For reasons of discretion, we do not list the names of our clients. However, we will be pleased to provide references and letters of recommendation following consultation with the organizations concerned.
In the current issue 01/2022 of iX you can read two articles written by Oneconsult AG employees.
(more…)Penetration testers use their hacking skills to help organizations protect themselves from cyber criminals.
(more…)by Fabian Murer
On 9 December 2021, a vulnerability (CVE-2021-44228) in the popular Java library Log4j was published.
(more…)In an article published in Bilan, Tobias Ellenberger, COO Oneconsult AG, together with Steven Meyer, CEO of Zendata, provides insight into the usual course of a ransomware attack, how the cybercriminals typically behave in the process, and the strategies he employs in his role as negotiator.
(more…)The former Oneconsult Deutschland GmbH becomes Oneconsult Deutschland AG. The conversion has already been completed.
(more…)In the current issue 09/2021 of iX magazine, Gregor Wegberg, Head of Digital Forensics & Incident Response, presents further features of the “Kroll Artifact Parser and Extractor” (KAPE) in his IT forensics tutorial series: Cybercriminals often use manipulated malicious websites or files to gain initial access to a system for an attack. This leaves traces in the browsing history that can be analyzed using KAPE to determine where and when an attack began.
(more…)
Small and medium-sized enterprises (SMEs) are a popular target for cybercriminals. In the current isssue 07/2021 of Applica (available in German only), a magazine issued by the Swiss Painting and Plastering Contractor Association (SMGV), Tobias Ellenberger, COO Oneconsult AG & Vice Chairman Oneconsult International AG, provides an insight into the background and frequent attack methods and details protective measures for SMEs – as the impact of a successful cyber attack can be devastating.
(more…)
The current issue 08/2021 of iX magazine features two cover topics from Oneconsult’s DFIR team (Digital Forensics & Incident Response): In part 10 of the Active Directory article series, Fabian Murer, Senior Digital Forensics & Incident Response Specialist, explains how logs efficiently complement hardening measures, which have already been implemented, to detect potential attacks in a timely manner.
(more…)The current issue 07/2021 of iX magazine launches a new IT forensics tutorial series, in which Gregor Wegberg, Head of Digital Forensics & Incident Response, provides a detailed introduction to the Kroll Artifact Parser and Extractor (KAPE) in a total of four articles. KAPE is used in information security incidents to quickly gather relevant information for IT forensic analysis, which can then be used as the basis for assessing and managing the incident.
(more…)
In the current issue 2021/06 of Swiss IT Magazine featuring security audits as central topic, a company for which Oneconsult performed such an audit shares its experiences. Moreover, the magazine contains a market overview with selected security audit providers, in which Oneconsult is also represented.
(more…)
In the current issue 06/2021 of iX magazine, Marco Wohler, Head of IT, continues the previous article in the series and explains additional measures that help secure the Active Directory.
(more…)
by Nadia Meichtry
On Patch Tuesday in May 2021, Microsoft fixed a total of 55 vulnerabilities in various Windows versions and applications. [1] Patch Tuesday occurs on the second Tuesday of each month. On this day, Microsoft releases patches or updates for their systems and products. [2]
Microsoft has classified CVE-2021-31166 as particularly dangerous. This remote code execution (RCE) vulnerability has a CVSS (Common Vulnerability Scoring System) score of 9.8 out of 10, affecting Windows 10 versions 2004 and 20H2 and Windows Server versions 2004 and 20H2. [3] A proof of concept for this vulnerability was published on 16 May 2021. [4]
[read the German article]
The eigth part of the article series, which is available in the 05/2021 issue of iX magazine, looks at Active Directory (AD) security from a new perspective: While the previous articles of the series dealt with possible attacks on the AD, Marco Wohler, Head of IT, now describes hardening measures that system administrators can use to increase the security of the Active Directory and protect it against such attacks.
(more…)
The number of cyber attacks is steadily increasing. Once again, this is proven in the current issue of Zürichsee-Zeitung (30 March 2021, available in German only) featuring a family business that has been targeted by cybercriminals: A ransomware attack temporarily shut down their entire operation.
(more…)SMEs are increasingly targeted by cybercriminals. In the current issue of “Meine Firma”, AXA’s customer magazine for SMEs, the head of an architecture firm, that was exposed to a ransomware attack, shares his experience. Tobias Ellenberger, COO Oneconsult AG & Vice Chairman Oneconsult International AG, assesses the situation from the perspective of a cybersecurity expert and explains why such incidents are not uncommon.
(more…)
In the current issue 04/2021 of iX magazine, Yves Kraft, Branch Manager Bern and Senior Penetration Tester & Security Consultant, and Frank Ully, CTO Oneconsult Deutschland GmbH, continue the series of articles on Active Directory security.
(more…)by Nadia Meichtry
Four zero-day vulnerabilities in Microsoft’s Exchange email solution have been fixed through updates released by Microsoft on 2 March 2021. This affects Microsoft Exchange Server, but not Exchange Online. [1]
(more…)by Nadia Meichtry
On 23 February 2021, VMware published a Security Advisory. It indicates that VMware vCenter Server is vulnerable to an RCE (Remote Code Execution) vulnerability that has been rated critical.
(more…)In the latest issue of iX magazine (02/2021) you can find the next part of the series of articles about Active Directory security by Frank Ully, Chief Technical Officer of Oneconsult Deutschland GmbH. The sixth article picks up on the last (iX 12/2020) and penultimate (iX 11/2020) article of the series and describes further ways for attackers to gain higher privileges in the Active Directory beyond the possibilities explained so far.
(more…)
No results found.
Don’t miss anything! Subscribe to our free newsletter.
Private individuals please contact your trusted IT service provider or the local police station.
For more information about our DFIR services here:
