How to use blockchain technology to secure forensic evidence

On 21. Jan 2020

SEC Consult has been observing the development and application possibilities of blockchain technologies for some time. These technologies could also be used in individual areas of security consulting. Within the scope of a recent research project, possible scenarios for the preservation of evidence after cyberattacks were examined in more detail.

Critical success factors for your ISO/IEC 27001 certification audit

On 8. Dec 2019

Are you planning to implement an ISMS in your organization? Don't forget to consider these two key success factors...

Winning the Interface War: Extracting Information from Electronic Devices with the SEC Xtractor

On 4. Dec 2019

We have just made the "SEC Xtractor" tool (SEC Consult's hardware exploitation and firmware extraction tool) open-source!

On 27. Nov 2019

...and honestly, this wasn't an easy feat! It took our working group (AG 001.77) – which I was honored to chair – more than two years from start to finish. At least a dozen security experts were active members of the group, bringing in their specific knowledge to the individual areas. At times it was a cumbersome but ultimately very fruitful endeavor.

Impressions from the NASA space apps challenge Vilnius

On 6. Nov 2019

SEC Consult is happy to support such an amazing initiative that encourages people to work on global problems to make the world a better place.

Vulnerability in EU cross-border authentication software (eIDAS Node)

On 29. Oct 2019

During a short crash test SEC Consult identified a critical vulnerability in the eIDAS-Node software component that could allow an attacker to impersonate any EU citizen.

Ready for the NISG & NISV? – Official requirements for dealing with security incidents

On 22. Sep 2019

With the NISV - the official regulation of the Network and Information System Security Ordinance- Austria has now laid down concrete network and information security requirements for providers of essential services within the framework of the Network and Information System Security Act (NISG).

Driving IoT growth in Asia

On 20. Sep 2019

IoT devices are infiltrating every aspect of our life and some of us probably can’t imagine spending a day without them anymore.

Global Cyberlympics 2019 – SEC Consult team “No Signal” is Top 2 of Asia

On 16. Sep 2019

SEC Consult team invited to compete at Global Cyberolympics World Finals in Canada.

Mailvelope: BSI improves Email security

On 22. Aug 2019

Mailvelope allows encryption, decryption or signing of e-mails directly in the browser as well as to perform a signature check on e-mails. In order to further improve and develop the browser extension, SEC Consult was tasked by the BSI to do a security test.

Page 1 of 912 3 ›»

Application & System security

Process & Organisation

Awareness & Training

Defense & Prevention

Cyber emergency? Call +49 30 398 2027 77

Cross-Site Request Forgery (CSRF) in Umbraco CMS

Reflected XSS in ZOHO ManageEngine ServiceDeskPlus

File Extension Spoofing in Windows Defender Antivirus