Browse through our selection of IT security news, as well as presentations, television broadcasts, articles and press releases by or about Oneconsult.

We gladly support journalists and other media professionals free of charge in the field of information and IT security. Please contact Christoph Baumgartner (CEO) by phone +41 43 377 22 22 or by email We look forward to hearing from you!

Below you find a selection of presentations, television broadcasts, newspaper and magazine articles, as well as press releases by or about Oneconsult.

(In)secure passwords – Part 1: Paradigm shift in password policies

by Sandro Affentranger

This is the first instalment in a two-part series about passwords. Passwords have become indispensable these days. For a long time the recommendation was to make passwords as complex as possible – but lately this has changed: “Long instead of complex” is the new motto. This article introduces the topic and explains why passwords play such an important role. It discusses the risks associated with having passwords fall into the wrong hands, and identifies possible measures to assess and mitigate these risks. [read the German article]

We are hiring

(f/m, 80 – 100%): Your exciting new job at Oneconsult? If you are a native German speaker, we are looking for you to strengthen our top-flight cyber security team.

Job descriptions

OWASP IoT Top 10 – Part 1

by Jakob Kunzmann

This is the first of two articles presenting the OWASP Top 10 on the Internet of Things, a list of the top ten security risks in IoT, published by the Open Web Application Security Project (OWASP). In this article, the technical aspects of IoT risks are described and, if possible, prominent cases in which they have been exploited are highlighted. If applicable examples exist, the focus will be on malware or attacks for industrial IoT applications. [read the German article]

Pivoting Through a Web Application to the Internal Domain

by Severin Wischmann & Markus Schalch

Penetration testing projects are all about the defined scope and objective, i.e. which systems, entry points, personal or company sites may be attacked, and what specific scenarios should be tested for. These two properties are usually defined at the beginning of the project with the client, which requires a trade-off to be made between completeness and feasibility from a temporal point of view.


Oneconsult is a member of FIRST

FIRST is a global network of incident response and security teams dedicated to promoting collaboration and coordination in this area and actively sharing information among members to respond more effectively to security incidents. FIRST has more than 400 members worldwide.
Further information about FIRST can be found here:
You will find information about our services in this area under the following link:

Malware analysis – Basics

by Severin Wischmann

This is the first installment in a multi-part series about malware and how to analyze it. The article discusses the basics of malware. In further articles of this series, different facets of the analysis will be examined in detail. [read the German article]

01.07.2019 / (IoT) Safety & Security – Challenges in the Embedded Market in München

Presentation: “How (not) to trust your devices” by Senior Penetration Tester, IT-Forensiker & Security Researcher Rafael Scheel.