Article in “Zürichsee-Zeitung”: How a Company Is Turned Upside Down by a Cyber Attack

The number of cyber attacks is steadily increasing. Once again, this is proven in the current issue of Zürichsee-Zeitung (30 March 2021, available in German only) featuring a family business that has been targeted by cybercriminals: A ransomware attack temporarily shut down their entire operation. Tobias Ellenberger, COO Oneconsult AG & Vice Chairman Oneconsult International AG, explains from the perspective of an experienced expert in this field why such attacks have become very common, what needs to be taken into account in the event of such an attack, and how a cyber security service provider can help companies prevent the worst case.
[more]

Article on Underestimated Cyber Risks in AXA’s Customer Magazine “Meine Firma”

SMEs are increasingly targeted by cybercriminals. In the current issue of “Meine Firma”, AXA’s customer magazine for SMEs, the head of an architecture firm, that was exposed to a ransomware attack, shares his experience. Tobias Ellenberger, COO Oneconsult AG & Vice Chairman Oneconsult International AG, assesses the situation from the perspective of a cyber security expert and explains why such incidents are not uncommon.
[more]

22 April 2021: betterCode API – Expert Talk on OWASP API Security Top 10

At the betterCode API 2021, Frank Ully, CTO Oneconsult Deutschland GmbH and Senior Penetration Tester & Security Consultant, will talk about possible attacks on APIs based on the OWASP API Security Top 10 and will explain which measures developers can take to protect against such attacks.
[more]

Article Series on Active Directory Security Continues in Latest Issue of iX Magazine

In the current issue 04/2021 of iX magazine, Yves Kraft, Branch Manager Bern and Senior Penetration Tester & Security Consultant, and Frank Ully, CTO Oneconsult Deutschland GmbH, continue the series of articles on Active Directory security. The latest article in the series provides an insight into how attackers can exploit insecure configurations and generously assigned rights, among other things, to first spread and then also gain persistence beyond the top-level layer (forest) – the actual security boundary of an Active Directory environment.
[more]

Zero-Day Vulnerabilities in Microsoft Exchange Actively Exploited – CVE-2021-26855, CVE-2021-26857, CVE-2021-26858 & CVE-2021-27065

by Nadia Meichtry

Four zero-day vulnerabilities in Microsoft’s Exchange email solution have been fixed through updates released by Microsoft on 2 March 2021. This affects Microsoft Exchange Server, but not Exchange Online. [1]

The vulnerabilities, three of which have been classified as critical, are actively exploited, most notably by the Chinese hacker group “Hafnium”. The attackers gained access to the servers and were thus able to exfiltrate credentials and emails. [2]

[read the German article]