Browse through our selection of IT security news, as well as presentations, television broadcasts, articles and press releases by or about Oneconsult.

We gladly support journalists and other media professionals free of charge in the field of information and IT security. Please contact Christoph Baumgartner (CEO) by phone +41 43 377 22 22 or by email info@oneconsult.com. We look forward to hearing from you!

Below you find a selection of presentations, television broadcasts, newspaper and magazine articles, as well as press releases by or about Oneconsult.

09 December 2020: Netwrix Webinar – Explained by a Hacker

Join Yves Kraft, Branch Manager und Senior Penetration Tester & Security Consultant, in his webinar “Explained by a hacker: MS Teams and Office 365 as new targets for cyber criminals” (in German) to learn more about possible attacks against MS Teams and Office 365 and how to protect yourself and your company against such attacks.

The Netwrix webinar will take place on 09 December 2020 at 10:00 am.

For further information and registration, please see the Netwrix website.

09 December 2020: Expert Talks at IT-Tage 2020 Conference

At this year’s IT-Tage conference, two of our cyber security experts will give talks. In his talk “Cyber Incidents: Preparing for an Emergency” (in German), Gregor Wegberg, Head of Digital Forensics & Incident Response, will explain how organizations can best prepare for cyber incidents and what they can learn from past incidents that other companies faced.

Gregor Wegberg’s talk will take place on 09 December 2020 from 13:00 to 13:45. Click here for further details.

Moreover, Frank Ully, CTO Oneconsult Deutschland GmbH, will present possible attacks on interfaces and measures against such attacks in his talk “OWASP API Security Top 10 – How APIs Are Attacked and How to Develop Securely” (in German).

Frank Ully’s talk is scheduled for 09 December 2020 from 15:00 to 15:45. For more information, click here.

The IT-Tage 2020 conference will be held as a remote conference from 07 to 10 December 2020.
Please see the IT-Tage 2020 website for further information and registration.

Straight Into the Corporate Network

by Fabian Murer

In information security circles, one topic has again been very present since last week: A vulnerability (CVE-2018-13379) in Fortinet’s well-known VPN software from 2019 is being actively exploited by hackers.

[read the German article]

24 November 2020: Web Seminar on Penetration Testing

On 24 November, the “ZD.B Themenplattform Cybersecurity” will host a web seminar on penetration testing together with the “Sicherheitsnetzwerk München”. Together with three other experts from the industry, Frank Ully, CTO of Oneconsult Deutschland GmbH, will explain for which organisations such tests are useful, what is the current technical standard of testing and what needs to be considered when selecting the right testers. Following the short talks, you will have the chance to direct your questions to the experts.

The web seminar will take place on 24 November from 16:00 to 17:30.

Click here for further information and registration.

Active Directory Article Series Continued in New Issue 12/2020 of iX Magazine

In the current issue of iX magazine 12/2020 Frank Ully, Chief Technical Officer of Oneconsult Deutschland GmbH, continues the previous article of the series and explains further methods how attackers can use previously collected data to gain higher privileges in the Active Directory.
[more]

DFIR, Simple: Behind the Link – a Look Into the Dark

by Gregor Wegberg

Unwanted emails, SMS and other digital messages, also known as “spam”, are tiresome and unpleasant but also part of our everyday digital life. Nowadays, we all regularly receive unwanted messages (spam) that are not just advertising, but deliberately try to trick us into an action that can have far-reaching consequences.

[read the German article]

01 December 2020: ESE Congress – From Fuzzing to Exploiting IoT Devices

Rafael Scheel, CEO Oneconsult Deutschland GmbH, will give a talk about “From Fuzzing to Exploiting IoT Devices – How to Quickly Detect and Fix Zero-Day Vulnerabilities Using Fuzzing” (in German) at this year’s Embedded Software Engineering (ESE) Congress.

The ESE Congress will be held as an online conference this year.
Rafael Scheel’s talk will take place on 01 December from 15:40 to 16:20.

Please see the ESE Congress website for further information and registration.

The OWASP API Top 10 2019

by Lena Reitzle

According to a Gartner report, application programming interfaces (APIs) already account for 40% of the attack surface of web applications – and the trend is rising. Gartner estimates that this figure will rise to 90% by 2021. [1]The trend is more and more towards dynamic single-page applications (SPAs), while classic server-based web applications are gradually being replaced.

[more]

22 October 2020: Live Webcast – Explained by a Hacker

MS Teams and Office 365 are becoming increasingly popular targets: In his webinar “Explained by a Hacker: MS Teams and Office 365 as New Targets for Cyber Criminals” (in German only), Yves Kraft, Branch Manager and Senior Penetration Tester & Security Consultant, will demonstrate possible attacks on these platforms using live hacking and will explain how companies can protect themselves against such attacks.

The live webcast will take place on 22 October 2020 from 11:00 to 12:00 and will be held in cooperation with Netwrix and heise Business Services.

For further details and registration please see the heise Business Services website.