Wie sind die Öffnungszeiten?

Montag 08:00 - 18:00 Dienstag 08:00 - 18:00 Mittwoch 08:00 - 18:00 Donnerstag 08:00 - 18:00 Freitag 08:00 - 18:00

e2 Security GmbH

Startseite
Deutschland
Bonn
e2 Security GmbH

We create Cybersecurity
Digital transformation requires a solid cybersecurity. Driven by a unique mix Your Cyber Security Partner
We love what we do.

Driven by a unique mix of experienced professionals, empowered by our creative approaches and proven methods, we work as a trusted partner to elevate the effectiveness of your digitalization and security initiatives and help transform them into sustainable secure business. We are a team of experienced and passionate security experts with extensive IT operations experience. We excel at bridging bri

dges between business requirements ops and security. Our team develops products and services which help our clients to get ahead of the curve. Our diverse team is internationally experienced and has a wide range of skills in Cybersecurity and Digital Transformation.

07/12/2021

Our annual Christmas party was once again a great success! Under the 2G+ Corona measures we were able to welcome our team in our offices in Bonn. Between a winter BBQ, local wine and a Shuffleboard Tournament we had a lot of nice chats and laughter.

Many thanks to the team of mannschaftsgold GmbH & Co KG for organising our event and also to the team of DEINspeisesalon - Jutta Landkotsch GmbH for the catering.

We are happy to have chosen such competent partners for our event!
It was a really great and pleasant evening, which we look back on with pleasure.

We wish everyone a wonderful pre-Christmas season!

09/09/2021

Urgent: Microsoft is investigating reports on a remote code ex*****on vulnerability in MSHTML, delivered by office documents. Exploitation in the wild has been noticed.

Microsoft recommends to keep antivirus software up to date in order to allow for detection and prevention. They also provide mitigations and workarounds for until the investigations are closed and address fixing the vulnerability itself accordingly. [1]

Please stay safe and secure more than usual these days when opening office documents from unknown sources!

[1]: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444

08/09/2021

Recently a vulnerability was identified in Atlassians products Confluence Server and Confluence Data Server (CVE-2021-26084).
This vulnerability allows for unauthenticated remote code ex*****on and is rated as critical by the vendor himself.
Currently, the vulnerability is exploited in the wild! If possible and not already done: please patch immediately!

For further information – especially which product versions are affected and which are not anymore - we provide you a link to the vendors security advisory. [1]

[1] https://confluence.atlassian.com/doc/confluence-security-advisory-2021-08-25-1077906215.html

Stay safe and secure!

Confluence Security Overview and Advisories Confluence Community Security Advisory 2006-01-19 Confluence Security Advisory 2005-02-09 Confluence Security Advisory 2005-12-05 Confluence Security Advisory 2006-01-20 Confluence Security Advisory 2006-01-23 Confluence Security Advisory 2006-06-14 Conflu...

03/09/2021

The team of e2 Security wishes you in advance a nice and relaxing weekend!

Start your weekend with our interesting article about "Cross Site Scripting"!

From a high level, cross site scripting (short: XSS) can be described as the embedding of foreign code into a trusted context for ex*****on. Technically speaking, XSS describes a client-side injection attack in which an attacker aims to execute malicious code in a web browser of the victim by including mostly malicious JavaScript in a legitimate web page or web application. (...)

CROSS SITE SCRIPTING VULNERABILITIES IN WEBAPPS PART II GENERAL DESCRIPTION From a high level, cross site scripting (short: XSS) can be described as the embedding of foreign code into a trusted context for ex*****on. Technically speaking, XSS describes a client-side injection attack in whic...

16/08/2021

A quick reminder for you out there: in March 2021, critical vulnerabilities were identified in Microsoft Exchange. There are now several variants, which go by the following names: ProxyLogon, ProxyShell and ProxyOracle.

If not already done, please patch immediately! Currently, more and more scans are being performed to identify these vulnerabilities. [1] A successful exploitation can lead to a full compromise of the system.

Stay safe and secure!

[1]: https://thehackernews.com/2021/08/hackers-actively-searching-for.html

Hackers are on the hunt for Microsoft Exchange servers vulnerable to ProxyShell, ProxyOracle, and ProxyLogon flaws.

04/08/2021

Cybersecurity as it's best!
We’re proud to be a new member of the selected club Cyber Security Cluster Bonn e.V.

Join us by developing the region into a nationally and internationally recognized cyber security hub.

30/07/2021

Quite soon after the windows vulnerability known as , a new one is known as or - all Windows 10 versions since 1809 are affected.

The vulnerability can only be exploited by an attacker who already has access to the target system and allows sensitive Windows databases (including SECURITY, SYSTEM and SAM) to be read. Among other things, these contain hashed passwords of user accounts, which in turn can be used to execute code with elevated privileges (e.g. as a user with the highest possible privileges: NT- Authority/System). [1]

A workaround is also already distributed by Microsoft until a patch is available: "Delete any System Restore points and Shadow volumes that existed prior to restricting access to %windir%\system32\config" and "create a new System Restore point (if desired)."

Also noted is that deleting VSS shadow copies "could impact restore operations, including the ability to restore data with third-party backup applications." [2]

[1]: https://lnkd.in/dB5U2Qu

[2]: https://lnkd.in/eGktn7r

21/07/2021

For criminals and fraudsters, personal data of Internet users is always very desirable, because in many cases it allows access to credit cards, bank accounts or online accounts. Phishing, i.e. obtaining other people’s personal data using fake e-mails or websites, is a popular means of doing this.

https://www.e2security.de/cyber-information-security/phishing-these-are-the-most-popular-tricks/

06/07/2021

Unfortunately, yet once again, multiple businesses around the world have been hit by a ransomware attack. Currently, the attackers are demanding a total of $70 million in Bitcoin to unlock the ability to decrypt for everyone affected. [1]

The attack itself was made possible by chaining several vulnerabilities in Kaseya's VSA application. This software is used for the purpose of remote monitoring and management of various client systems – it is used by managed service providers worldwide. The vendor publishes updates on the situation frequently. [2]

If interested in further - and more technical - details of the attack, you should frequently visit this blog. [3]

[1]: https://www.dw.com/en/kaseya-cyberattack-hackers-want-70-million-for-decryption/a-58158481

[2]: https://www.kaseya.com/potential-attack-on-kaseya-vsa/

[3]: https://www.huntress.com/blog/rapid-response-kaseya-vsa-mass-msp-ransomware-incident

Huntress is tracking a critical ransomware incident affecting MSPs and their customers, caused by a sophisticated Kaseya VSA supply chain attack.

Adresse

Rabinstr . 3
Bonn
53111

Öffnungszeiten

Montag	08:00 - 18:00
Dienstag	08:00 - 18:00
Mittwoch	08:00 - 18:00
Donnerstag	08:00 - 18:00
Freitag	08:00 - 18:00

Webseite

https://www.e2security.de/contacts/

Benachrichtigungen

Lassen Sie sich von uns eine E-Mail senden und seien Sie der erste der Neuigkeiten und Aktionen von e2 Security GmbH erfährt. Ihre E-Mail-Adresse wird nicht für andere Zwecke verwendet und Sie können sich jederzeit abmelden.