info@increaseyourskills.com +49 341 249 116 71|    |  DE  |  EN

Blog

Keeping you informed of the latest news.

 


Our Blog

We comment on all the latests changes in the world of information security, data protection, cybersecurity as well as our own company developments.
Below you will find an overview of each blog article.

AvosLocker – A new tool of the digital hostage-takers

AvosLocker is a new ransomware variant and has been active since June 2021. It encrypts files so that they can no longer be opened or read and affects Windows systems. Typical of ransomware attacks is the subsequent demand for a ransom – in the case of AvosLocker, a payment for decrypting the files...

"Black Hats", "White Hats" and "Ethical Hacker" | What's the difference?

If you type Black Hat or White Hat into the search engine, we aren't just presented with results about the latest offers on hats. These terms are also linked to information security and hacking computer systems. But what do hats have to do with hacking? And what constitutes an "ethical hacker"? These are the questions that we will be answering in the following blog article...

Customised e-learning awareness courses for your company

Why Increase Your Skills? Why e-learning? Why interactive? – Why not employ traditional methods? Quite simply: because it is possible and we can do it! Topics such as data protection and information security can quickly appear to be both tedious and dry. However, thanks to Increase Your Skills' interactive e-learning awareness courses, this is a thing of the past...

Security through the backdoor

A backdoor refers to the parts of a computer system that usually enable hidden access to the system or its data without having to use the regular routes. Most backdoors can be found in the software, but some hardware also contain built-in backdoors...

Typosquatting – A harmless typo with serious consequences

Have you ever heard of mikerowesoft.com? Or does the website duetschebank.com ring a bell? Attentive readers will have noticed that a few errors snuck in there. This kind of error is called typosquatting, or URL hijacking, and is a form of cybersquatting...

Tips for preventing and preparing for ransomware attacks

What sounds like a bad crime movie has become a reality in the digital space: criminal gangs lock factory gates and only let us back in when we pay a ransom. In my work as a digital forensic scientist, I am repeatedly asked: what should I do to protect myself? And what if, unfortunately, it does happen?...

Doxing – What you need to know about data compromise

Perhaps you have heard of doxing before. Nevertheless, this term may still be unfamiliar to some people. However, whether you are familiar or not, everyone needs to be aware of the dangers associated with a possible doxing attack. Everyone would like to ensure that their own data present on the internet is protected from identity theft and similar threats. But is doxing really that dangerous...

Trojan Horses: From Ancient History to Modern Threat

In January of this year, the Trojan horse (or simply trojan) known as Emotet was disrupted thanks to a coordinated international effort, which included authorities from both sides of the Atlantic. Since originating as a banking trojan in 2014, it has gone on to wreak havoc across millions of devices. It was even developed into an ‘attack for hire’ service offered to other criminal gangs...

Delusion or Reality? How Artificial Intelligences Abuse Our Trust

Do you still remember Barack Obama’s words: “President Trump is a total and complete dipshit!”? Quite provocative, one is not used to such statements from the ex-US president. But did he really say that? Of course he didn’t. This video is a so-called deepfake and was created by Jordan Peele to show how dangerous such a fake can be. But let’s delve a little deeper into the matter...

Measuring Cybersecurity Awareness Training: Methods and Motivations

I am sure we are all familiar with the scenario: You want more funding for a project, funding that will contribute to a positive outcome for the company if invested correctly, but you face stiff resistance from the powers that be. It comes down to money, pure and simple. How much do they have to put in...

Ransom Attack on Colonial Pipeline

There is an increasing trend of cybercriminals "kidnapping" data and holding it to ransom. This is achieved by encrypting stolen data and only releasing it after the extortionists' demands are met. Another component of this crime is threatening to publish the victims' sensitive data if they do not cooperate and pay the ransom. A current example of this taking place in the USA...

Alexa, are you spying on me? Siri, Alexa, Google Home & co are listening in!

I am sure you know the feeling: you are lying in bed and have forgotten to turn off the light. It was so cosy just now; do you really want to get up again? Smart home devices can cure this and countless other problems. Siri, Alexa and others have already moved in with many people. The smart home speakers are in the living room, bedroom, children's room...

REvil Ransomware

A new hacking group is currently making a name for itself internationally: REvil, or Sodinokibi. The group first emerged in spring 2019, and they appear to be a successor to the group behind the GandCrab ransomware. GandCrab was one of the most effective ransomware campaigns of 2018 to mid-2019. Ransomware is a form of malware installed...

Simple measures and tips for increasing levels of information security in mobile work

The rapid transition for many companies to mobile working has increased the attack landscape for cybercriminals. Companies are forced to take care of a multitude of attack vectors, with attackers able to specialise in individual vulnerabilities and gateways. Even when working from home...

How an attentive employee prevented a cyberattack on the drinking water supply in Oldsmar, Florida

In early February this year, the 15,000 residents of Oldsmar, Florida, escaped having their drinking water poisoned because an employee noticed suspicious activity and prevented it from...

Why you shouldn’t post your children’s pictures on social media

In the 21st century, posting pictures of your kids on various social media sights sites is the new normal. The average child has a digital footprint before the first tooth shows up. Some children even have a digital footprint before they are even born; that happens when the parents post...

Information Security vs Data Protection

Is this an issue for our ISO or our DPO, or is it much the same in either case? Who exactly is responsible for this incident, and is there a need to report it at all? In order to discuss the similarities and differences between information security and data protection, the first step is to define the two areas...

DNS Spoofing: What is it and how can I recognise it?

Today, search engines dominate the World Wide Web. For example, to visit the website of Increase Your Skills GmbH, very few users directly enter the domain increaseyourskills.com into the URL bar of their web browser. Instead, most will type something like "increase your skills courses" or "increase your skills data protection"...

The excesses of the WannaCry crypto worm

There was widespread panic when a new piece of malware called WannaCry emerged four years ago, on 12th May 2017. Within a very short time, it managed to infect more than...

Cybersecurity as a competitive advantage

What does cybersecurity have to do with the economic success of your company? Nothing, you think? Well, this view was perhaps still true 10 years ago, but nowadays, these two processes go hand in hand. As the digitalisation of companies continues to increase...

Social Engineering - How you can protect yourself against it

According to studies, more than 70 per cent of all cyberattacks do not primarily target hardware or software but rather attempt to obtain sensitive information through targeted manipulation of humans to carry out further attacks...

Data protection and data security: these are the differences!

What is meant by the terms "data protection" and "data security" mean? Are you aware of the differences? We will tell you one thing right from the start: "data protection" and "data security" do not mean the same thing...

Four tips to stay safe on TikTok!

In times of a pandemic, the desire for variety is always stronger. This is true for adults, but especially for children and young people. At the moment, however, there is a lack of alternatives, especially for the latter, as it is hardly possible for children and young people to meet their friends in person on a regular basis. Therefore, it is not surprising that...

DuckDuckGo vs Google – 5 reasons why you should give up using Google!

You were not aware that DuckDuckGo is a search engine? Well, now you know. Since its founding in 2008, DuckDuckGo has made it its mission to develop a search engine that does not store or share personal data, quite unlike Google...

WhatsApp, Telegram & Co: Which chat apps should you be using from a data protection perspective?

WhatsApp and Telegram have shared a common fate lately, and that is: negative headlines. WhatsApp because of the planned changes to its terms of use and the resulting more extensive sharing of data with Facebook. On the other hand, Telegram is more often associated with conspiracy theorists...

Data protection – Quo Vadis?

The reaction was substantial when Google announced at the beginning of March 2021: “No more advertising based on individual surfing behaviour!” Some people may have rubbed their eyes in disbelief: Google is voluntarily giving up the lucrative business of data? No! There can be no talk of voluntariness...

Correct handling of an information security incident

Security incidents can have a drastic impact on companies and cause severe organisational and financial damage. It is imperative to have good processes and procedures to deal with them quickly and efficiently to minimise the impact...

Digital learning vs face-to-face teaching – which is better?

When you look at the title, the first thing you might think is: why compare the two things with each other? Teaching and learning – like comparing apples and oranges. On the one hand, the focus is on the person learning; on the other, the person teaching...

How can digital learning processes be made interactive?

In times of Corona, in which homeschooling, online lectures and e-learning alternatives are on everyone's lips, it is important to know how to use these resources properly. For each person, the external circumstances and the whole learning atmosphere is subject to change...

Electronic patient file 01.01.2021 - it's finally here, but what does it do and how do you get access?

They say good things come to those who wait. Does this also apply to the electronic patient record or "ePA" for short? 2021 begins with an innovative start for those with health insurance: The introduction of the ePA! The ePA is supposed to be a milestone of digitalisation in the health care system and improve the processes between the insured and the service providers...

Targeting IoT technology – Security vulnerabilities for cybercriminals

IoT technology, or the networking of devices via the internet, has been a growing buzzword in recent years. Smart home is an area in which IoT - Internet of Things - is increasingly appearing in the private sector. After all, who needs analogue devices when every device in the future can connect to the internet, thus exchanging data more quickly? But in addition to the opportunities, IoT poses plenty of high risks, especially in the area of cybersecurity...

Twitter fined – the 72h notification period for data protection breaches under Art. 33 GDPR knows no holidays (Part 3 of 3)

In Part 1 and Part 2, on the occasion of the data breach of Twitter, we dealt with the notification obligation of the controller towards the supervisory authority and the notification obligation of the processor towards the controller according to Art. 33 GDPR. In this third and final part, we will focus on the data controller's obligation to notify the data subjects under Art. 34 of the GDPR...

Twitter fined – the 72h notification period for data protection breaches under Art. 33 GDPR knows no holidays (Part 2 of 3)

In Part 1, on the occasion of Twitter's data breach, we dealt with the notification obligations of the controller vis-à-vis the supervisory authority, Art. 33(1) GDPR. In this second part, we will focus on the notification obligations of processors...

Twitter fined – the 72h notification period for data protection violations under Art. 33 GDPR knows no holidays (Part 1 of 3)

Company holidays or staff shortage – every company is familiar with these when holidays or school breaks are just around the corner. The final tasks are quickly completed, and temporary replacement plans are drawn up, to who must take over what in case of an emergency. However, data protection is often forgotten. This has now also become Twitter's undoing...

Cyberattack against gaming company Capcom – Ransomware compromises user data

In a press release, the game manufacturer Capcom announced that there were inconsistencies in the internal network as early as 2nd November 2020. Potentially, up to 350,000 data records of customers and business partners could be affected. As this attack shows, it is not only customer data that is targeted.

Romance Scamming - The Fraud with Fake Love

Marriage scamming is not an unknown phenomenon, with the penal code even threatening offenders with up to 10 years imprisonment. Nowadays, similar perfidious scams involving fake love are taking place online. “Love scammers” or “romance scammers” can be found on social networks or online dating sites, which they use to track down potential victims...

Insider attack on Neobroker

A few weeks ago, there were reports of a data leak at the fintech startup. On October 19th, the company informed its customers about the data leak and the associated unlawful access to data of more than 31,000 customers...

A rise in cyberattacks on employees working from home

Around 7 million cyberattacks occur every day on employees working from home in German-speaking countries. The main target is the remote desktop protocol. This is the conclusion reached by a global security software company in a current research report on the threat situation in the third quarter of 2020...

The making of our awareness courses

You remember E.T., right? I hope I'm not destroying your view of the world when I tell you that this alien being with the long thin neck is not, in fact, a real alien, but merely a puppet brought to life by (then) modern technology. At Increase Your Skills, we don't create Hollywood films, but we can at least have a say in the animation of our puppets. In fact, all of our courses are brought to life by these very puppets...

Creating secure passwords

What would you say if asked whether you think your password is secure? No? Then there is an urgent need to take action to remedy this. Every year, number combinations such as 123456 top the list of Germany's most frequently used passwords....

Four out of five companies do not employ IT professionals

The Corona pandemic and the sharp increase in those working from home have put companies' IT infrastructure to the test. A new study by the Federal Statistical Office has concluded that only one in five companies (19%) employs its own IT specialists...

Hash Functions and Information Security

Some things we miraculously find all around us once we have discovered them, even though we never noticed them before. Hash functions are a good example of this. They are an important ingredient...