Patch Immediately: Critical Vulnerability in SAP® ABAP systems (CVE-2020-6262)

On 13. May 2020

SEC Consult Vulnerability Lab discovered a critical code injection vulnerability (CVE-2020-6262) with a CVSSv3 Score of 9.9 in SAP® Service Data Download (a part of the SAP® Solution Manager Plugin ST-PI).

First Virtual OWASP Vienna Chapter Meeting: Secure Software Development with OWASP SAMM

On 23. Apr 2020

On 2020-04-20, the first virtual meeting of the OWASP Vienna chapter took place. I (Thomas Kerbl - SEC Consult) was invited to talk about my experiences with Secure Software Development based on OWASP SAMM, the Security Assurance Maturity Model.

IT Security in the home office – what should be considered?

On 5. Apr 2020

You have certainly read some articles with very good recommendations on IT security in the home office over the last few days. We have also looked at these articles and would like to add a few more helpful points.

TIBER-DE: SEC Consult helps the financial sector to strengthen its cyber-resilience

On 24. Mar 2020

Realistic attack simulation with Red Teaming

Corona crisis: SEC Consult is still there for all customers

On 17. Mar 2020

Are you the victim of a cyber attack and need help in the short term? Use our emergency hotline to talk to one of our SEC Defence experts directly.

IT Security in times of the Coronavirus is both different and diverse

On 16. Mar 2020

The security risks of Home-Office, VPNs, teleworking and desktop virtualization during a crisis.

Corona Virus and unintentional cyber consequences

On 13. Mar 2020

For the foreseeable future and against the background of the current Covid-19 situation, increased reliance on electronic communications systems will be essential to the well-being of the people in organizations.

SEC Consult goes Bochum: Security specialist opens new office in German “Capital of IT Security

On 9. Mar 2020

With the opening of a new office location in Bochum, SEC Consult is expanding its presence in Germany and responding to the increasing demand for IT security checks and for the professional analysis of software for critical security gaps.

The impact on security testing for DevOps-driven applications

On 10. Feb 2020

DevOps is well on the way to becoming the primary development approach for all CI / CD-compatible applications, especially for mobile apps and web services. Ulrich Fleck (Chief Revenue Officer, SEC Consult Group) explains what is important.

How to use blockchain technology to secure forensic evidence

On 21. Jan 2020

SEC Consult has been observing the development and application possibilities of blockchain technologies for some time. These technologies could also be used in individual areas of security consulting. Within the scope of a recent research project, possible scenarios for the preservation of evidence after cyberattacks were examined in more detail.

Page 1 of 1012 3 ›»

Application & System security

Process & Organisation

Awareness & Training

Defense & Prevention

Cyber emergency? Call +49 30 398 2027 77

Multiple XSS vulnerabilities in TAO Open Source Assessment Platform

Authenticated Command Injection in Phoenix Contact TC Router & TC Cloud Client

Multiple Cross-site Scripting (XSS) Vulnerabilities in PHP-Fusion CMS