Knowledge base

Explanations of terms and information from the world of IT security

Our knowledge database provides you with valuable information on various topics in the field of IT security. Learn which dangers exist and how you can specifically counter these threats to ward off CEO fraud, ransomware, phishing and the like. In addition, you’ll find an overview of relevant terms in the field of information security.

Brute-Force attacks

A brute-force attack is a trial-and-error method used to obtain information such as passwords or other access codes. Here, the attacker tries a variety of …

GoBD

GoBD are the Principles for properly maintaining, keeping and storing books, records and documents in electronic form and for data access, as provided …

Cryptolocker Ransomware

The cryptolocker ransomware was a polymorphic virus, which was used to encrypt computer systems. The only option affected …

Cyber Kill Chain

To identify and combat attacks along the Cyber Kill Chain in time, you need to understand the strategies of the criminals …

Email encryption basics

Hornetsecurity explains the basics of email encryption for businesses. From PGP to TLS and S/MIME to certificates and signatures …

Ransomware Kill Chain (1)

Why is ransomware not a typical cyberattack? Normally, the data theft remains undetected. This is especially true when the systems …

Ransomware Kill Chain (2)

How to use the Ransomware Kill Chain model to devise countermeasures? The Ransomware Kill Chain using Wanna Cry as an example …

Ransomware

The word “ransomware” comes from the English language and contains the term “ransom”, which means “held hostage for money”…

Phishing

Phishing is an electronically executed fraud attempt in which the recipient is sent a fake e-mail that he often does not recognize as such at first…

Crypto Mining

With the establishment of cryptocurrency, the era of a new means of payment has been ushered Crypto Mining in. To better understand the miners’ gold rush, we have summarized the most important facts on this page.

Social Engineering

Even with the best technical security precautions, every company has a risk factor that is difficult to control: the human one. To get hold of important data or gain access, a hacker needs to understand not only computers but also people. What exactly is social engineering and how can you protect yourself?

The most important IT news. Read our latest blog posts

Hornetsecurity signs first UK distributor contract with Brigantia

Hornetsecurity signs first UK distributor contract with Brigantia

Hornetsecurity, the German company which is Europe’s leading email cloud security provider, is expanding its presence in the UK through a strategic partnership with cybersecurity distributor Brigantia. The new partnership – which follows Hornetsecurity’s acquisition of the Poole-based email security provider Everycloud in January – will give it access to Brigantia’s network of resellers throughout the UK and Ireland and support its plans to become the UK market leader within 12 months…
QakBot malspam leading to ProLock: Nothing personal just business

QakBot malspam leading to ProLock: Nothing personal just business

FBI and the German federal CERT [1][2] are warning of current QakBot malspam distributing ProLock ransomware. QakBot is spread via email. In the outlined campaign an email with a link to a ZIP archive containing a VBScript is used to download the QakBot Loader onto victim computers. From there the ProLock ransomware can potentially be loaded by the QakBot operators. The ProLock ransomware uses RC6 to encrypt files on the victims computer. It spares the first 8 KiB of all files. It appends a .proLock extension to encrypted files and leaves a ransom note stating that it is “[n]othing personal just business” and instructions on how to pay the ransom. However, the ransomware also deletes specific files ending with .bac or .bak extensions, so victims that pay will still loose those files.