB Alliance, Dr. Mark Ohm investigated how the security of open source and proprietary software can be evaluated and improved in perspective. The development of information technology in the last decades is remarkable: The path begins with helpful support functions in computational and data-heavy processes and leads us to […]
Microsoft Office has released patches for the Follina vulnerability CVE-2022-30190 (Follina) with the June 14, 2022 Windows Security Update. Appropriate vulnerability tests have been implemented in the Greenbone Enterprise Feed and the Greenbone Community Feed, allowing you to test your network for the vulnerability and take protective measures using the patches. Read more information about […]
