Blog

Privilege escalations in applications – often referred to as privilege escalation – are vulnerabilities that allow attackers or even regular users to access data, information or system functions for which they have no authorization. Attackers...

What exactly is examined during ISO 27001 certification? There are many myths surrounding this question. Many believe that “IT security” is audited. Others think that compliance is put through its paces – in terms of...

Many organisations trust that their own systems and applications “will be secure somehow”. Especially when third parties such as IT service providers or cloud services are used, the trust in IT security is great. Our...

If we closely review the ISO 27001:2013 standard or the draft of the new 27001:2022, we see that the terms penetration testing and vulnerability scanning are not explicitly mentioned either as requirements or as a...

One of the core competences of cloud service providers is the safeguarding of infrastructures with regard to IT security. But what should be taken into account when using the cloud? The cloud has many advantages:...

This question is often asked by novices who are dealing with ISO 27001 for the first time. What is an Internal Audit? An internal audit is a self-audit to verify three key points by an...

Risk precautions are supposedly just as unwelcome as health precautions. But they are just as important! Various studies prove: Attacks on IT systems and applications are increasing significantly. The consequences are financially devastating. At the...

The terms IT security or information security are often used synonymously, go in a comparable direction but mean different things. However, it is worth taking a closer look to differentiate between the terms. Information security...

Numerous details about people, their purchases and other sensitive details could be accessed unprotected on the web for months, as Der Spiegel (German content) prominently reports on its website. A service provider had inadequately secured...

A serious vulnerability exists in the popular Samba server, which provides Windows file and print services in Linux environments. Linux systems should be updated as soon as possible, because the vulnerability with the identifier CVE-2020-27840...