earth space night dark closeup blue black

Year 2024

9 Articles

Specific Criticism of CVSSv4

Specific Criticism of CVSSv4

The new NIST Cybersecurity Framework

The new NIST Cybersecurity Framework - What has changed?

Ways of attacking Generative AI

Ways of attacking Generative AI

iOS Mobile Application Testing

iOS Mobile Application Testing - An Introduction

Reporting and Documenting

Reporting and Documenting - Unpopular and Yet So Important

Transition to OpenSearch

Transition to OpenSearch

From crisis to opportunity

From crisis to opportunity - learning from mistakes

Burp Bambdas & BChecks

Burp Bambdas & BChecks - Innovations in recent months

Cyber threats under geopolitical factors

Cyber threats under geopolitical factors

nature fields rice aerial green

Year 2023

40 Articles

scip Cybersecurity Forecast

scip Cybersecurity Forecast - Predictions for 2024

Credential Tiering

Credential Tiering - The Value of Segregation

Disk Cloning

Disk Cloning - How to create a clone of a hard drive

Open Source Intelligence Investigation

Open Source Intelligence Investigation

Software-Defined Networking

Software-Defined Networking - Thoughts on Security

Flipper Zero WiFi Devboard

Flipper Zero WiFi Devboard - Customize and compile firmware

Introduction of CVSS v4.0

Introduction of CVSS v4.0 - More Effort Than Benefit?

Human and AI Art

Human and AI Art

Voice Authentication

Voice Authentication - Risks of the Biometric Approach

XML Injection

XML Injection - Attack possibilities and countermeasures

Credential Tiering

Credential Tiering - The Value of Segregation (Part 1)

The BIOS

The BIOS - History and Hardening Options

Chatbot-Scams

Chatbot-Scams - Stealing personal information

Bug Bounty

Bug Bounty - Challenge for Companies

Graylog v5

Graylog v5 - Using Sigma Rules

Rogue Device

Rogue Device - Remote Control and Data Encryption

Conversational Commerce

Conversational Commerce: The rise of artificial sales agents

Denial of Service Attacks

Denial of Service Attacks - A summary

Burp Macros

Burp Macros - How to use them correctly

Hardware-Keylogger

Hardware-Keylogger - Behind the Keyboard

IT forensics

IT forensics - Analysis of Videos

IT forensics

IT forensics - Analysis of Images and Documents

auditd

auditd - Configure for Compliance

Breach and Leak

Breach and Leak - Guilt and Atonement of Affected Companies

Windows LAPS

Windows LAPS - Local Admin Password Management Revised

ChatGPT & Co.

ChatGPT & Co.

System Log Monitoring

System Log Monitoring - A Useful Minimal Solution

WebSocket Fuzzing

WebSocket Fuzzing - Development of a Fuzzer

Outsmarting the Watchdog

Outsmarting the Watchdog

Security Frameworks

Security Frameworks - Our Experience

Modern Chatbots

Modern Chatbots - Advanced Dangers and Risks

TEDxBoston Countdown to AGI

TEDxBoston Countdown to AGI - Insights from the event

Autonomous Weapon Systems

Autonomous Weapon Systems - Existential Threat?

Flipper Zero

Flipper Zero - Attack on Wireless Peripherals

Microsoft Intune

Microsoft Intune - Impact on Defender Configuration Analysis

Data Transfer with SSID

Data Transfer with SSID - An Experiment

About M3gan

About M3gan

Prototype Pollution

Prototype Pollution - A JavaScript Attack Technique

Hidden Dangers of Phishing Attacks

Hidden Dangers of Phishing Attacks - Don't Get Hooked

OpenAI ChatGPT

OpenAI ChatGPT - Our New Playmate

lighthouse clouds sea dark

Year 2022

39 Articles

scip Cybersecurity Forecast

scip Cybersecurity Forecast - Predictions for 2023

Bitcoin Lightning Network

Bitcoin Lightning Network - Future of payments?

Vagrant

Vagrant - A Burp Suite VM To Go, Please

Flipper Zero

Flipper Zero - What Can the Little Hacking Tamagotchi Do

Network Time Security

Network Time Security - Securing NTP Against MITM Attacks

Trust Paradox

Trust Paradox

Windows Installer Security

Windows Installer Security - A Look at MSI Files

Browser-Powered Request Smuggling

Browser-Powered Request Smuggling

Microsoft Cloud Security

Microsoft Cloud Security

Russia-Ukraine conflict

Russia-Ukraine conflict

Lattice-Based Cryptography

Lattice-Based Cryptography

OAuth 2.0 Flows

OAuth 2.0 Flows

Executable Categorization

Executable Categorization

Web Proxy with Kerberos

Web Proxy with Kerberos - A Basic Configuration Guide

Conversational AI

Conversational AI - More than Just a Tool?

Analysis of Mobile Apps

Analysis of Mobile Apps - An Introduction

Multi-Party Computation

Multi-Party Computation - The Productive Side of Security

Home Automation

Home Automation - The Way to a Fully Automated House

Without Yesterday, No Tomorrow

Without Yesterday, No Tomorrow

HTTP/2 Request Smuggling

HTTP/2 Request Smuggling - An Introduction

Attack Path Analysis

Attack Path Analysis - Gain Advantage over Adversaries

Data Theft

Data Theft - Gap in the Swiss Criminal Code?

Vulnerability of Humans and Machines

Vulnerability of Humans and Machines - A Paradigm Shift

RSA Versus Quantum

RSA Versus Quantum

Web Cache Poisoning

Web Cache Poisoning - Not only a Theoretical Attack

USB Armory Drive

USB Armory Drive - Portable Mass Storage Encryption

Forced Authentication

Forced Authentication

nmapAutomator

nmapAutomator - Helper script for using nmap

Information Security Risk Management

Information Security Risk Management - A Hands-on Approach

Request Smuggling

Request Smuggling - Description and Procedure for Testing

Honeytokens

Honeytokens - Playing Minesweeper with Adversaries

Cyber War

Cyber War - How Technology wins Wars

Cyber-Terrorism

Cyber-Terrorism - A Danger for Switzerland?

Network Provider

Network Provider - Sneaky alternative to extract credentials

Increase Security in the Home Network

Increase Security in the Home Network - An Overview

Seccomp-bpf

Seccomp-bpf - Use Syscalls Filters to Contain Containers

Monero

Monero - Privacy Features Overview

OWASP Maryam

OWASP Maryam - Iintroduction to the OSINT tool

Human and Machine Agency

Human and Machine Agency - Power to Whom

shell closeup center

Year 2021

40 Articles

scip Cybersecurity Forecast

scip Cybersecurity Forecast – Predictions for 2022

Sealing of Evidence in Criminal Proceedings

Sealing of Evidence in Criminal Proceedings

Attacks via Peripheral Devices

Attacks via Peripheral Devices

Reverse Engineering

Reverse Engineering

Sandboxing Containers

Sandboxing Containers - Run Untrusted Code in a Container

Artificial Intelligence

Artificial Intelligence - No Trust, no Use?

Attacks against Miracast

Attacks against Miracast

OTPs as Second Factor

OTPs as Second Factor - Strengths and Weaknesses

JWT Issues

JWT Issues - Using JWTs as Session Tokens

CIS Controls

CIS Controls - What is new in version 8

Ransomware Detection, Defense, and Analysis

Ransomware Detection, Defense, and Analysis

Trustworthy AI

Trustworthy AI - Can Laws build Trust in AI?

Farewell NTLM

Farewell NTLM - It is time to disable NTLM

The Secure Use of IoT Protocols

The Secure Use of IoT Protocols - An Introduction

SQLite forensic's notes

SQLite forensic's notes - Make sure Delete is Delete

SSLv3 Attacks

SSLv3 Attacks - Padding Oracle Basics

FONES Minimum Standard

FONES Minimum Standard

Passwordless Authentication

Passwordless Authentication - An Introduction

Data Markets

Data Markets - Collecting and Analyzing Passwords

Transport Layer Security

Transport Layer Security - What is New

Diversify AI

Diversify AI - Switzerland wants more Diversity in AI

ContainerKitty

ContainerKitty - Automated scanning of container images

Programming Language Go

Programming Language Go

Microsoft365DSC

Microsoft365DSC

Third-Party Cookies

Third-Party Cookies

OWASP Core Rule Set

OWASP Core Rule Set - An overview for reviews

Anthropomorphism

Anthropomorphism - Why we see the human in nonhuman agents

Data Leakage Prevention

Data Leakage Prevention - Tilting at Windmills

Password Leak Analysis

Password Leak Analysis - Extensive Analysis of Passwords

WebSockets

WebSockets - Attack Techniques and Protection Measures

Online Tracking

Online Tracking - How does Tracking on the Internet work?

Deepfake Audio Text to Speech

Deepfake Audio Text to Speech - An Introduction

Qubes OS

Qubes OS - Usability in Windows Environments

totemomail

totemomail - An Auditor's Perspective

AI and Leadership

AI and Leadership - Stop or Go?

Webscraping with Powershell

Webscraping with Powershell - An Introduction

MITRE ATT&CK

MITRE ATT&CK - Flaws of the Standardization

HardeningKitty Score

HardeningKitty Score

Office 365 Teams Security

Office 365 Teams Security

Web-Shells

Web-Shells - An Overview

mountain cliff forest sunset

Year 2020

42 Articles

scip Cybersecurity Forecast

scip Cybersecurity Forecast – Predictions for 2021

IT Security Tips

IT Security Tips - How to be Safe Online

HTTP Response Header

HTTP Response Header

Crypto Malware

Crypto Malware - An Increasing Threat?

TIBER-EU Framework

TIBER-EU Framework - Threat intelligence-based Red Teaming

Trust and AI

Trust and AI - Three Wrong Questions

Data Encryption in the Cloud

Data Encryption in the Cloud

Cyber Threat Intelligence

Cyber Threat Intelligence - Early Anticipation of Attacks

HardeningKitty

HardeningKitty

Phishing Protection

Phishing Protection - SPF, DKIM, DMARC

GraphQL

GraphQL - Attack possibilities and countermeasures

KleptoKitty

KleptoKitty - Deploying Payloads and Collecting Credentials

SAML 2.0, OpenID Connect, OAuth 2.0

SAML 2.0, OpenID Connect, OAuth 2.0

Speaking versus typing

Speaking versus typing

Traffic Analysis with Windows Built-In Tools

Traffic Analysis with Windows Built-In Tools

Voice User Interfaces

Voice User Interfaces - Prototyping with Voiceflow

Preparing Offers

Preparing Offers

3D Printing

3D Printing - Downloading Weapons from the Internet

Logging

Logging - Using Timeseries Database

1080p? 4K? UHD? HDR?

1080p? 4K? UHD? HDR? - An overview in the display jungle

Voice User Interface Design

Voice User Interface Design - An Overview of Brand Personas

Server-Side-Request-Forgery

Server-Side-Request-Forgery

Linux Hardening

Linux Hardening - Eat Your Own Dog Food

Voice User Interface Strategy

Voice User Interface Strategy

Linux Bind Shell in Assembly

Linux Bind Shell in Assembly - A Walkthrough

Cisco WebEx Online Meeting Security

Cisco WebEx Online Meeting Security

PAS - The Perfect Automation Schema

PAS - The Perfect Automation Schema: Influencing Trust

Contact Tracing App DP3T

Contact Tracing App DP3T

Attack Surface Reduction Rules

Attack Surface Reduction Rules

Microsoft Teams Security

Microsoft Teams Security - Securing Your Virtual Meetings

Zoom Security

Zoom Security - Securing your virtual Meetings

Vulnerability Scanning Data

Vulnerability Scanning Data

SANS SEC503 Intrusion Detection In-Depth

SANS SEC503 Intrusion Detection In-Depth

Severities and Risks

Severities and Risks - Relations and Differences

Policy Analyzer

Policy Analyzer

AI & Trust

AI & Trust - Stop asking how to increase trust in AI

Social Engineering

Social Engineering

IT Security Policies

IT Security Policies - What We Expect From You

Hacking Artificial Intelligence

Hacking Artificial Intelligence

Detecting PPL Manipulation?

Detecting PPL Manipulation?

Standard Data Protection Model of the German Data Protection Agencies

Standard Data Protection Model of the German Data Protection Agencies

The Difficulties of Cyber Insurance

The Difficulties of Cyber Insurance

jail guard tower barbwire

Year 2019

40 Articles

scip Cybersecurity Forecast

scip Cybersecurity Forecast – Predictions for 2020

Security Automation

Security Automation - Opportunities and Risks

An Interdisciplinary Approach to Artificial Intelligence Testing

An Interdisciplinary Approach to Artificial Intelligence Testing

Local Security Authority

Local Security Authority – Keeping Secrets Safe

Challenges accompanying the daily routine

Challenges accompanying the daily routine

Zero Trust Model

Zero Trust Model - Never trust, always verify

Web Application Penetration Testing

Web Application Penetration Testing: An Introduction

The FONES Minimum Standard for improving ICT resilience

The FONES Minimum Standard for improving ICT resilience

iPhone Siri Self-Reference Exploiting

iPhone Siri Self-Reference Exploiting

Killer Robots

Killer Robots

Kernel-mode code signing

Kernel-mode code signing - A beginner's guide

SQL Injection

SQL Injection - A Summary of the Possibilities

Raspberry Pi Remote Access

Raspberry Pi Remote Access

Phishing

Phishing - A Never-Ending Story

Symmetric Encryption

Symmetric Encryption – An Introduction

Top Banking Trojans

Top Banking Trojans

Web Services as a Data Source in Splunk

Web Services as a Data Source in Splunk - A How-To Guide

Artificial Intelligence

Artificial Intelligence - Is it worth the risk?

Monitoring

Monitoring - Detecting Attacks with MITRE ATT&CK

Infosec Summer Reading List

Infosec Summer Reading List - 2019 Edition

Smart Homes

Smart Homes - Possibilities and Risiks

Deepfakes Analysis

Deepfakes Analysis - Impact of Calculation Time

Augmented Reality and Artificial Intelligence

Augmented Reality and Artificial Intelligence

The signed JSON Web Token

The signed JSON Web Token

Integrating the Cloud into Security

Integrating the Cloud into Security

eBPF

eBPF - A First Look

Data Breach Databases

Data Breach Databases - Lot of Incidents, just few Data

Security Operations Center

Security Operations Center - Prerequisite and Requirements

Good AI, Bad AI

Good AI, Bad AI

HSTS Preload as an Attack Vector

HSTS Preload as an Attack Vector

OWASP ASVS Version 4

OWASP ASVS Version 4

CIS CSAT

CIS CSAT - IT Security Assessment Tool

Deepfakes Analysis

Deepfakes Analysis

Social Engineering

Social Engineering – Spotlight on LinkedIn

HTTP Strict Transport Security

HTTP Strict Transport Security

Bypassing NAC

Bypassing NAC - A handy How-to Guide

Graylog V3

Graylog V3 - A long awaited Version

AI Stays True unto Us

AI Stays True unto Us - In Good and Bad Times

Smart Buildings and Smart Homes

Smart Buildings and Smart Homes

Incident Response Playbooks

Incident Response Playbooks

ball sphere mirror reflection city

Year 2018

42 Articles

scip Cybersecurity Forecast

scip Cybersecurity Forecast – Predictions for 2019

Security Predictions

Security Predictions - Dumb or Priceless? A closer look

Bash

Bash - How to use in Linux Command Injection

Deepfakes Analysis

Deepfakes Analysis - Amount of Images, Lighting and Angles

Asset Inventories

Asset Inventories – Making them sexy

Internet of Things

Internet of Things - Security in an IoT Solution

Image, Compliance, and Resistance

Image, Compliance, and Resistance - In the AI Context

Let's talk about Sextortion

Let's talk about Sextortion - Discussing the uprising Scheme

Artificial Intelligence Testing

Artificial Intelligence Testing

Kerberoasting

Kerberoasting - Stealing Service Account Credentials

Deepfakes

Deepfakes - An Introduction

Privileged Windows Accounts

Privileged Windows Accounts

Libero.it Password Leak

Libero.it Password Leak - An Analysis In-Depth

eSports

eSports - Professional Cheating in Computer Games

On Trust in AI

On Trust in AI - A Systemic Approach

DEF CON 26

DEF CON 26 - Hackers invade Las Vegas

The Sequel of HTTP Headers

The Sequel of HTTP Headers - Advanced Security Capabilities

Blind XPath Injection

Blind XPath Injection – Approach for Unknown Data Sets

Sending Windows Firewall Logs to Graylog

Sending Windows Firewall Logs to Graylog

macOS from the Terminal

macOS from the Terminal - Your System Security at a Glance

Consciousness and Artificial Intelligence

Consciousness and Artificial Intelligence

Area41

Area41 - Hackers in Zurich

Medical Robots and Safety

Medical Robots and Safety

Area41 Workshop

Area41 Workshop – A Look Behind the Scenes

Specialized Search Engines

Specialized Search Engines

Cloud Storage

Cloud Storage - Configuration Vulnerabilities

GDPR

GDPR - An IT Security Perspective

Excel Forensics

Excel Forensics - Detecting Activities without Track Changes

WebAuthn

WebAuthn - The Future of Web Authentication

Human Cognition and Artificial Intelligence

Human Cognition and Artificial Intelligence

Facebook

Facebook - The Social Network and Privacy

Car Hacking

Car Hacking - Analysis of the Mercedes Connected Vehicle API

Shares

Shares – The Gateway to Domains

Security Log Standard

Security Log Standard - Still an Open Question

Response Header Hardening

Response Header Hardening

Network Access Control

Network Access Control

Psychology of Artificial Intelligence

Psychology of Artificial Intelligence

More Data, More Responsbility

More Data, More Responsbility - Analysing the Strava Heatmap

Graphical User Interface Security

Graphical User Interface Security

DNS RPZ

DNS RPZ - Blocking and Changing Names

Microsoft Antimalware Scan Interface

Microsoft Antimalware Scan Interface

Artificial Intelligence

Artificial Intelligence - A Model for Humanity

razorblade sepia

Year 2017

40 Articles

scip Cybersecurity Forecast

scip Cybersecurity Forecast – Predictions for 2018

DOM based Cross Site Scripting

DOM based Cross Site Scripting

Domain Name System

Domain Name System – Introduction to Potential Attacks

Cyber insurance

Cyber insurance – benefits and uses

Information Security

Information Security - Three things you need to hear

Securing Email of your own Domain

Securing Email of your own Domain - SPF, DKIM and DMARC

BloodHound

BloodHound - Sniffing out domain admins

Docker

Docker - Continuous Build Security Assessment with Anchore

Security Testing

Security Testing - Options for Lateral Entry

Malware Development

Malware Development

Cross-site request forgery

Cross-site request forgery - Is CSRF dead?

In Defense of FaceID

In Defense of FaceID - The New Authentication of iOS

Artificial Intelligence

Artificial Intelligence

A Little Helper

A Little Helper – The PHP Command Shell

Firejail

Firejail - A Human Tool to Control Software

Penetration Tester

Penetration Tester - How to Define

Public Network-Level Discovery

Public Network-Level Discovery - Using Whois and DNS Probing

Data Loss Prevention

Data Loss Prevention – Are you blocking yet?

Local Administrator Password Solution

Local Administrator Password Solution

Personal Digital Assistants

Personal Digital Assistants - The Future of Ubiquitous AI

HackRF One Sweep Mode

HackRF One Sweep Mode - A quick Introduction

Anti-fraud in online services

Anti-fraud in online services

Aspects of cybercrime

Aspects of cybercrime

Ransomware

Ransomware - Should you pay up?

Bluetooth Low Energy

Bluetooth Low Energy - Pairing, GATT and More

The Shadow Brokers

The Shadow Brokers - The story so far

Docker

Docker - Continuous Build Security Assessment

Cybersecurity

Cybersecurity - Quo Vadis?

Security Development Lifecycle

Security Development Lifecycle

Corporate, IT and Security Governance

Corporate, IT and Security Governance - The Basics

Securing Twitter

Securing Twitter

Bluetooth

Bluetooth - Low Energy and High Visibility

Invoke-Mimikatz

Invoke-Mimikatz – Seven in One Go

Logging with Graylog

Logging with Graylog - A Technical Review

Rapid Risk Assessment

Rapid Risk Assessment

Exploit Market Forecasts

Exploit Market Forecasts – A Glimpse into the Future

European General Data Protection Regulation

European General Data Protection Regulation

Countermeasures in Penetration Testing

Countermeasures in Penetration Testing - And now?

Password Security

Password Security

Razor Code

Razor Code – Don't Cut Yourself

army helicopter swat team

Year 2016

41 Articles

scip Cybersecurity Forecast

scip Cybersecurity Forecast – Predictions for 2017

Windows 10 Client Hardening

Windows 10 Client Hardening

Secure Processing with SGX

Secure Processing with SGX - Tackling Risks in the Cloud

Using the NIST CSF for a Rapid Security Assessment

Using the NIST CSF for a Rapid Security Assessment

Merger & acquisition processes

Merger & acquisition processes – the security perspective

XSS is still my name

XSS is still my name

Future of information security

Future of information security - It needs to grow up

Credential and Device Guard

Credential and Device Guard – Is the tide turning?

Exploit pricing

Exploit pricing

Containing Containers

Containing Containers - Advantages and Risks

High-Secure Portable Storage - Part 2

High-Secure Portable Storage - Part 2: InterLock on Armory

Security Boards

Security Boards – structure, function and use

Healthy Paranoia

Healthy Paranoia - Simple Protection for End-User

Email Accounts

Email Accounts - Powerful Skeleton Keys

Content Security Policy

Content Security Policy – How hard can it be?

High-Secure Portable Storage

High-Secure Portable Storage - Part 1

Logging the Internet of Things

Logging the Internet of Things

CVSSv3 as a risk metric

CVSSv3 as a risk metric – a detailed view

Cyber Security

Cyber Security – Addressing Highly Dynamic Risks

Checklists or Scenarios

Checklists or Scenarios – That is the Question

Blockchain is the future

Blockchain is the future

RIPv6

RIPv6 - fail2ban failed to ban

Analysis of medical devices

Analysis of medical devices - A pragmatic approach

Software Without Brakes

Software Without Brakes

Implementing a Qubes OS productive laptop

Implementing a Qubes OS productive laptop

Securing Outdated or Unsupported Systems

Securing Outdated or Unsupported Systems

mHealth

mHealth - Mobile Opportunities

eHealth

eHealth - electronic health care services

Cross-Site Script Inclusion

Cross-Site Script Inclusion

PowerShell Monitoring

PowerShell Monitoring - Regain Control

Big Data, Artificial Intelligence & the Internet of Things

Big Data, Artificial Intelligence & the Internet of Things

HTTPS Bicycle Attack

HTTPS Bicycle Attack - An Overview

Data Centric Security using DRM infrastructure

Data Centric Security using DRM infrastructure

DRM/RMS

DRM/RMS – The next generation of rights management

Belkin WeMo Switch Communications Analysis

Belkin WeMo Switch Communications Analysis

Approach to Testing IoT Devices

Approach to Testing IoT Devices

Not Only Terrorists Have Something to Hide

Not Only Terrorists Have Something to Hide

Background to the Labs Book

Background to the Labs Book

Inglorious Headers

Inglorious Headers

Darknet

Darknet - A Look at the Virtual Black Market

OPSEC

OPSEC - History and Basics

phone booth dialpad telekom

Year 2015

50 Articles

scip IT Security Forecast 2016

scip IT Security Forecast 2016

Big Brother or

Big Brother or: How I stopped Worrying and Love Encryption

Release of Burp Extension DetectDynamicJS

Release of Burp Extension DetectDynamicJS

Ransomware 101

Ransomware 101 - CryptoLocker and CryptoWall

Facebook's Ears

Facebook's Ears - Threats by Audio Discovery

Drones

Drones - The Next Generation of Information Warfare

Hackers

Hackers - 20 Years of Awesome

The Future

The Future: Personal Assistants

RFID with RFIDler

RFID with RFIDler

Peeple

Peeple: Social Media Without Profile

Healthy Paranoia

Healthy Paranoia - Goodbye, Passwords!

Twelve Simple Security Tricks

Twelve Simple Security Tricks

Mobile Technology in Corporate Environments

Mobile Technology in Corporate Environments

Securing out-of-band Remote Support (Part 2 of 2)

Securing out-of-band Remote Support (Part 2 of 2)

Risks in iBeacon

Risks in iBeacon

Public Shaming and the Case Ashley Madison

Public Shaming and the Case Ashley Madison

Statistical Analysis of the Ashley Madison Hack

Statistical Analysis of the Ashley Madison Hack

Metadata Revisited

Metadata Revisited

A First Analysis of the AshleyMadison.com Leak

A First Analysis of the AshleyMadison.com Leak

The Internet and the Things

The Internet and the Things

Offensive PowerShell

Offensive PowerShell - Introduction to PowerTools

The SBB Swiss Pass

The SBB Swiss Pass - New Technology, New Risks

Preventing Reputational Damage by Media

Preventing Reputational Damage by Media

SAP and Principle of Least Privilege

SAP and Principle of Least Privilege

Summary of Protection Aspects of Client Identifying Data

Summary of Protection Aspects of Client Identifying Data

Correct Authentication for Mobile Apps

Correct Authentication for Mobile Apps

Hack in Paris 2015

Hack in Paris 2015 - A Short Review

Securing out-of-band Remote Support (Part 1 of 2)

Securing out-of-band Remote Support (Part 1 of 2)

What You Need to Know About Duqu 2.0

What You Need to Know About Duqu 2.0

Reputational Damage to Media Corporations After a Hack

Reputational Damage to Media Corporations After a Hack

Logging Shell User Activity

Logging Shell User Activity

Apple Watch

Apple Watch - A First Commentary

Healthy Paranoia

Healthy Paranoia - Buckle Up!

SwiNOG #28

SwiNOG #28 - A Short Review

A Story About Blocking PowerShell

A Story About Blocking PowerShell

Thought About Cross Border and Associated Subjects

Thought About Cross Border and Associated Subjects

Detection of Firewalling to Professionalize Attacks

Detection of Firewalling to Professionalize Attacks

Securing Your Home Fences

Securing Your Home Fences

Hacker Fashion

Hacker Fashion - A Not Quite Serious Test

Hard Disk Encryption Tool

Hard Disk Encryption Tool: Startech Enclosure

A Case for Net Neutrality

A Case for Net Neutrality

Misusing TCP Timestamps

Misusing TCP Timestamps

So Long, and Thanks for All the Superfish

So Long, and Thanks for All the Superfish

Kerberos under Attack

Kerberos under Attack

The Hunt for the Safe Public WiFi

The Hunt for the Safe Public WiFi

Some Thoughts about Privileged Identity Management and Privileged Account Management

Some Thoughts about Privileged Identity Management and Privileged Account Management

Wearables in Application

Wearables in Application

Data Fence

Data Fence - A Nice and Small MacOS X Security Audit Tool

Audit in a OS X System

Audit in a OS X System

Wardialing Revisited

Wardialing Revisited - A Call with Consequences

apple and google

Year 2014

48 Articles

31C3

31C3 - A New Dawn

scip IT Security Forecast 2015

scip IT Security Forecast 2015

scip InfoCenter for Google Chrome available

scip InfoCenter for Google Chrome available

Software Defined Radio

Software Defined Radio - An Introduction

Burn Facebook 101

Burn Facebook 101 - How to Fabricate a Person

Transport Layer Security Done Right

Transport Layer Security Done Right

Logical Fallacies when Assessing Risks

Logical Fallacies when Assessing Risks

Collecting Windows Logs with NXlog

Collecting Windows Logs with NXlog

Designing filters for ELK

Designing filters for ELK

Bug Bounties

Bug Bounties - Getting that free Netscape Mug

Android Lab Based on Virtual Devices

Android Lab Based on Virtual Devices

How Data Correlation Works

How Data Correlation Works

Skype as a Security Risk

Skype as a Security Risk

The Basics of DNSSEC

The Basics of DNSSEC

Organizational Aspects When Protecting Business Information and Records

Organizational Aspects When Protecting Business Information and Records

UTM Solutions Evaluation in Virtual Environments

UTM Solutions Evaluation in Virtual Environments

Hacker Summer Camp (2014 Edition)

Hacker Summer Camp (2014 Edition)

File Integrity Checker Policy

File Integrity Checker Policy

Google Glass

Google Glass – A Snapshot

Kerberos Key Distribution Center Proxy Protocol

Kerberos Key Distribution Center Proxy Protocol

Wearables

Wearables - A Look Ahead

Wearables

Wearables - No Privacy for Your Biometry

Wearables

Wearables - New Threats

Wearables

Wearables - Technology on the Body

Wearables

Wearables - New Freedom

Windows Passwords

Windows Passwords - A Well Known Secret?

Functionality Testing a IDS/IPS

Functionality Testing a IDS/IPS

The Value of IT General Controls within an Organization

The Value of IT General Controls within an Organization

Security Testing Using Virtual Environment Made Easy

Security Testing Using Virtual Environment Made Easy

Car Hacking

Car Hacking - An Overview

Area41

Area41 - A Look Back

Security Conferences

Security Conferences - A Waste of Time?

JSXBIN

JSXBIN - Reversing the Binary File Type

Oh Twitter, Where Art Thou

Oh Twitter, Where Art Thou

Source Code Analysis

Source Code Analysis - A Beginner's Guide

PowerShell

PowerShell - One Tool to Rule Them All

How to Handle Breach Incidents Involving Personal Information

How to Handle Breach Incidents Involving Personal Information

Firewalls

Firewalls - Rules to Rule the Rules

The Worth of Information Security in Everyday Life

The Worth of Information Security in Everyday Life

Android Permissions

Android Permissions – A Top-500 Analysis 2014

A Look Fifteen Minutes into the Future

A Look Fifteen Minutes into the Future

Security of Unified Communications using Microsoft Lync as an Example

Security of Unified Communications using Microsoft Lync as an Example

Windows 8 Baseline Skeleton

Windows 8 Baseline Skeleton

On the Use of Security Concepts

On the Use of Security Concepts

Securing Logs in Motion

Securing Logs in Motion

Vulnerability Disclosure

Vulnerability Disclosure: Revisited

Security Enhanced Linux

Security Enhanced Linux

They Are Watching

They Are Watching

sculpture man head bronze

Year 2013

23 Articles

scip IT Security Forecast 2014

scip IT Security Forecast 2014

2013

2013: A Year in Review by scip AG

HP TippingPoint

HP TippingPoint – Analysis of the Protection Filters

When Your TV Watches You

When Your TV Watches You

iOS7

iOS7 - The Seven Best New Features (apart from the graphics)

Secure Mobile Data

Secure Mobile Data

Actions and Processes in Case of a Virus

Actions and Processes in Case of a Virus

OpSec on the Silk Road

OpSec on the Silk Road: Learning from Pirates

Virtual Switch Security

Virtual Switch Security - An Overview

Safer Log Files

Safer Log Files

The Broken Record

The Broken Record: Talking to Business

An Open Letter to iOS/Android App Developers

An Open Letter to iOS/Android App Developers

Nmap NSE Vulscan 1.0 Released

Nmap NSE Vulscan 1.0 Released

Benchmark a Firewall Rulebase

Benchmark a Firewall Rulebase

Are we even moving?

Are we even moving?

Overview of Microsoft's security toolkit EMET

Overview of Microsoft's security toolkit EMET

Timing of Efficient and Undiscovered Portscans

Timing of Efficient and Undiscovered Portscans

Interpreting a Logfile with Grok

Interpreting a Logfile with Grok

Your Infosec Job is not a Movie

Your Infosec Job is not a Movie

Blackhat Europe 2013

Blackhat Europe 2013 – A Hasty Preview

Virtual Environment Security Baseline Recommendations

Virtual Environment Security Baseline Recommendations

Counting the FW1 Logfile

Counting the FW1 Logfile

Critical Third Party Applications

Critical Third Party Applications: Risk and Handling

lock old big door blue

Year 2012

9 Articles

NAXSI Open-Source WAF

NAXSI Open-Source WAF

Security Log, Part 2

Security Log, Part 2: Requirements, Costs and Tools

Security Log, Part 1

Security Log, Part 1: Experience with Log Management

Windows 7 Stripping & Hardening, Part 3

Windows 7 Stripping & Hardening, Part 3: Keep it Safe

Mac OS X Memory Analysis

Mac OS X Memory Analysis: An Overview

Windows 7 Stripping & Hardening, Part 2

Windows 7 Stripping & Hardening, Part 2

Opinion: Flamer/sKyWIper

Opinion: Flamer/sKyWIper – Facts & Myths in 5 Minutes

Windows 7 Stripping & Hardening, Part 1

Windows 7 Stripping & Hardening, Part 1: OS Tools

Structuring the Rule Name in Checkpoint Firewall

Structuring the Rule Name in Checkpoint Firewall

rfi closeup

Year 2011

2 Articles

Open-Source and its Effects on Security

Open-Source and its Effects on Security

Basic RFID Security

Basic RFID Security

You want more?

Do you have any questions?

Our experts will get in contact with you!

×

Stay informed

Subscribe to our monthly security summary