Categories
Pages
-

IT Center Blog

Schlagwort: ‘SafetyFirst’

Gamification meets IT Security

October 31st, 2022 | by
Symbol image for gamification

Source: Own illustration

When dealing with information technology, a whole range of dangers may lurk. In this context, the “human factor” is often presented as a particularly large and important challenge. Ignorance, naivety and a lack of caution are the most common causes of so-called insider threats. Experts agree on one thing: IT security can only be as good as the people who operate the systems.

For a security concept to be implemented successfully, it first has to be understood by the users. IT security awareness training courses are often used for this purpose. These are designed to strengthen the general understanding of security and to illustrate concrete risks. One of the most important strategies here is called gamification. Read the rest of this entry »

Honeypot – How to Lure Cyber Criminals

October 7th, 2022 | by
Honey

Source: Freepik

Sometimes the best defence is a strong offensive. When it comes to IT security, the demand for offensive security measures is greater than ever. These often rely on techniques and approaches that are actually used by criminal hackers to lure user into traps. But attackers themselves can also be tricked into a trap. Honeypots are not only used to attract bears. They can also be used to catch cybercriminals in the act. In this article, we will explain what a honeypot is and how it can be used to increase IT security. Read the rest of this entry »

Attention: Spear Phishing Emails in Circulation

September 30th, 2022 | by
Arrow through laptop

Source: Own illustration

In the last weeks, there have been more spear phishing attacks on RWTH email addresses. In this article, we would like to make you aware of these attacks and explain how you can recognize spear phishing emails. You have received a spear phishing email to your RWTH email address? We explain how you should best proceed. Read the rest of this entry »

The IT Center’s IT Security Measures

September 2nd, 2022 | by
Falling dominoes

Source: Freepik

With technological progress and the increasing digitization of processes, the topic of IT security is gaining more and more importance. The risks associated with digitalization affect us all. Improper behavior and naivety in dealing with information technology can have serious, costly consequences. That is why the security awareness of users in particular should be actively encouraged. IT security also plays a major role at the IT Center. In this blog, for example, we repeatedly draw your attention to security risks and explain how you can be more aware when using information technology. In this post, we would like to give you an overview of the IT security measures that have been implemented at the IT Center, for both yours and our protection. Read the rest of this entry »

Cyber-Security-Awareness-Training at RWTH – a Review

August 15th, 2022 | by
Padlock in front of world map

Source: Pixabay

No more simulated phishing emails in your inbox? No more access to the eLearning program for employees of the RWTH? That can only mean one thing: the cyber security awareness training at RWTH Aachen University ended for the time being on May 09, 2022.

Today we look back on the training and share the results with you. Read the rest of this entry »

Shadow IT: The Underestimated Danger

July 22nd, 2022 | by
Laptop in the Dark

Source: Unsplash

The application of information technology is as diverse as the world around us. IT solutions have now taken a major part in our daily lives. They provide support in our households, assist us during sports and in our leisure activities, and are often a great help in our professional activities as well. This increasing digital affinity offers numerous advantages, but also bears risks. The use of so-called shadow IT in a professional context is growing along with it. Now, what is shadow IT exactly? What opportunities and risks does it hold, and how can a company reduce the use of shadow IT in the best possible way? This article will give you all the answers to these questions. Read the rest of this entry »

CEO Fraud: When “Superiors” ask for Money

June 27th, 2022 | by
Symbol image of CEO Fraud

Source: Pixabay

Online fraud schemes are constantly evolving and becoming more devious. In some cases, it can be extremely difficult to spot the scam. Yet one particular fraud method seems to be growing in popularity in recent years and, more importantly, causing ever greater damage: the CEO Fraud. In this article, we’ll explain exactly how this method works and how you can protect yourself from it. Read the rest of this entry »

Insider Threat: The Threat from Within

May 16th, 2022 | by
Person in front of monitor

Source: Pixabay

In an increasingly digitalized world, cyber threats are playing an ever greater role. The pandemic and working at home also favor these threats. In the last two years, the number of cyber attacks has increased sharply. This is also confirmed by a study by EY (german only). The human factor plays a major role in this context. But what if the threat itself comes from within the company’s own ranks? So-called insider threats are often underestimated by many companies and organizations. Yet the effects of such a threat can be devastating. Read the rest of this entry »

Macros – E-mail Filtering at RWTH

March 25th, 2022 | by
Screen with 2 ladybugs, gear and envelope

Source: Pixabay

E-mails are a major gateway for cyberattacks. These attacks are no longer isolated incidents and are part of our everyday life. Especially the spreading of malware through attached documents with macros are very popular among cyber criminals. These macros can for example contain hidden malware. If the recipient activates these macros when opening the document, any malicious software they may contain can cause great damage. For this reason, a protection mechanism for e-mail macro filtering was installed for the RWTH e-mail service on November 16, 2021. Office documents are the most used, but also PDFs, e.g. containing form fields. Read the rest of this entry »

SQL Injection: Databases Attacks

March 23rd, 2022 | by
Medical syringe

Source: Pixabay

Database systems are essential in many aspects. They allow large amounts of data to be organized, read and stored for the long term. The field of application of database systems is vast and so is the amount of personal data stored in them. For example, banks and insurance companies use databases to structure and store account information and information relating to accounting transactions. Every time we search for a product in a web store, we access a specific database, and our user data, such as login information, is also stored in databases. At best, these sensitive data are encrypted. The effort required to build and maintain these electronic databases is great – but the biggest challenge is to ensure their security. One of the greatest threats to these databases and the data they contain are so-called code injections. Read the rest of this entry »