Blog
Informative, up-to-date and exciting – the Oneconsult Cybersecurity Blog.

Cybersecurity Blog

Browse through exciting articles, current news and helpful tips & tricks from our experts on all aspects of cybersecurity.

Live Operating Systems – Useful Helpers

Computers often have strange behavior that cannot always be explained right away. Just because a laptop worked flawlessly the night before does not mean that problems won’t pop up out of nowhere the next day. In most cases, these are minor problems that can be solved quickly. However, it can also happen that the computer suddenly does not boot up at all and hangs during startup.

MORE

Become a Proven Web App Penetration Tester With the Web Security Academy

What are the most common security vulnerabilities in web applications? What does an attacker need to do to find and exploit them? And how can developers protect their web applications against them? Answers to these questions as well as practical hands-on examples are provided by PortSwigger’s Web Security Academy.

MORE

DFIR, Simple: Track Ransomware Attacks

Ransomware has long been on everyone’s mind and part of daily news coverage. Oneconsult’s Digital Forensics and Incident Response specialists are regularly asked to present background information on such cyber attacks, discuss them and address the current threat situation. A central element is to show that all industries, company sizes and private individuals are affected by ransomware attacks and the associated risks.

MORE

BGP Hijacking – Data on the Run

From time to time, ships are blown off course, wrecked or, in the worst case, sink together with their cargo. The same can happen to the data that is sent over the Internet every day: It can deviate from its usual route and reach its destination in a big detour, but it can also end up with the wrong recipient altogether and thus be lost to the actual target – usually unintentionally, but in some cases also intentionally.

MORE
Alert Fatigue

Alert Fatigue – Risks and Measures

Alert fatigue refers to the phenomenon of cyber analysts being overloaded by the high number of alerts issued by security tools. This can lead to analysts overlooking or even ignoring alerts that indicate real attacks in the flood of false positives. This puts the security of the company in question at risk. Find out what the exact risks are and what measures you can take against them here.

MORE

Easily Avoid Typical TLS Misconfigurations

The main goal of Transport Layer Security (TLS) is to ensure confidentiality and integrity of communication channels. To meet this goal, servers should always be configured so that only cryptographic blocks recognized as “secure” can be used for TLS connections.

MORE

How To Measure Information Security

Is your company protected against cyberattacks? Have you implemented protective measures, but can’t determine exactly whether they are sufficient and also achieve the desired effect, or where there may still be a need?

MORE

How to Store Passwords Securely

Data leaks – incidents where unauthorized people have gained access to data collections – happen again and again. To prevent user passwords from being compromised in such a case, it is important that they are not simply stored in plain text. Instead, they should always be stored only “hashed”. This article explains which hash functions are suitable for this purpose.

MORE
gpo-hardening-baseline-titelbild

GPO Hardening: Most Important GPO Settings

Hardening IT systems is an important topic in cybersecurity. Many companies that are new to it are confronted with security incidents. Oneconsult’s Incident Response Team is dedicated to helping organizations manage such incidents.

MORE

DFIR, Simple: Behind the Link – a Look Into the Dark

Unwanted emails, SMS and other digital messages, also known as “spam”, are tiresome and unpleasant but also part of our everyday digital life. Nowadays, we all regularly receive unwanted messages (spam) that are not just advertising, but deliberately try to trick us into an action that can have far-reaching consequences.

MORE
Malware analysis – Basics

Malware analysis – Basics

Malware has become a common word understood by the average person. Whether it’s in the media, through fellow users, or because one’s own anti-virus software sets off an alarm, the term is regularly brought back into consciousness.

MORE

Buzzword “APT” – Are you ready for common threats?

APTs have a lot of media coverage, especially when a well-known organization became its victim and the resulting damage is huge. However, the threats most companies face on a daily basis were not deployed by powerful organizations but by common cyber criminals that are mostly interested in earning money not knowledge. This article gives advice on effective countermeasures.

MORE

What3(Pass)Words – create passwords from places

Despite many known weaknesses and problems, passwords are ubiquitous. A new service, normally intended for geo-addressing, can be used to generate (reasonable) secure, easy to remember passwords. This article covers the mathematical basics as well as the pros and cons of this approach.

MORE

Don’t miss anything! Subscribe to our free newsletter.

Your security is our top priority – our specialists provide you with professional support.

Availability Monday to Friday 8:00 a.m. – 6:00 p.m (exception: customers with SLA – please call the 24/7 IRR emergency number).

Private individuals please contact your trusted IT service provider or the local police station.

For more information about our DFIR services here:

QR_CSIRT_2022_EN@2x
Add CSIRT to contacts