Kategorie: ‘IT-Security’
Shadow IT: The Underestimated Danger
![Laptop in the Dark](https://blog.rwth-aachen.de/itc/files/2022/07/thom-XyNi3rUEReE-unsplash-300x199.jpg)
Source: Unsplash
The application of information technology is as diverse as the world around us. IT solutions have now taken a major part in our daily lives. They provide support in our households, assist us during sports and in our leisure activities, and are often a great help in our professional activities as well. This increasing digital affinity offers numerous advantages, but also bears risks. The use of so-called shadow IT in a professional context is growing along with it. Now, what is shadow IT exactly? What opportunities and risks does it hold, and how can a company reduce the use of shadow IT in the best possible way? This article will give you all the answers to these questions. Read the rest of this entry »
CEO Fraud: When “Superiors” ask for Money
![Symbol image of CEO Fraud](https://blog.rwth-aachen.de/itc/files/2022/06/scam-g12689783e_1280-300x214.png)
Source: Pixabay
Online fraud schemes are constantly evolving and becoming more devious. In some cases, it can be extremely difficult to spot the scam. Yet one particular fraud method seems to be growing in popularity in recent years and, more importantly, causing ever greater damage: the CEO Fraud. In this article, we’ll explain exactly how this method works and how you can protect yourself from it. Read the rest of this entry »
E-Mail Security – E-Mail & Mail Statistics at RWTH
![Paper with @-Sign](https://blog.rwth-aachen.de/itc/files/2022/06/email-network-communication-perforated-paper-sign-1-300x200.jpg)
Source: Freepik
About 50 years ago, the first e-mail was sent – albeit between two computer systems that were part of the same local network. In the 1980s, the internet was opened up to a larger circle of users and e-mail was given its own transmission protocol “Simple Mail Transfer Protocol” (SMTP).
Even today, the exchange of messages via e-mail is undoubtedly an important way of exchanging information between parties via an asynchronous communication channel.
Before the Audit is After the Audit
![Graphic representation of a desk](https://blog.rwth-aachen.de/itc/files/2022/06/audit-g83e5bd436_1280-300x213.png)
Source: Pixabay
In many fields, audits are part of everyday work. As soon as management systems are to be implemented, further developed or certified, one is inevitably confronted with this term. We previously reported on our last audit and our associated (re-)certification here at the blog as well. But what are audits exactly, why do they exist and how are they carried out? In our article, we will explain in detail what they are all about. Read the rest of this entry »
Insider Threat: The Threat from Within
![Person in front of monitor](https://blog.rwth-aachen.de/itc/files/2022/05/work-gb3cbbce36_1920-300x200.jpg)
Source: Pixabay
In an increasingly digitalized world, cyber threats are playing an ever greater role. The pandemic and working at home also favor these threats. In the last two years, the number of cyber attacks has increased sharply. This is also confirmed by a study by EY (german only). The human factor plays a major role in this context. But what if the threat itself comes from within the company’s own ranks? So-called insider threats are often underestimated by many companies and organizations. Yet the effects of such a threat can be devastating. Read the rest of this entry »
IT-SAD: IT-Security Awareness Days 2022
![Logo of IT-SAD](https://blog.rwth-aachen.de/itc/files/2022/04/IT-SAD-300x72.png)
Source: TU Braunschweig
From the 2nd to the 19th of May 2022, the IT Security Awareness Days will take place for the third time. During these three weeks, a total of 17 online lectures will be held on the topic of IT security (only conducted in the German language). The lectures will be organised by various universities.
So far, the TU Braunschweig, TU Dresden, KU Eichstätt-Ingolstadt, Uni Göttingen/GWDG, Uni Osnabrück, Uni Duisburg-Essen and the Uni Köln are actively involved. Read the rest of this entry »
Macros – E-mail Filtering at RWTH
![Screen with 2 ladybugs, gear and envelope](https://blog.rwth-aachen.de/itc/files/2022/03/email-g444052a0a_1920-300x193.jpg)
Source: Pixabay
E-mails are a major gateway for cyberattacks. These attacks are no longer isolated incidents and are part of our everyday life. Especially the spreading of malware through attached documents with macros are very popular among cyber criminals. These macros can for example contain hidden malware. If the recipient activates these macros when opening the document, any malicious software they may contain can cause great damage. For this reason, a protection mechanism for e-mail macro filtering was installed for the RWTH e-mail service on November 16, 2021. Office documents are the most used, but also PDFs, e.g. containing form fields. Read the rest of this entry »
SQL Injection: Databases Attacks
![Medical syringe](https://blog.rwth-aachen.de/itc/files/2022/03/medical-g589d2d0e1_1920-300x200.jpg)
Source: Pixabay
Database systems are essential in many aspects. They allow large amounts of data to be organized, read and stored for the long term. The field of application of database systems is vast and so is the amount of personal data stored in them. For example, banks and insurance companies use databases to structure and store account information and information relating to accounting transactions. Every time we search for a product in a web store, we access a specific database, and our user data, such as login information, is also stored in databases. At best, these sensitive data are encrypted. The effort required to build and maintain these electronic databases is great – but the biggest challenge is to ensure their security. One of the greatest threats to these databases and the data they contain are so-called code injections. Read the rest of this entry »
Results of the ZKI Top Trends Survey-2022
![Woman in IT landscape](https://blog.rwth-aachen.de/itc/files/2022/03/pexels-thisisengineering-3861969-1-300x200.jpg)
Source: Pexels
Once again this year, the Strategy and Organisation Working Group of the Association of Centres for Communication and Information Processing conducted a survey on the most important topics and trends of IT institutions from research institutions and universities in Germany. 85 institutions participated in this year’s survey, providing exciting insights into promising IT topics that will shape the year 2022.
Are you wondering what the top trends and topics are and what you need to be prepared for in the IT world? Then you’ve come to the right place!