HanseSecure in the ARD Munich Report

Common applicant portals provide a breeding ground for false job ads and the identity theft that accompanies them.
“Send us your resume and we need your data”, thus -MUCH THANKS for YOUR IDENTITY-.
Nothing is recognizable for applicants! This scam runs fast and uncomplicated. The danger- suddenly ignorance leads to punishment. Criminal proceedings for the bona fide applicant will follow.

Attention rip-off: HanseSecure on Kabel 1

Ihm seien verdächtige Überweisungen aufgefallen. Er fragt, ob er sie stoppen soll. Sie bejahen es und geben zur Identifikation Ihrer Identität eine TAN durch. In diesem Moment schnappt die Falle zu. Unser IT-Sicherheitsexperte Florian Hansemann hat vor Kurzem bei einem Kabel 1 Beitrag rund um das Thema Phishing und Social Engineering mitgewirkt. In diesem Beitrag […]

No more (password) chaos!

The tiresome topic of passwords and their management. I am always asked how to solve this problem. Therefore, I decided to write a short guide for KeePass. So here we go 😉 #1 Installation and First Start First, you get the corresponding software from the official manufacturer and can choose between the portable or the […]

Mini basic protection for home

Every day, millions of people become victims of cybercrime. These are usually not targeted by professional hackers, but fall victim to large-scale attacks by chance. How does something like this happen? The attack vectors are versatile: Phishing e-mails Modified files Drive-by downloads Bad passwords Physical access Removable media (e.g. BadUSB) etc. Attackers permanently scan the […]

Offensive Security Certified Professional Experience / OSCP Review

Today I would like to share my experience with OSCP from the guys at Offensive Security. Why OSCP? There are now so many certifications in the field of information security that it is difficult to choose one. For me, criteria are the deciding factor in certifications: Learn new Apply knowledge (i.e. no multiple choice tests) […]

Detect phishing emails

Almost every day, users become victims of so-called phishing emails. Therefore, in this short post, I would like to point out the details that can be paid attention to in order to identify malicious emails. Of course, this is not a protection against spear phishing emails as used by professional hackers or penetration testers. I […]

Deceptive security: antivirus and firewall

We are safe because we have a virus scanner and a firewall! This statement is often the first to fall and should therefore be finally put right 😉 #1 Firewall A firewall prevents connections to unwanted services (actually ports, but we’ll get to that in a moment). This is done by blocking/closing ports which are […]

30 minutes to a secure WordPress blog

WordPress is still the tool of choice, especially for newbies, to quickly create a respectable website. All nice KlickiBunti, so without expertise 😉 Unfortunately, #InfoSec almost always falls by the wayside and the “admins” wonder about the new Russian language packs and additional AdminAccounts. Securing a WordPress website is not rocket science, so in the […]

How to remember passwords?

The best security measures are useless if weak credentials are chosen. This raises two essential questions, which I would like to explain below. What is a bad password, anyway? How can I create and remember strong passwords? There are two main ways of attack to guess into credentials. BruteForce All combinations are tried through. Depending […]