Latest security tips from 2021

23. December, 2021

The holiday season is approaching, and while some are looking forward to some well-deserved rest, others are hoping for the chance to work undisturbed. Among them, unfortunately, cybercriminals.

Emotet and Microsoft Exchange

In November, the BSI warned of possible attacks, especially during the holidays. The  resurgence of the Emotet network and still not updated security vulnerabilities in MS Exchange combined with a potentially reduced responsiveness during holidays and holidays are causing concern. Especially with ransomware attacks, which typically run in several phases, the first undetected penetration and spread into the internal IT systems is a critical point, to which the BSI repeatedly points out.[1]

Log4Shell as an additional “Turbo”

In December, the Log4j critical vulnerability exacerbated the security situation. Security researchers expect this vulnerability to remain with us for months due to the massive spread of the affected systems. Even after a successful software update, more attention should be paid to possible compromises and irregularities in the systems. Due to the relatively simple exploitation, attackers could have embedded themselves in networks before possible countermeasures.[2]

Fake shops and fraud SMS

The threats to consumers are constant. The Corona restrictions increase online shopping and, as a result, fraud attempts via fake websites. Current warnings can be viewed, e.g. at watchlist-internet.at. The Austrian project fakeshop.at offers – currently still in beta stage – a digital review of webshops.

Waiting for goods deliveries is also exploited for fraud attempts, phishing or malware infection by SMS or e-mail. Messages about alleged pick-up stations, shipment tracking or delivery attempts are usually intended to lure to fraudulent or infected websites. Please use such messages with caution or not at all.[3]

Fazit

Enjoy your days off after updating your IT systems and checking for security updates. Be suspicious and also watch out for small irregularities that could be an indicator of possible security incidents. It is advisable to install or optimize measures for detection and response in the company in the long term. Stay vigilant and keep friends, family and acquaintances informed about current threats. A secure backup of the most critical data should also be a matter of course in the private sector.

Do you have any further questions? IKARUS will be happy to advise you. Contact us at sales@ikarus.at or +43 1 58 995-500!

Reading recommendations:

The best safety tips for users

How secure are your smart home devices and cameras?

Secure communication: How to encrypt and sign your e-mails

Sources:

[1] https://www.bsi.bund.de/DE/Service-Navi/Presse/Pressemitteilungen/Presse2021/211202_Ransomware_Weihnachten.html

[2] https://www.heise.de/news/Log4j-Luecke-Erste-Angriffe-mit-Ransomware-und-von-staatlicher-Akteuren-6296549.html

[3] https://www.derstandard.at/story/2000131848622/vorsicht-vor-betruegerischen-sms-die-zur-paketabholung-auffordern

Red Teams, Blue Teams, Purple Teaming

Living Off the Land attacks

MSSP of the Year 2024

SIEM

What is a SIEM?

Nozomi Guardian Air
HarfangLab Guard
MITRE ATT&CK Framework
v.l.n.r.: Joe Pichlmayr (CEO IKARUS) – Anouck Teiller (CSO HarfangLab) –Alexander van der Bellen (Bundespräsident Österreich) - Frédéric Joureau (Erster Botschaftsrat der französischen Botschaft in Wien) – Christian Fritz (COO IKARUS)
EDR
Cyber Kill Chain
Business Email Compromise
Prognosen für die zehn größten Cybersecurity-Bedrohungen für 2030
E-Mail Verschlüsselung
Schritt für Schritt zum Notfallplan für IT-Security-Incidents
Account Management
Bedrohung

WE ARE LOOKING FORWARD TO HEARING FROM YOU!

IKARUS Security Software GmbH Blechturmgasse 11
1050 Vienna

Phone: +43 1 58995-0
Sales Hotline:
+43 1 58995-500
sales@ikarus.at

SUPPORT HOTLINE

Support hotline:
+43 1 58995-400
support@ikarus.at

Support hours:
Mon – Thu: 8am – 5pm
Fri: 8am – 3pm
24/7 support by arrangement

Remote maintenance software:
AnyDesk Download