Cybersecurity Blog

Fake Profiles on LinkedIn

07/06/2023

It’s hard to imagine today’s business world without LinkedIn as a social platform. Whether it’s sharing posts, networking with business partners, or acquiring new talent, LinkedIn is often the tool of choice. True to the idea of see and be seen. Anyone who wants to be successful strives for attention, recognition, and reach. This phenomenon also attracts scammers who take advantage of members’ open disclosure. Such fake profiles can have unpleasant consequences for companies. Find out what these consequences are and how you can protect yourself from them in this article.

Batch File Obfuscation Incident

24/05/2023

Attackers use batch files to automate and speed up their work because they allow the execution of multiple commands. This way, the attacker does not need to provide any manual input but just needs to execute the malicious script on the victim’s system.

An Introduction to Batch File Obfuscation

12/05/2023

Batch files are an essential tool many users and administrators use to perform automated tasks. However, attackers also use these batch files to execute malicious commands on a system. To avoid detection by antivirus software, batch files are obfuscated.

Passwords: Common Mistakes, Best Practices & Tips

04/05/2023

May 4, 2023 is World Password Day. This day takes place every year on the first Thursday in May and aims to raise awareness about the importance of secure passwords. The aim is to educate about best practices in password management and encourage people to take steps to improve the security of their online accounts.

“Your Site Has Been Hacked” – Fraud Attempt or Reality?

26/04/2023

Ransomware is currently what everybody is talking about. Everyone fears becoming a victim and bearing the consequences for their reputation as well as the financial impact of it.

Threat Hunting in Azure Active Directory and Microsoft 365

12/04/2023

As Microsoft services move to the cloud, Azure Active Directory (Azure AD) and Microsoft 365 (M365) are becoming popular targets for attackers. Threat hunting can help uncover signs of compromise early on.

ISO/IEC 27001: What Has Changed and What Does It Mean for Your Company?

28/02/2023

The international standard ISO/IEC 27001 is a fundamental standard for information security. It defines requirements for establishing, implementing, and maintaining an information security management system (ISMS) and serves as the basis for certification.

Vulnerability Scanners and How to Protect Your Company From and With Them

01/02/2023

Vulnerability scanners are often used during security audits. The goal: to be one step ahead of the cybercriminals!

Penetration Testing vs. Bug Bounty Programs – What Are the Differences?

19/01/2023

A bug bounty program and a penetration test are both important measures to improve the security level of a system. However, there are important differentiators between the two that need to be understood before deciding which one to use.

Cybersecurity: Guarding Against Unauthorized Access

03/01/2023

Learn about the most common initial attack vectors and their protection recommendations.

Emails are a Popular Entry Point for Attackers

22/12/2022

Emails are a Popular Entry Point for Attackers

Schützende Windows-Firewall konfigurieren

Configuring a Protective Windows Firewall

09/12/2022

Configuration of a local Windows firewall and what and how it can protect against.

The Five Best Cybersecurity Podcasts

30/11/2022

Do you like listening to podcasts? Get to know the best five cyber security podcasts.

The Differences Between Penetration Test and Red Teaming

01/06/2022

Penetration test and red teaming are cybersecurity terms. But what exactly is red teaming? And what is a penetration test all about? What are the differences between the two terms?

BloodHound – Tracking Down Vulnerabilities in Active Directory

12/05/2022

A modern Active Directory environment consists of many different components. There are clients, servers, databases, users, applications and much more. It is easy to lose track of everything (especially as a Red Team). The BloodHound tool can help here.

Live Operating Systems – Useful Helpers

25/04/2022

Computers often have strange behavior that cannot always be explained right away. Just because a laptop worked flawlessly the night before does not mean that problems won’t pop up out of nowhere the next day. In most cases, these are minor problems that can be solved quickly. However, it can also happen that the computer suddenly does not boot up at all and hangs during startup.

Become a Proven Web App Penetration Tester With the Web Security Academy

11/04/2022

What are the most common security vulnerabilities in web applications? What does an attacker need to do to find and exploit them? And how can developers protect their web applications against them? Answers to these questions as well as practical hands-on examples are provided by PortSwigger’s Web Security Academy.

DFIR, Simple: Track Ransomware Attacks

03/03/2022

Ransomware has long been on everyone’s mind and part of daily news coverage. Oneconsult’s Digital Forensics and Incident Response specialists are regularly asked to present background information on such cyber attacks, discuss them and address the current threat situation. A central element is to show that all industries, company sizes and private individuals are affected by ransomware attacks and the associated risks.

BGP Hijacking – Data on the Run

16/02/2022

From time to time, ships are blown off course, wrecked or, in the worst case, sink together with their cargo. The same can happen to the data that is sent over the Internet every day: It can deviate from its usual route and reach its destination in a big detour, but it can also end up with the wrong recipient altogether and thus be lost to the actual target – usually unintentionally, but in some cases also intentionally.

Alert Fatigue – Risks and Measures

02/02/2022

Alert fatigue refers to the phenomenon of cyber analysts being overloaded by the high number of alerts issued by security tools. This can lead to analysts overlooking or even ignoring alerts that indicate real attacks in the flood of false positives. This puts the security of the company in question at risk. Find out what the exact risks are and what measures you can take against them here.

Fake Profiles on LinkedIn

Batch File Obfuscation Incident

An Introduction to Batch File Obfuscation

Passwords: Common Mistakes, Best Practices & Tips

“Your Site Has Been Hacked” – Fraud Attempt or Reality?

Threat Hunting in Azure Active Directory and Microsoft 365

ISO/IEC 27001: What Has Changed and What Does It Mean for Your Company?

Vulnerability Scanners and How to Protect Your Company From and With Them

Penetration Testing vs. Bug Bounty Programs – What Are the Differences?

Cybersecurity: Guarding Against Unauthorized Access

Emails are a Popular Entry Point for Attackers

Configuring a Protective Windows Firewall

The Five Best Cybersecurity Podcasts

The Differences Between Penetration Test and Red Teaming

BloodHound – Tracking Down Vulnerabilities in Active Directory

Live Operating Systems – Useful Helpers

Become a Proven Web App Penetration Tester With the Web Security Academy

DFIR, Simple: Track Ransomware Attacks

BGP Hijacking – Data on the Run

Alert Fatigue – Risks and Measures

Your contact for cyber emergencies

Your security is our top priority – our specialists provide you with professional support.