References
More than 400 organizations from all industries trust our vendor- and product-independent cybersecurity services.

Developing impact through consulting and realization

For reasons of discretion, we do not list the names of our clients. However, we will be pleased to provide references and letters of recommendation following consultation with the organizations concerned.

New iX With Part 3 of the IT Forensics Tutorial on KAPE

In the current issue 09/2021 of iX magazine, Gregor Wegberg, Head of Digital Forensics & Incident Response, presents further features of the “Kroll Artifact Parser and Extractor” (KAPE) in his IT forensics tutorial series: Cybercriminals often use manipulated malicious websites or files to gain initial access to a system for an attack. This leaves traces in the browsing history that can be analyzed using KAPE to determine where and when an attack began.
(more…)

One Step Ahead of the Cybercriminals – Article for SMEs in “Applica” Magazine

Small and medium-sized enterprises (SMEs) are a popular target for cybercriminals. In the current isssue 07/2021 of Applica (available in German only), a magazine issued by the Swiss Painting and Plastering Contractor Association (SMGV), Tobias Ellenberger, COO Oneconsult AG & Vice Chairman Oneconsult International AG, provides an insight into the background and frequent attack methods and details protective measures for SMEs – as the impact of a successful cyber attack can be devastating.
(more…)

iX 07/2021 With New IT Forensics Tutorial

The current issue 07/2021 of iX magazine launches a new IT forensics tutorial series, in which Gregor Wegberg, Head of Digital Forensics & Incident Response, provides a detailed introduction to the Kroll Artifact Parser and Extractor (KAPE) in a total of four articles. KAPE is used in information security incidents to quickly gather relevant information for IT forensic analysis, which can then be used as the basis for assessing and managing the incident.
(more…)

Remote Code Execution Vulnerability in Windows 10 and Windows Server – CVE-2021-31166

by Nadia Meichtry

On Patch Tuesday in May 2021, Microsoft fixed a total of 55 vulnerabilities in various Windows versions and applications. [1] Patch Tuesday occurs on the second Tuesday of each month. On this day, Microsoft releases patches or updates for their systems and products. [2]

Microsoft has classified CVE-2021-31166 as particularly dangerous. This remote code execution (RCE) vulnerability has a CVSS (Common Vulnerability Scoring System) score of 9.8 out of 10, affecting Windows 10 versions 2004 and 20H2 and Windows Server versions 2004 and 20H2. [3] A proof of concept for this vulnerability was published on 16 May 2021. [4]
[read the German article]

New Article From Active Directory Series in 05/2021 Issue of iX Magazine

The eigth part of the article series, which is available in the 05/2021 issue of iX magazine, looks at Active Directory (AD) security from a new perspective: While the previous articles of the series dealt with possible attacks on the AD, Marco Wohler, Head of IT, now describes hardening measures that system administrators can use to increase the security of the Active Directory and protect it against such attacks.
(more…)

Article on Underestimated Cyber Risks in AXA’s Customer Magazine “Meine Firma”

SMEs are increasingly targeted by cybercriminals. In the current issue of “Meine Firma”, AXA’s customer magazine for SMEs, the head of an architecture firm, that was exposed to a ransomware attack, shares his experience. Tobias Ellenberger, COO Oneconsult AG & Vice Chairman Oneconsult International AG, assesses the situation from the perspective of a cybersecurity expert and explains why such incidents are not uncommon.
(more…)

New Article From Active Directory Series in Current Issue 02/2021 of iX Magazine

In the latest issue of iX magazine (02/2021) you can find the next part of the series of articles about Active Directory security by Frank Ully, Chief Technical Officer of Oneconsult Deutschland GmbH. The sixth article picks up on the last (iX 12/2020) and penultimate (iX 11/2020) article of the series and describes further ways for attackers to gain higher privileges in the Active Directory beyond the possibilities explained so far.
(more…)

No results found.

Don’t miss anything! Subscribe to our free newsletter.

Your security is our top priority – our specialists provide you with professional support.

Private individuals please contact your trusted IT service provider or the local police station.

For more information about our DFIR services here:

qr_code_emergency_2022
Add CSIRT to contacts