Categories
Pages
-

IT Center Blog

Kategorie: ‘IT-Security’

CEO Fraud: When “Superiors” ask for Money

June 27th, 2022 | by
Symbol image of CEO Fraud

Source: Pixabay

Online fraud schemes are constantly evolving and becoming more devious. In some cases, it can be extremely difficult to spot the scam. Yet one particular fraud method seems to be growing in popularity in recent years and, more importantly, causing ever greater damage: the CEO Fraud. In this article, we’ll explain exactly how this method works and how you can protect yourself from it. Read the rest of this entry »

E-Mail Attachments and Their Challenges

June 22nd, 2022 | by
Electronic document on laptop screen

Source: freepik.com

Everybody has experienced this: You are working on documents with several people. When the work statuses then need to be exchanged, there are various approaches.

Still popular is the sending of attachments via e-mail. Sounds easy, but it can cause some difficulties.

To support you at this point, the IT Center has prepared a handout on how to deal with attachments. But let’s start from the beginning…

Read the rest of this entry »

E-Mail Security – E-Mail & Mail Statistics at RWTH

June 15th, 2022 | by
Paper with @-Sign

Source: freepik.com

About 50 years ago, the first e-mail was sent – albeit between two computer systems that were part of the same local network. In the 1980s, the internet was opened up to a larger circle of users and e-mail was given its own transmission protocol “Simple Mail Transfer Protocol” (SMTP).

Even today, the exchange of messages via e-mail is undoubtedly an important way of exchanging information between parties via an asynchronous communication channel.

Read the rest of this entry »

Before the Audit is After the Audit

June 8th, 2022 | by
Graphic representation of a desk

Source: Pixabay

In many fields, audits are part of everyday work. As soon as management systems are to be implemented, further developed or certified, one is inevitably confronted with this term. We previously reported on our last audit and our associated (re-)certification here at the blog as well. But what are audits exactly, why do they exist and how are they carried out? In our article, we will explain in detail what they are all about. Read the rest of this entry »

Insider Threat: The Threat from Within

May 16th, 2022 | by
Person in front of monitor

Source: Pixabay

In an increasingly digitalized world, cyber threats are playing an ever greater role. The pandemic and working at home also favor these threats. In the last two years, the number of cyber attacks has increased sharply. This is also confirmed by a study by EY (german only). The human factor plays a major role in this context. But what if the threat itself comes from within the company’s own ranks? So-called insider threats are often underestimated by many companies and organizations. Yet the effects of such a threat can be devastating. Read the rest of this entry »

IT-SAD: IT-Security Awareness Days 2022

April 22nd, 2022 | by

From the 2nd to the 19th of May 2022, the IT Security Awareness Days will take place for the third time. During these three weeks, a total of 17 online lectures will be held on the topic of IT security (only conducted in the German language). The lectures will be organised by various universities.

So far, the TU Braunschweig, TU Dresden, KU Eichstätt-Ingolstadt, Uni Göttingen/GWDG, Uni Osnabrück, Uni Duisburg-Essen and the Uni Köln are actively involved. Read the rest of this entry »

Macros – E-mail Filtering at RWTH

March 25th, 2022 | by
Screen with 2 ladybugs, gear and envelope

Source: Pixabay

E-mails are a major gateway for cyberattacks. These attacks are no longer isolated incidents and are part of our everyday life. Especially the spreading of malware through attached documents with macros are very popular among cyber criminals. These macros can for example contain hidden malware. If the recipient activates these macros when opening the document, any malicious software they may contain can cause great damage. For this reason, a protection mechanism for e-mail macro filtering was installed for the RWTH e-mail service on November 16, 2021. Office documents are the most used, but also PDFs, e.g. containing form fields. Read the rest of this entry »

SQL Injection: Databases Attacks

March 23rd, 2022 | by
Medical syringe

Source: Pixabay

Database systems are essential in many aspects. They allow large amounts of data to be organized, read and stored for the long term. The field of application of database systems is vast and so is the amount of personal data stored in them. For example, banks and insurance companies use databases to structure and store account information and information relating to accounting transactions. Every time we search for a product in a web store, we access a specific database, and our user data, such as login information, is also stored in databases. At best, these sensitive data are encrypted. The effort required to build and maintain these electronic databases is great – but the biggest challenge is to ensure their security. One of the greatest threats to these databases and the data they contain are so-called code injections. Read the rest of this entry »

Results of the ZKI Top Trends Survey-2022

March 4th, 2022 | by
Woman in IT landscape

Source: Pexels

Once again this year, the Strategy and Organisation Working Group of the Association of Centres for Communication and Information Processing conducted a survey on the most important topics and trends of IT institutions from research institutions and universities in Germany. 85 institutions participated in this year’s survey, providing exciting insights into promising IT topics that will shape the year 2022.

Are you wondering what the top trends and topics are and what you need to be prepared for in the IT world? Then you’ve come to the right place!

Read the rest of this entry »

Vishing: Stealing data on the phone

March 2nd, 2022 | by
Smartphone

Source: Pixabay

Cyber-attacks are not just part of everyday life in companies. Even when opening our private e-mail inboxes, we occasionally encounter peculiar e-mails suggesting that the addressee is required to take urgent action. The e-mail urges the addressee to update personal data, enter account information for the payout of a reward, or click on links. Phishing is no longer unknown among fraud methods. However, the attacks are becoming more and more elaborate. Somewhat less known and therefore more surprising, however, are so-called vishing attacks. Fraudsters are coming up with a lot of new ways to obtain data from their victims. Read the rest of this entry »