Secure passwords for local administrators

In the course of their audit engagements Oneconsult penetration testers are increasingly finding identical passwords used for local administrative users on backend systems and even more often on workstations. Although these passwords are stored as a NTLM hash, an attacker still has ample opportunities to misuse this situation for lateral movement inside a company’s IT infrastructure. This article covers attacks and mitigation opportunities. [read the German article]

Security Sales Executive at Oneconsult – your new challenge?

(f/m, 80 – 100%): Your exciting new job at Oneconsult as a Security Sales Executive? If you are a native German speaker, we are looking for you to strengthen our top-flight cyber security crew.

Job description

06-Mar-2018: OSSTMM presentation at the ISSS Security Lunch in Zurich

The Open Source Security Testing Methodology Manual (OSSTMM) is ideal for planning, carrying out and documenting technical security audits. Yves Kraft, an experienced OSSTMM trainer, will focus on the measurability and comparability of OSSTMM-compliant audits in his presentation.

Further information and registration (presentation will be in German):