gdatasoftware.com

Many companies invest in security awareness training—yet participation often falls short of expectations. Why is that? And what actually works in practice? This article shows how organizations can specifically foster motivation, which measures have proven effective, and how security awareness can be sustainably embedded into employees’ daily work. Cyberattacks no longer primarily target systems, but people. Using social engineering and phishing, criminals deliberately exploit human behavior patterns.

User beware: Not every browser extension is useful, and some of them might disclose the chats you have with AI systems. From managing schedules to improving writing compositions, Artificial Intelligence (AI) is no longer science fiction and has become a necessity in our daily lives. As more people turn to these intelligent tools, browser extensions have emerged to help users manage and interact with agentic AI.

Cybercrime happens around the clock – including at night, on public holidays and at weekends. Local authority IT teams struggle to ensure IT systems are monitored, particularly during off-peak hours. As a result, in the worst-case scenario, attacks remain undetected for longer. This is where a Managed Security Operations Centre (SOC) comes in – providing 24/7 monitoring of IT systems and a rapid response to incidents.

An analysis by John Dador & Mathew Dela Cruz Overview G Data Analysts discovered a new Remcos RAT infection chain which started with a seemingly harmless batch file that executes encoded commands. This batch file creates hidden directories and retrieves additional tools as well as encrypted payloads while blending into normal system activity.

A phishing attack that is frighteningly well tailored to me. The tone is right, the context fits, and details from my professional environment are correctly referenced. For a brief moment, everything appears credible. But I ask myself: Where does this information about me come from? And how was the attacker able to target me so precisely? This is no coincidence. Phishing attacks no longer rely on mass distribution but on carefully prepared deception.

What does HBC-radiomatic do? Soenke Knipp:  HBC-radiomatic is a globally operating family business. At our headquarters in Crailsheim, we develop and manufacture radio-controlled operating solutions for demanding industrial applications - from construction machinery and port vehicles to mowing and firefighting robots - ensuring safe, convenient, and efficient human-machine interaction. We are a classic hidden champion within the German SME sector.

Attackers who impersonate trusted vendors do not only damage the reputation of the original vendor, but also cause heaps of trouble down the line. Foxit Software has more than 650 million users and is widely trusted as a lightweight PDF reader. That reputation is exactly what makes it valuable to attackers. The more familiar the software, the easier it is to convince someone that what they are downloading is safe.

A lot has already been written about Anthropic’s “Mythos.” While some welcome it and embrace the new possibilities, others are heralding the end of cybersecurity. The truth lies somewhere in between. First of all, when looking at all the current reports circulating about the Claude Opus 4.6-based model “Mythos,” it is important to note that most of the information comes from Anthropic itself.

Many companies still do not fully have NIS-2 on their radar. Yet it is no longer just about a registration requirement. In this interview, Dr. Matthias Zuchowski, regulatory expert at G DATA CyberDefense, explains what companies need to do now, where typical pitfalls lie, and how the requirements can be implemented pragmatically. Which companies are actually required to register?

Last week, reports circulated about an unpatched security vulnerability in Microsoft Windows. The “BlueHammer” 0-day vulnerability allows a normal user to gain system-level privileges. Microsoft allegedly refused to accept a report about the vulnerability—because video proof was missing. Not much is known about the security researcher behind the moniker "Chaotic Eclipse" who published a working exploit called “Bluehammer”. He did not provide any explanation along with the exploit he posted.