Social Engineering: Firewall-Rules for your brain – Part 2

In the first part of this series you learned which behavioral patterns are usually used to influence humans. Those patterns are the basis of a Social Engineering attack and can usually be detected by a trained person. In the second part we will examine much more sophisticated influencing techniques. Those techniques are very tricky to detect and form a higher threat for your brain’s internal firewall.

Continue reading

Social Engineering: Firewall-Rules for your brain – Part 1

Humans can be regarded as one of the biggest weaknesses for secure systems. Their interaction with technology and awareness for information security makes them usually the “weak link” for gaining access to enterprise networks and private information. From an attackers point of view the investment of using a human to hack a system is much cheaper than searching for 0-day exploits or unpatched vulnerabilities. That’s why the art of human hacking, called Social Engineering, has become an important threat factor for secure systems.

Continue reading

Blockchain – Revolution or hype?

Welcome to our journey through the blockchain, since the emergence of Bitcoin, one of the most trending topics of the global digital village. After reading this blog post, you’ll have a basic understanding of the technology, a wide overview of future use cases and are able to differentiate between realistic potential and hype.

In the first part we explain the blockchain technology, for everybody who’s not that deep in the topic or needs a quick recap:
What is an transaction?
What’s inside a block?
How does the merkle tree work?
Why do we need a proof of work?

In the second part we take a closer look on the future of the blockchain:
What are Proof-of-Stake, Casper and Algorand?
What are the risks and opportunities of the technology?
Where are the future uses cases of the blockchain?
Is there a blockchain revolution or just another hype?
Continue reading

Malvertising – Part 1: Internet advertising basics

bildschirmfoto-2016-10-03-um-20-53-58Imagine surfing the web on a normal trustworthy website. On the top of the page you see an ad for something that interests you, e.g. the newest smartphone you like for an unbelievable cheap price. You click on the ad. Why wouldn’t you? You’re on a trustworthy site after all. The ad turns out to be a hoax, there are no smartphones for a price that cheap. Over the next few days you notice some strange behaviour from your computer.  Turns out, your computer is infected with some malware. How could this happen? In this case, you’ve been a victim of malvertising. Malvertising is a word composed of Malware and Advertising. As you probably already suspect right now, it means infecting users with malware via advertising on the internet. In this series of articles, I want to give you an introduction to malvertising, first by looking at some basics of advertising on the internet.

Continue reading

Exploring Docker Security – Part 3: Docker Content Trust

In terms of security, obtaining Docker images from private or public Docker Registries is affected by the same issues as every software update system: It must be ensured that a client can always verify the publisher of the content and also that he or she actually got the latest version of the image. In order to provide its users with that guarantees, Docker ships with a feature called Docker Content Trust since version 1.8.
This third and last part of this series intends to give an overview of Docker Content Trust, which in fact combines different frameworks and tools, namely Notary and Docker Registry v2,  into a rich and powerful feature set making Docker images more secure.

Continue reading

WhatsApp encrypts !?


The majority of the 1 billion monthly whatsapp users may be a little confused about the tiny yellow info-box in their familiar chat. End-to-end encryption? Is this one of these silly annoying whatsapp-viruses or maybe something good?

The first big question is “why”. Why do we need a (so complicated) whatsapp end-to-end encryption? The most important answer is obvious: cause the sent messages are highly personal and worthy to protect against third-party attackers or facebook/ whatsapp itself. From facebook’s point of view there are some more reasons like pressure caused by competitors or loss of trust by the users.

Continue reading

Botnets – Structural analysis, functional principle and general overview

wiat wektorThis paper provides an overview on the most important types of botnets in terms of network topology, functional principle as well as a short definition on the subject matter. By exploring the motivation of botnet operators, the reader will gain more insight into business models and course of actions of key players in the field. Furthermore, essential botnet modules, major important roles and infection vectors will be discussed in order to provide an overview. This paper will also treat the hiding, detection, as well as the decommissioning of botnets. Moreover, it will be discussed in what sense botnets may be considered as resilient systems and what estimations about countermeasures can be taken in order to tackle future developments in the field of botnets.

Continue reading

Exploring Docker Security – Part 2: Container flaws

Now that we’ve understood the basics, this second part will cover the most relevant container threats, their possible impact as well as existent countermeasures. Beyond that, a short overview of the most important sources for container threats will be provided. I’m pretty sure you’re not counting on most of them. Want to know more?

Continue reading




MirageOS is a new and rising trend when it comes to talking about cloud computing. More and more services are being relocated into modern cloud infrastructures, due to a lot of advantages like i.e. reduced costs, maximum flexibility and high performance. Todays services normally depend on big virtual machines (like i.e. Ubuntu Xenial with a size of ~1,5 GB) with a lot of software on it. The service which is running on these virtual machine only needs a very small subpart of the whole software and dependencies which are installed. Also the unneeded additional software running on the virtual machines offers a huge attack surface for hackers. Since data often is a highly valuable asset for a company and exposing it would lead to a huge profit collapse, security gains more and more importance. MirageOS is a minimalistic approach to kick out all unneeded layers and dependencies and deploy as less code as possible. This approach is highly efficient and fits in perfectly in modern microservice-architectures. If MirageOS will be accepted by users in the future, it could possibly replace modern approaches like i.e. Docker or classic virtual machines in the context of cloud-environments.

Continue reading