Category: IT Security

Cloud Security

IT services in the cloud are becoming more and more popular these days. Many companies have already made their way to the cloud or are in the process of migrating their infrastructure to the cloud. Obviously, this offers a number of advantages: fast service delivery, high scalability, seemingly unlimited resources, and very high availability at…
Read more

ITSECX

IT-SECX 2019: OSINT Application for the 4th Power

At this year’s IT-SECX at the FH St. Pölten on 08.11.2019 Bernhard will give an insight into the possibilities and benefits of Open Source Intelligence tools in the field of journalism. https://itsecx.fhstp.ac.at/programm-2019/ The talk will highlight the suitability and possibility of mechanisms and tools, which are mainly used in OSINT or in the information gathering…
Read more

PICANTE Tech Conference Europe - Martin

PICANTE Tech Conference Europe

One of our co-founders Martin Stöfler was invited to give a lecture at the PICANTE Tech Conference Europe on the dangers and challenges in the IoT area. In addition to OSM Solutions, a number of other companies were represented with innovative solutions from the Augmented Reality, Blockchain, AI, Fintech and Privacy fields. A big compliment…
Read more

ITSECX

IT-SECX 2018 Talk

We are happy to announce that Bernhard will be speaking at this year’s IT Security Community Exchange (IT-SECX) at FH St. Pölten on the 16th of November. He  will shed some light on the hacking activities that influenced the 2016 US presidential election, especially in relation to the detailed allegations that are described in the indictment. As the detailed procedures of…
Read more

Libreelec and passwd

Raspberry Pi Distro’s Root Login

Have you ever set up a Raspberry Pi using one of the popular Linux distributions like Raspbian or LibreELEC and worried about adding a potentially insecure device into your home network? We’ve seen dozens of cases were IoT devices were more of a use to criminals (e.g. as part of a botnet attacking other systems)…
Read more

Secure Your Free Wazuh SIEM

If you have been looking for a free SIEM tool to fulfill PCI-DSS requirements such as FIM, centralized logging, alerting on suspicious activities and lots more, then the OSSEC fork Wazuh is the tool for you. Wazuh architecture is based on ELK stack with an additional RESTful API, additional features, and great documentation. Within this…
Read more

T-Mobile Twitter Plaintext Passwords

We store your passwords in plain-text, but don’t worry, our security is amazingly good!

What a dumpster-fire last Friday was for T-Mobile Austria. For anyone unaware of what went down, have a look at this twitter feed: http://archive.is/6566W Now, I am not out to bash T-Mobile or the social media manager(s) that have been involved, but there are a few lessons to be learned from this. T-Mobile’s representatives were…
Read more

Is it worth the risk?

Special – Vulnerability Assessment

Are you willing to take the risk of not knowing about security issues with your IT environment to save cost? This article might help you answer the question. If you never had a penetration test or vulnerability assessment done or the last one has been conducted long ago: Now is the ideal time for you…
Read more

Newspaper - Suche Frau article

Seeking: Young woman for marriage.

I stumbled upon this gem in the classifieds section of a small local newspaper in Villach, Austria. Looking past the obvious desperation, this gentleman’s request was similar to what we observe regularly in the IT Security industry. The following statement could very well be found in the same section: “Seeking: Young IT Security professional to…
Read more