Informative, up-to-date and exciting – the Oneconsult Cybersecurity Blog.

Cybersecurity Blog

Browse through exciting articles, current news and helpful tips & tricks from our experts on all aspects of cybersecurity.

Secure passwords for local administrators

In the course of their audit engagements Oneconsult penetration testers are increasingly finding identical passwords used for local administrative users on backend systems and even more often on workstations. Although these passwords are stored as a NTLM hash, an attacker still has ample opportunities to misuse this situation for lateral movement inside a company’s IT infrastructure. This article covers attacks and mitigation opportunities. [read the German article]


BadUSB – Gain access in less than 15 seconds

by Immanuel Willi Many IT security trade media and blogs focus on popular attack vectors such as phishing or the “OWASP Top 10”. Physical attacks that require direct access to a device are given less attention. Accordingly, many users think they are secure when the notebook hard disk is encrypted and the Windows desktop is locked. But they are wrong! [read the German article]


Cybersecurity Incident Response – So bewältigen Sie das Unerwartete

by Damian Gruber & Adrian Schoch Cybersecurity incidents may have a significant business impact, especially for unprepared organizations. Read in this article in German how to effectively handle such incidents by a proven process and countermeasures and learn from Oneconsult’s real-life incident response & IT forensics cases.


HTTP Referer Header: How web browsers compromise private URLs

by Fabian Gonzalez The HTTP Referer header was defined to determine the origin of a user’s request on the server side. As such, today’s web browsers use this header to communicate the last visited resource when requesting a new one. Since it is often written to a server’s access log, the header may be evaluated or used for other purposes. This may result in security issues. The author describes the problem and provides simple solutions. The article is available in German.


What3(Pass)Words – create passwords from places

by Jan Alsenz Despite many known weaknesses and problems, passwords are ubiquitous. A new service, normally intended for geo-addressing, can be used to generate (reasonable) secure, easy to remember passwords. This article covers the mathematical basics as well as the pros and cons of this approach.


Web Application Firewall Bypass

Web Application Firewalls (WAF) werden von den Herstellern als Universalwaffe gegen Cyber-Kriminelle genannt, weil sie es (angeblich) ermöglichen, dass die dahinterliegenden Applikationen sicherheitstechnisch nicht gepflegt werden müssen. Doch stimmt das? In diesem Artikel wird anhand Beispielen aus der Realität aufgezeigt, wie JavaScript ungehindert an WAFs vorbeigeschleust werden kann.


Never miss the latest news about cybersecurity topics again? Subscribe to our newsfeed on LinkedIn.

Don’t miss anything! Subscribe to our free newsletter.

Your security is our top priority – our specialists provide you with professional support.

Availability Monday to Friday 8:00 a.m. – 12:00 p.m. and 1:00 p.m. – 5:00 p.m (exception: customers with SLA – please call the 24/7 IRFA emergency number).

Private individuals please contact your trusted IT service provider or the local police station.

For more information about our DFIR services here:

Add CSIRT to contacts