For reasons of discretion, we do not list the names of our clients. However, we will be pleased to provide references and letters of recommendation following consultation with the organizations concerned.
Attackers use batch files to automate and speed up their work because they allow the execution of multiple commands. This way, the attacker does not need to provide any manual input but just needs to execute the malicious script on the victim’s system.
(more…)Batch files are an essential tool many users and administrators use to perform automated tasks. However, attackers also use these batch files to execute malicious commands on a system. To avoid detection by antivirus software, batch files are obfuscated.
(more…)May 4, 2023 is World Password Day. This day takes place every year on the first Thursday in May and aims to raise awareness about the importance of secure passwords. The aim is to educate about best practices in password management and encourage people to take steps to improve the security of their online accounts.
(more…)As Microsoft services move to the cloud, Azure Active Directory (Azure AD) and Microsoft 365 (M365) are becoming popular targets for attackers. Threat hunting can help uncover signs of compromise early on.
(more…)Vulnerability scanners are often used during security audits. The goal: to be one step ahead of the cybercriminals!
(more…)Learn about the most common initial attack vectors and their protection recommendations.
(more…)Attackers often use emails to gain initial access to a company. They do this by attaching malicious attachments or links to the emails, ultimately placing malware on the victim’s system.
(more…)A bug bounty program and a penetration test are both important measures to improve the security level of a system. However, there are important differentiators between the two that need to be understood before deciding which one to use.
(more…)Configuration of a local Windows firewall and what and how it can protect against.
(more…)PDF (Portable Document Format) files are used on a daily basis both in the working world and by private individuals. This also makes them a popular tool for cybercriminals to use in phishing attacks. They allow direct execution of scripts that can reload additional malware.
(more…)Penetration test and red teaming are cybersecurity terms. But what exactly is red teaming? And what is a penetration test all about? What are the differences between the two terms?
(more…)A modern Active Directory environment consists of many different components. There are clients, servers, databases, users, applications and much more. It is easy to lose track of everything (especially as a Red Team). The BloodHound tool can help here.
(more…)What are the most common security vulnerabilities in web applications? What does an attacker need to do to find and exploit them? And how can developers protect their web applications against them? Answers to these questions as well as practical hands-on examples are provided by PortSwigger’s Web Security Academy.
(more…)Ransomware has long been on everyone’s mind and part of daily news coverage. Oneconsult’s Digital Forensics and Incident Response specialists are regularly asked to present background information on such cyber attacks, discuss them and address the current threat situation. A central element is to show that all industries, company sizes and private individuals are affected by ransomware attacks and the associated risks.
(more…)by Gregor Wegberg
During the investigation of successful ransomware attacks, among other things, the logs of the antivirus programs in use are collected and analyzed.
(more…)Black Friday and Cyber Monday are not only popular with shoppers, but also with fraudsters. Here are 10 tips on how to protect yourself from such scams.
(more…)Is your company protected against cyberattacks? Have you implemented protective measures, but can’t determine exactly whether they are sufficient and also achieve the desired effect, or where there may still be a need?
(more…)IoTGoat is intentionally vulnerable software, like that found on routers for example.
(more…)It happens quite often that private individuals or companies receive different types of extortion letters via various digital communication channels, first and foremost by email.
(more…)Data leaks – incidents where unauthorized people have gained access to data collections – happen again and again. To prevent user passwords from being compromised in such a case, it is important that they are not simply stored in plain text. Instead, they should always be stored only “hashed”. This article explains which hash functions are suitable for this purpose.
(more…)by Gregor Wegberg
With so many various forms of IT incidents around, it is essential to know the right people and partners and to be able to contact them promptly when the first IT systems do not behave as expected. We regularly experience the positive impact that a simple contact list of key persons and partners which has been prepared in advance has on the course of information security incidents.
(more…)No results found.
Don’t miss anything! Subscribe to our free newsletter.
Availability Monday to Friday 8:00 a.m. – 12:00 p.m. and 1:00 p.m. – 5:00 p.m (exception: customers with SLA – please call the 24/7 IRFA emergency number).
Private individuals please contact your trusted IT service provider or the local police station.
For more information about our DFIR services here:
