17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns

Around 12% of the 45,000 or so Microsoft Exchange servers in Germany that can be accessed from the Internet without restrictions “are so outdated that security updates are no longer offered for them,” the German Federal Office for Informati… Continue reading 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns

Smashing Security podcast #294: The Virgin trains swindler, cyber clowns, and AirTag election debacle

Someone’s election-fiddling is uncovered with an Apple AirTag, a cyber scandal rocks Germany, and a swindler steals a fortune due to trains being delayed.

All this and much more is discussed in the latest edition of the award-winning “Smashing Secur… Continue reading Smashing Security podcast #294: The Virgin trains swindler, cyber clowns, and AirTag election debacle

BSI joins (ISC)² Official Training Partner program to help organizations address cybersecurity challenges

(ISC)² announced that BSI has joined its Official Training Partner program, delivering cybersecurity education across the U.S., U.K., Italy and the Republic of Ireland. BSI’s Consulting Services team will be responsible for delivering (ISC)² educ… Continue reading BSI joins (ISC)² Official Training Partner program to help organizations address cybersecurity challenges

SAP partners with Onapsis to mitigate active threats against unprotected SAP applications

SAP and Onapsis jointly released a cyber threat intelligence report providing actionable information on how malicious threat actors are targeting and potentially exploiting unprotected mission-critical SAP applications. The companies have worked in clo… Continue reading SAP partners with Onapsis to mitigate active threats against unprotected SAP applications

33 connectivity flaws render millions of IT, IoT devices vulnerable

Several sets of internet communication protocols used by major vendors of connected products have vulnerabilities that could affect millions of devices, researchers revealed on Tuesday. Four of the vulnerabilities are critical, meaning attackers could use them to remotely take over devices ranging from a “smart” refrigerator to an industrial networking switch in the electrical grid, according to the security vendor Forescout. The flaws exist in information technology, operational technology and so-called internet of things products. The Forescout study, dubbed AMNESIA:33, focuses on 33 vulnerabilities in four open-source TCP/IP stacks. TCP/IP stands for “Transmission Control Protocol/Internet Protocol,” which is used to communicate between computers. Open-source TCP/IP stacks serve as the foundational connectivity components of devices around the world. (A TCP/IP stack is an implementation of the TCP/IP protocol.) It marks the second time this year that a set of TCP/IP stack vulnerabilities emerged that could affect a large number of devices. […]

The post 33 connectivity flaws render millions of IT, IoT devices vulnerable appeared first on CyberScoop.

Continue reading 33 connectivity flaws render millions of IT, IoT devices vulnerable

MediaPRO and BSI offer personalized privacy awareness and regulation specific training programs

MediaPRO, a leading provider of security and privacy training solutions, has announced a new partnership with BSI, the international business improvement company. The new alliance will enable BSI to offer its clients personalized privacy awareness and … Continue reading MediaPRO and BSI offer personalized privacy awareness and regulation specific training programs

Shine a light on shadow IT to improve organizational resilience

Shadow IT is one of the biggest challenges facing organizations today. According to Gartner, by 2020, a third of all cybersecurity attacks experienced by enterprises will be from their shadow IT resources. This shadow IT infrastructure can be created, … Continue reading Shine a light on shadow IT to improve organizational resilience

German investigators question teenager, search residence, as breach probe continues

Germany’s federal police agency said Monday it has questioned suspects and searched property as part of its investigation into the data breach that led to the publication of hundreds of lawmakers’ personal information. The Federal Criminal Police Office (BKA) said in a Facebook post that officials have been active in the town of Heilbronn, in northern Germany, in the hunt for information about the publication last week of phone numbers, addresses and other data about German officials and journalists. The announcement followed tweets from Jan Schürlein, a German IT developer who announced that authorities had spent four hours on Sunday looking through his home. Da es überall im Fernsehen & den Medien zu sehen ist, ja dass BKA hat gestern in einer mehrstündigen Razzia meine Wohnräume durchsucht. Ich möchte ganz klar darauf hinweisen, dass ich ausschließlich als Zeuge geführt werde. Das BKA bat um öffentliche Zurückhaltung. — Jan Schürlein (@Janomine) […]

The post German investigators question teenager, search residence, as breach probe continues appeared first on CyberScoop.

Continue reading German investigators question teenager, search residence, as breach probe continues

Germany sought NSA help after breach exposed lawmakers’ data

German security officials contacted the National Security Agency following a data breach that resulted in private data about many German politicians, including Chancellor Angela Merkel, being publicly published, according to German media outlets. Germany sought help from the NSA after a Twitter account began distributing phone numbers, addressees, chat histories and vacation photos belonging to politicians, journalists and celebrities, German newspaper Bild reported. Germany asked the NSA to pressure Twitter to shut down accounts that were spreading the hacked information, arguing the NSA had jurisdiction because some U.S. citizens also had their information exposed in the data dump. Outreach to the NSA is not the only example of international cooperation. Hamburg, the German city-state, is working with the Irish Data Protection Commissioner to stop the spread of hacked information, according to the news outlet RTE. When reached by CyberScoop Monday, an NSA spokesman said the agency, if asked, would help an ally […]

The post Germany sought NSA help after breach exposed lawmakers’ data appeared first on CyberScoop.

Continue reading Germany sought NSA help after breach exposed lawmakers’ data