PowerShell I – Introduction

by Frank Ully

This article is the first in a multi-part series about Windows PowerShell and how attackers abuse it, how incident responders can detect these attacks – and how IT security managers can prevent them in the first place. Advanced attackers are regularly using scripts written in PowerShell as part of their attack toolchain. This is because Windows PowerShell, Microsoft’s task automation and configuration management framework, as well as the script language of the same name are now tightly integrated into modern Windows installations. [read the German article]

18-06-18 / Hacking Day 2018 Digicomp

«Bypass all the things – effective application whitelisting»

Speech by Branch Manager Bern and Senior Penetration Tester Yves Kraft on Hacking Day 2018 at Digicomp Zurich was recorded and will be published in Oeconsult’s youtube channel

14-06-2018 / ZHAW / Data Protection and Data Security Compliance

Data protection – top topic in many board meetings!
Data protection and data security – the topics are not only since GDPR in every mouth. Digitalization and technical developments require a new understanding of data handling. [more information about the event in German]

A short history of Remote Access Trojans (RATs)

by Frank Ully

First, the article introduces the basics of malware and especially remote access trojans (RATs).
Then the history of publicly available RATs is traced by describing some outstanding representatives. The article concludes with an outlook on current developments in publicly available RATs. [read the German article]