Schlagwort: ‘IT-Security’
Artificial Intelligence – Curse or Blessing for IT Security?

Source: Freepik
We are increasingly coming across the term “artificial intelligence” (AI). Whenever we come across this term that has become a fashionable phenomenon in the media, there are regularly reports about self-thinking AI, fully autonomous means of transport or other similar applications. For many of us, it can be hard to figure out what is actually meant by the term. However, the application areas of AI that seem to be particularly popular in the media are in reality only a very small segment of the actual application field of AI. Many a user would probably even be surprised to know in which areas AI is already being implemented today. In this article, we would like to take a closer look at the term and explain what role artificial intelligence can play in the field of IT security.
Cyber-Security-Awareness-Training at RWTH – a Review

Source: Pixabay
No more simulated phishing emails in your inbox? No more access to the eLearning program for employees of the RWTH? That can only mean one thing: the cyber security awareness training at RWTH Aachen University ended for the time being on May 09, 2022.
Today we look back on the training and share the results with you. Read the rest of this entry »
Email Security – The SMTP Protocol and Its Problems (Sending and Receiving)

Source: Freepik
In our first article on the topic of e-mail security, we gave an insight into the historical development of email. We briefly explained how email exchange works and referred to the statistics of the email service at RWTH Aachen University.
Today we’ll tell you about the transmission protocol “Simple Mail Transfer Protocol” (SMTP) and its pitfalls.
Shadow IT: The Underestimated Danger

Source: Unsplash
The application of information technology is as diverse as the world around us. IT solutions have now taken a major part in our daily lives. They provide support in our households, assist us during sports and in our leisure activities, and are often a great help in our professional activities as well. This increasing digital affinity offers numerous advantages, but also bears risks. The use of so-called shadow IT in a professional context is growing along with it. Now, what is shadow IT exactly? What opportunities and risks does it hold, and how can a company reduce the use of shadow IT in the best possible way? This article will give you all the answers to these questions. Read the rest of this entry »
CEO Fraud: When “Superiors” ask for Money

Source: Pixabay
Online fraud schemes are constantly evolving and becoming more devious. In some cases, it can be extremely difficult to spot the scam. Yet one particular fraud method seems to be growing in popularity in recent years and, more importantly, causing ever greater damage: the CEO Fraud. In this article, we’ll explain exactly how this method works and how you can protect yourself from it. Read the rest of this entry »
Email Security – E-Mail & Mail Statistics at RWTH

Source: Freepik
About 50 years ago, the first e-mail was sent – albeit between two computer systems that were part of the same local network. In the 1980s, the internet was opened up to a larger circle of users and e-mail was given its own transmission protocol “Simple Mail Transfer Protocol” (SMTP).
Even today, the exchange of messages via e-mail is undoubtedly an important way of exchanging information between parties via an asynchronous communication channel.
Insider Threat: The Threat from Within

Source: Pixabay
In an increasingly digitalized world, cyber threats are playing an ever greater role. The pandemic and working at home also favor these threats. In the last two years, the number of cyber attacks has increased sharply. This is also confirmed by a study by EY (german only). The human factor plays a major role in this context. But what if the threat itself comes from within the company’s own ranks? So-called insider threats are often underestimated by many companies and organizations. Yet the effects of such a threat can be devastating. Read the rest of this entry »
IT-SAD: IT-Security Awareness Days 2022

Source: TU Braunschweig
From the 2nd to the 19th of May 2022, the IT Security Awareness Days will take place for the third time. During these three weeks, a total of 17 online lectures will be held on the topic of IT security (only conducted in the German language). The lectures will be organised by various universities.
So far, the TU Braunschweig, TU Dresden, KU Eichstätt-Ingolstadt, Uni Göttingen/GWDG, Uni Osnabrück, Uni Duisburg-Essen and the Uni Köln are actively involved. Read the rest of this entry »
Macros – E-mail Filtering at RWTH

Source: Pixabay
E-mails are a major gateway for cyberattacks. These attacks are no longer isolated incidents and are part of our everyday life. Especially the spreading of malware through attached documents with macros are very popular among cyber criminals. These macros can for example contain hidden malware. If the recipient activates these macros when opening the document, any malicious software they may contain can cause great damage. For this reason, a protection mechanism for e-mail macro filtering was installed for the RWTH e-mail service on November 16, 2021. Office documents are the most used, but also PDFs, e.g. containing form fields. Read the rest of this entry »
SQL Injection: Databases Attacks

Source: Pixabay
Database systems are essential in many aspects. They allow large amounts of data to be organized, read and stored for the long term. The field of application of database systems is vast and so is the amount of personal data stored in them. For example, banks and insurance companies use databases to structure and store account information and information relating to accounting transactions. Every time we search for a product in a web store, we access a specific database, and our user data, such as login information, is also stored in databases. At best, these sensitive data are encrypted. The effort required to build and maintain these electronic databases is great – but the biggest challenge is to ensure their security. One of the greatest threats to these databases and the data they contain are so-called code injections. Read the rest of this entry »


