Blog
Informative, up-to-date and exciting – the Oneconsult Cybersecurity Blog.

Cybersecurity News & Advisories Blog

In our Cybersecurity News & Advisories blog, we provide you with the latest information and important recommendations for action on the topic of cybersecurity. Here you will find regular updates on the latest threats, vulnerabilities and security gaps that could affect your company. Our experts analyse current developments, share practical tips and show you how you can respond to security alerts and minimise your risk.

header-das-informationssicherheitsgesetz-isg-des-bundes-schweiz

Overview of the Federal Information Security Act

With the Information Security Act* (Informationssicherheitsgesetz, ISG) coming into force on January 1, 2024, new standards for securing information and infrastructure were set in Switzerland. The law brings comprehensive innovation in the field of cybersecurity and strengthens the security of information and infrastructure at various levels, as well as cyber resilience in general. The ISG applies to both government authorities and private companies that are significant for the security of the federation. A particular focus is on operators of critical infrastructure. This article provides an overview of the main changes and requirements that the ISG brings.

MORE
Schnell und eifach den richtigen Passwortmanager finden

Quick and Easy Guide to Finding the Right Password Manager

In an increasingly digital world where the security of corporate data is a top priority, every organization faces the challenge of protecting sensitive information from cyber threats. We are all familiar with the dilemma of having to remember long and complex passwords.

MORE
SCION-–-Allheilmittel-gegen-DDoS-Angriffe

SCION – A Panacea Against DDoS Attacks?

So-called DDoS attacks (Distributed Denial of Service) on IT infrastructures are on the rise – even authorities and critical infrastructures are affected. Can the SCION technology developed in Switzerland prevent the shutdown of Internet services in the future?

MORE
SQL-Injection verstehen, erkennen und verhindern

SQL Injection: Detection and Prevention

SQL injections are a widespread type of vulnerability in websites, which have high damaging potential. This article is exactly about this type of injections and shows what they are, why they can occur and how they can be fixed.

MORE

Security in CI and CD: How to Master the OWASP Top 10 Risks

Continous Integration (CI) and Continous Deployment (CD) have become important components of software engineering in recent years. Automation enables development teams to deploy new features and updates quickly and efficiently. However, the use of CI/CD also poses some security risks that must be considered. The OWASP Top 10 CI/CD Security Risks provide an overview of the most common risks and suggests ways to overcome them.

MORE

Live Operating Systems – Useful Helpers

Computers often have strange behavior that cannot always be explained right away. Just because a laptop worked flawlessly the night before does not mean that problems won’t pop up out of nowhere the next day. In most cases, these are minor problems that can be solved quickly. However, it can also happen that the computer suddenly does not boot up at all and hangs during startup.

MORE

BGP Hijacking – Data on the Run

From time to time, ships are blown off course, wrecked or, in the worst case, sink together with their cargo. The same can happen to the data that is sent over the Internet every day: It can deviate from its usual route and reach its destination in a big detour, but it can also end up with the wrong recipient altogether and thus be lost to the actual target – usually unintentionally, but in some cases also intentionally.

MORE

Easily Avoid Typical TLS Misconfigurations

The main goal of Transport Layer Security (TLS) is to ensure confidentiality and integrity of communication channels. To meet this goal, servers should always be configured so that only cryptographic blocks recognized as “secure” can be used for TLS connections.

MORE

How to Store Passwords Securely

Data leaks – incidents where unauthorized people have gained access to data collections – happen again and again. To prevent user passwords from being compromised in such a case, it is important that they are not simply stored in plain text. Instead, they should always be stored only “hashed”. This article explains which hash functions are suitable for this purpose.

MORE

Buzzword “APT” – Are you ready for common threats?

APTs have a lot of media coverage, especially when a well-known organization became its victim and the resulting damage is huge. However, the threats most companies face on a daily basis were not deployed by powerful organizations but by common cyber criminals that are mostly interested in earning money not knowledge. This article gives advice on effective countermeasures.

MORE

Don’t miss anything! Subscribe to our free newsletter.

Your security is our top priority – our specialists provide you with professional support.

Availability Monday to Friday 8:00 a.m. – 6:00 p.m (exception: customers with SLA – please call the 24/7 IRR emergency number).

Private individuals please contact your trusted IT service provider or the local police station.

For more information about our DFIR services here:

QR_CSIRT_2022_EN@2x
Add CSIRT to contacts