Secure passwords for local administrators

In the course of their audit engagements Oneconsult penetration testers are increasingly finding identical passwords used for local administrative users on backend systems and even more often on workstations. Although these passwords are stored as a NTLM hash, an attacker still has ample opportunities to misuse this situation for lateral movement inside a company’s IT infrastructure. This article covers attacks and mitigation opportunities. [read the German article]

Sichere Passwörter für lokale Administratoren

von Fabian Gonzalez

Bei Kunden stellen die Tester von Oneconsult vermehrt fest, dass auf verschiedenen Clients − sowie seltener auch auf Servern − identische Passwörter für lokale administrative Benutzer verwendet werden.
[mehr]

Security Sales Executive at Oneconsult – your new challenge?

(f/m, 80 – 100%): Your exciting new job at Oneconsult as a Security Sales Executive? If you are a native German speaker, we are looking for you to strengthen our top-flight cyber security crew.

Job description

06-Mar-2018: OSSTMM presentation at the ISSS Security Lunch in Zurich

The Open Source Security Testing Methodology Manual (OSSTMM) is ideal for planning, carrying out and documenting technical security audits. Yves Kraft, an experienced OSSTMM trainer, will focus on the measurability and comparability of OSSTMM-compliant audits in his presentation.

Further information and registration (presentation will be in German):
https://www.isss.ch/veranstaltungen/2018/security-lunch-2018-03-06/

06.03.2018: OSSTMM-Präsentation am ISSS Security Lunch in Zürich

Das Open Source Security Testing Methodology Manual (OSSTMM) eignet sich hervorragend für die Planung, Durchführung und Dokumentation von technischen Audits. Messbarkeit und Vergleichbarkeit von OSSTMM-konformen Audits sind das Thema, top dargelegt von Yves Kraft, einem erfahrenen OSSTMM Trainer.

Weitere Informationen und Anmeldung: https://www.isss.ch/veranstaltungen/2018/security-lunch-2018-03-06/

We are hiring

(f/m, 80 – 100%): Your exciting new job at Oneconsult? If you are a native German speaker, we are looking for you to strengthen our top-flight cyber security team.

Job descriptions

Dein spannender, neuer Job bei Oneconsult

Wir suchen dich als Verstärkung für unser Team.
(„Focus“-Bewertung: Top Arbeitgeber Mittelstand 2018) [mehr]