Informative, up-to-date and exciting – the Oneconsult Cybersecurity Blog.

New iX With Two Cover Topics From Oneconsult DFIR Team
(updated on: 29.12.2021)

The current issue 08/2021 of iX magazine features two cover topics from Oneconsult’s DFIR team (Digital Forensics & Incident Response): In part 10 of the Active Directory article series, Fabian Murer, Senior Digital Forensics & Incident Response Specialist, explains how logs efficiently complement hardening measures, which have already been implemented, to detect potential attacks in a timely manner.

Moreover, Gregor Wegberg, Head of Digital Forensics & Incident Response, continues his IT forensics tutorial series and demonstrates how “Kroll Artifact Parser and Extractor” (KAPE), which has been introduced in the first article of the tutorial, can be used to analyse Autoruns artefacts in order to determine whether an attacker or malware has gained persistence on a system after a successful attack.

Read Fabian Murer’s article (in German only) to learn why logs and their monitoring are essential for effective defense against potential attacks, which logs should be used for this purpose and how they are used:

In the second part of his IT forensics tutorial (in German only), Gregor Wegberg demonstrates how you can use KAPE and Autoruns to uncover typical mechanisms that attackers and malware often use to gain persistence on a system after a successful compromise:

Click here to view the full online issue of iX 08/2021 (available in German only).


Keine Beschreibung verfügbar.

Don’t miss anything! Subscribe to our free newsletter.

Your security is our top priority – our specialists provide you with professional support.

Availability Monday to Friday 8:00 a.m. – 6:00 p.m (exception: customers with SLA – please call the 24/7 IRR emergency number).

Private individuals please contact your trusted IT service provider or the local police station.

For more information about our DFIR services here:

Add CSIRT to contacts