Browse through our selection of IT security news, as well as presentations, television broadcasts, articles and press releases by or about Oneconsult.

We gladly support journalists and other media professionals free of charge in the field of information and IT security. Please contact Christoph Baumgartner (CEO) by phone +41 43 377 22 22 or by email info@oneconsult.com. We look forward to hearing from you!

Below you find a selection of presentations, television broadcasts, newspaper and magazine articles, as well as press releases by or about Oneconsult.

29 September 2020: DiMitEx – Attacks Against MS Teams and Office 365 Explained by a Hacker

Join Philipp Gamper, Digital Forensics & Incident Response Specialist, in his webinar “Explained by a hacker: MS Teams and Office 365 as new targets for cyber criminals” (in German) to learn more about possible attacks against MS Teams and Office 365 and how to protect yourself against such attacks.

The webinar will take place on 29 September 2020 from 08:50 bis 09:30 as part of the DiMitEx.

For more information and registration see the DiMitEx website.

22–24 September 2020: Stralsund IT Security Conference

“OWASP API Security Top 10 – How APIs Are Attacked and How to Develop Securely”: Frank Ully, Senior Penetration Tester & Security Consultant, will present the most important risks for APIs and possible attacks against APIs at the Stralsund IT Security Conference, which takes place from 22 to 24 September 2020.

The Stralsund IT Security Conference will be held as a virtual event this year.
Frank Ully’s talk is scheduled for 22 September 2020 from 18:00 to 19:00.

Please see the Stralsund IT Security Conference website for further information.

18 September 2020: Internet Security Days – Presentation on OWASP API Security Top 10

Frank Ully, Senior Penetration Tester & Security Consultant, will give a presentation on “OWASP API Security Top 10 – How APIs Are Attacked and How to Develop Securely” (in German) at this year’s Internet Security Days.

The Internet Security Days (ISD) will be held as a virtual event this year.
Frank Ully’s talk will take place on 18 September 2020 from 11:25 to 11:55.

For further information and registration please check the ISD website.

16 September 2020: Live Hacking at the KMU Digital Webinar

Join Yves Kraft, Branch Manager and Senior Penetration Tester, in his webinar “SMEs as targets of cyber attacks” (in German) to learn more about the most dangerous cyber risks for SMEs and how SMEs should protect themselves against these risks. With a live hacking demonstration he will show how easily computers and mobile phones can be hacked.

The webinar will take place on 16 September 2020 from 15:00 to 16:00 as part of the KMU Digital Webinar and will be held in cooperation with AXA.

Please see the KMU Digital website for further information and registration.

How the MITRE ATT&CK Framework Helps You Make Your Business More Secure

by Yves Kraft

The MITRE ATT&CK framework is regularly mentioned, especially when it comes to the analysis of cyber intrusions. But what exactly is ATT&CK and why should you learn more about it?
[read the German article]

5 November 2020: Black Alps 2020

After last year’s success Oneconsult again will be part of the BLACKALPS in Yverdon‑les‑Bains on 5 November 2020. We’d be pleased to welcome you at our Oneconsult booth and tell you more about our IT security services.

Due to the current situation (COVID-19) a special format is planned for the Black Alps this year to meet the requirements of the Swiss Federal Office of Public Health (FOPH). The organizers will continue to closely monitor the situation; the planning is subject to change. For more and current information please see the Black Alps website.

02 September 2020: German Testing Day – Talk about OWASP Top 10

At this year’s German Testing Day, Frank Ully, Senior Penetration Tester & Security Consultant, will give a talk on “OWASP Top 10 – How Web Applications Are Attacked and How to Develop Securely” (in German).

The German Testing Day will be held as an online event this year.
Frank Ully’s presentation is scheduled for 2 September 2020 from 11:20 to 11:55.

For more details, check the German Testing Day website.

Signing Office Macros and PowerShell Scripts – Part 2: Peculiarities of Dealing With Signed Code

by Marco Wohler

The first part of this article explained how to use policies to restrict macros and PowerShell scripts so that only signed code is executed.

In the second part, the peculiarities of dealing with signed code are described in more detail.
[read the German article]

23 August 2020: BSides Munich – Presentation on OWASP API Security Top 10

At this year’s BSides Munich, Frank Ully, Senior Penetration Tester & Security Consultant, will explain the 10 most critical security risks for interfaces according to OWASP and will outline possible attacks on APIs in his talk titled “OWASP API Security Top 10 – How APIs Are Hacked” (in English).

BSides Munich will be held as a virtual conference this year.
Frank Ully’s presentation is scheduled for 23 August 2020 from 13:15 to 14:00.

Further information: https://2020.bsidesmunich.org/agenda/

Signing Office Macros and PowerShell Scripts Part 1: Signing Code and Setting Policy

by Marco Wohler

The last few years have shown that ransomware and banking trojans like Emotet and Co. like to spread via scripts and macros. The signing of scripts, especially of macros – known from Microsoft’s Office product line – is accordingly becoming increasingly important. [read the German article]