Knowledge base

Explanations of terms and information from the world of IT security

Our knowledge database provides you with valuable information on various topics in the field of IT security. Learn which dangers exist and how you can specifically counter these threats to ward off CEO fraud, ransomware, phishing and the like. In addition, you’ll find an overview of relevant terms in the field of information security.

IT Security

Whenever a organization communicates online and stores and transfers data and information, it must ensure its IT security. But what exactly is this?

Malware

The term malware is used to describe all kinds of malicious software. The focus here is on malware that is loaded onto the device in order to cause damage.

Emotet

What is Emotet? And how can I protect myself from Emotet? Measures to protect against the most dangerous malware Emotet.

Brute-Force attacks

A brute-force attack is a trial-and-error method used to obtain information such as passwords or other access codes. Here, the attacker tries a variety of …

Computer Virus

What exactly is a computer virus? What are the chances of eliminating one? And what kind of protection is really effective against them?

Cryptolocker Ransomware

The cryptolocker ransomware was a polymorphic virus, which was used to encrypt computer systems. The only option affected …

Trojans

Insidiously, as in the famous mythology, a Trojan horse attacks computers, steals data and damages the system.

DDoS Attack

The abbreviation DDoS stands for Distributed Denial Of Service. A DDoS attack is a type of DoS attack in which several hijacked systems are used to carry out an attack against the target system.

Ransomware Kill Chain (1)

Why is ransomware not a typical cyberattack? Normally, the data theft remains undetected. This is especially true when the systems …

Ransomware Kill Chain (2)

How to use the Ransomware Kill Chain model to devise countermeasures? The Ransomware Kill Chain using Wanna Cry as an example …

Ransomware

The word “ransomware” comes from the English language and contains the term “ransom”, which means “held hostage for money”…

Phishing

Phishing is an electronically executed fraud attempt in which the recipient is sent a fake e-mail that he often does not recognize as such at first…

Crypto Mining

With the establishment of cryptocurrency, the era of a new means of payment has been ushered Crypto Mining in. To better understand the miners’ gold rush, we have summarized the most important facts on this page.

Social Engineering

Even with the best technical security precautions, every company has a risk factor that is difficult to control: the human one. To get hold of important data or gain access, a hacker needs to understand not only computers but also people. What exactly is social engineering and how can you protect yourself?

Computer Worm

A computer worm is a malicious program that reproduces itself as it spreads to as many computers as possible. This makes the it particularly dangerous for companies.

Cyber Kill Chain

To identify and combat attacks along the Cyber Kill Chain in time, you need to understand the strategies of the criminals …

Spear Phishing

Spear phishing is a cyber attack with extremely malicious intent that is derived from traditional phishing. In a conventional phishing attack, the target persons fall randomly into the attacker’s grid.

GoBD

GoBD are the Principles for properly maintaining, keeping and storing books, records and documents in electronic form and for data access, as provided …

The most important IT news. Read our latest blog posts

Hornetsecurity included in Gartner’s 2020 Market Guide for Email Security

Hornetsecurity included in Gartner’s 2020 Market Guide for Email Security

The new Market Guide for Email Security from leading research and advisory company Gartner has listed Hornetsecurity as Representative Vendor. With the Gartner Market Guide for Email Security, analysts Mark Harris, Peter Firstbrook and Ravisha Chugh provide comprehensive guidance on how to set up email security to meet changing circumstances. Especially because of the dramatic increase of phishing attacks, the rise of business email compromise (BEC) and the ongoing migration to cloud security, security managers need to ensure that the solutions they choose are appropriate….
Leakware-Ransomware-Hybrid Attacks

Leakware-Ransomware-Hybrid Attacks

Since December 2019, ransomware operators have been using leakware/ransomware hybrid attacks more and more often. These attacks combine the classic ransomware attack with a leakware attack. In a classic ransomware attack, the victim’s data is encrypted and is only decrypted back after the victim pays a ransom fee to the ransomware operators. In a leakware attack, the data is stolen, and the victim is blackmailed with the data being published publicly unless he pays a certain fee. In a leakware/ransomware hybrid attack, the data is first stolen, then encrypted. Then the victim is first asked to pay the ransom for decryption. If the victim declines to pay the ransom, the attackers threaten him to release the stolen data publicly. In some cases, business partners and/or customers of the victim are also contacted and informed of the impending data release to put even more pressure on the victim.
Emotet in encrypted attachments – A growing cyber threat

Emotet in encrypted attachments – A growing cyber threat

The cybercriminals behind the banking Trojan Emotet are working hard to circumvent anti-virus filters with various tricks and spread the malware on many more systems. From email conversation thread hijacking, through changes of the web shells, to updating the Emotet-loader, which led to a huge increase in malware downloads. Now Emotet is again sending encrypted attachments via its malspam to further expand its botnet network…