For reasons of discretion, we do not list the names of our clients. However, we will be pleased to provide references and letters of recommendation following consultation with the organizations concerned.
Batch files are an essential tool many users and administrators use to perform automated tasks. However, attackers also use these batch files to execute malicious commands on a system. To avoid detection by antivirus software, batch files are obfuscated.
(more…)The international standard ISO/IEC 27001 is a fundamental standard for information security. It defines requirements for establishing, implementing, and maintaining an information security management system (ISMS) and serves as the basis for certification.
(more…)When you think of going on holiday, the first thing that comes to mind is relaxation. You leave the stress of everyday life behind and just want to enjoy the days off. Unfortunately, even on holiday you are not safe from scammers, and awareness is key in protecting yourself.
(more…)Configuration of a local Windows firewall and what and how it can protect against.
(more…)Do you like listening to podcasts? Get to know the best five cyber security podcasts.
(more…)Penetration test and red teaming are cybersecurity terms. But what exactly is red teaming? And what is a penetration test all about? What are the differences between the two terms?
(more…)In the cover story of the latest issue 04/2022 of iX magazine, Frank Ully, Head of Research, takes a closer look at the security of the Azure Active Directory identity service, which is a popular target for attackers.
(more…)The Top 10 by OWASP (Open Web Application Security Project) show the ten most critical security vulnerabilities of web applications.
(more…)From time to time, ships are blown off course, wrecked or, in the worst case, sink together with their cargo. The same can happen to the data that is sent over the Internet every day: It can deviate from its usual route and reach its destination in a big detour, but it can also end up with the wrong recipient altogether and thus be lost to the actual target – usually unintentionally, but in some cases also intentionally.
(more…)Alert fatigue refers to the phenomenon of cyber analysts being overloaded by the high number of alerts issued by security tools. This can lead to analysts overlooking or even ignoring alerts that indicate real attacks in the flood of false positives. This puts the security of the company in question at risk. Find out what the exact risks are and what measures you can take against them here.
(more…)In the current issue 01/2022 of iX you can read two articles written by Oneconsult AG employees.
(more…)Penetration testers use their hacking skills to help organizations protect themselves from cyber criminals.
(more…)by Fabian Murer
On 9 December 2021, a vulnerability (CVE-2021-44228) in the popular Java library Log4j was published.
(more…)In an article published in Bilan, Tobias Ellenberger, COO Oneconsult AG, together with Steven Meyer, CEO of Zendata, provides insight into the usual course of a ransomware attack, how the cybercriminals typically behave in the process, and the strategies he employs in his role as negotiator.
(more…)The former Oneconsult Deutschland GmbH becomes Oneconsult Deutschland AG. The conversion has already been completed.
(more…)In the current issue 09/2021 of iX magazine, Gregor Wegberg, Head of Digital Forensics & Incident Response, presents further features of the “Kroll Artifact Parser and Extractor” (KAPE) in his IT forensics tutorial series: Cybercriminals often use manipulated malicious websites or files to gain initial access to a system for an attack. This leaves traces in the browsing history that can be analyzed using KAPE to determine where and when an attack began.
(more…)
Small and medium-sized enterprises (SMEs) are a popular target for cybercriminals. In the current isssue 07/2021 of Applica (available in German only), a magazine issued by the Swiss Painting and Plastering Contractor Association (SMGV), Tobias Ellenberger, COO Oneconsult AG & Vice Chairman Oneconsult International AG, provides an insight into the background and frequent attack methods and details protective measures for SMEs – as the impact of a successful cyber attack can be devastating.
(more…)
The current issue 08/2021 of iX magazine features two cover topics from Oneconsult’s DFIR team (Digital Forensics & Incident Response): In part 10 of the Active Directory article series, Fabian Murer, Senior Digital Forensics & Incident Response Specialist, explains how logs efficiently complement hardening measures, which have already been implemented, to detect potential attacks in a timely manner.
(more…)The current issue 07/2021 of iX magazine launches a new IT forensics tutorial series, in which Gregor Wegberg, Head of Digital Forensics & Incident Response, provides a detailed introduction to the Kroll Artifact Parser and Extractor (KAPE) in a total of four articles. KAPE is used in information security incidents to quickly gather relevant information for IT forensic analysis, which can then be used as the basis for assessing and managing the incident.
(more…)
No results found.
Don’t miss anything! Subscribe to our free newsletter.
Availability Monday to Friday 8:00 a.m. – 12:00 p.m. and 1:00 p.m. – 5:00 p.m (exception: customers with SLA – please call the 24/7 IRFA emergency number).
Private individuals please contact your trusted IT service provider or the local police station.
For more information about our DFIR services here:
