Articles

Exploitation of Remote Work

During the COVID-19 pandemic a growing dependency on information technology became obvious for many organizations – and with it an increase of cyber risks. The exploitation of employees working remotely …

READ MORE

Ransomware

Ransomware

Ransomware is one of today’s much discussed type of cyber attacks. Several business models around this attack type emerged during the last years. The schema boils down to a threat …

READ MORE

Credential Theft

Credential Theft

The theft of credential is one of today’s risks to information security that significantly increased with the rise of Social Engineering. Cyber Criminals use credentials to intrude the infrastructure of …

READ MORE

Lost and Stolen Assets

Lost and Stolen Assets

Losing company assets, like laptops, smartphones, or documents, as well as assets getting stolen are two well known risks to information security of organizations. However, over the last years Verizons …

READ MORE

Denial of Service

A Denial of Service (DoS) attack aims at the availability of a service, website or network. By disrupting or suspending normal data flow, the system is rendered unavailable. Amplifying this …

READ MORE

Privilege Misuse

Privilege Misuse

The misuse of ones privileges is an intentional, malicious attack pattern. Most of the data breaches in 2021 in this category were caused by privilege abuse or data mishandling. They …

READ MORE

Human Error

Unintentional actions are among the most common patterns in information security incidents. Miscellaneous errors of employees can directly compromise assets of an organization and lead to data breaches. According to …

READ MORE

System Intrusion

System Intrusion happens in an early phase of a cyber attack (Figure 1). It usually starts after attackers have collected enough data about the target and assembled tactics for their …

READ MORE

Web Application Security

Web Application Security

Web applications are often compromised by basic attacks that require only a small number of steps or additional actions after the initial compromise. The attackers are rather focused, for example …

READ MORE

Social Engineering

Social Engineering

In social engineering, an attacker exploits the “human factor” as the supposed weakest link in the information security chain in order to accomplish his criminal intent. SECURNITE explains what Social Engineering is.

READ MORE