Security

Two-factor authentication

ByStefan Karg 10.02.202225.08.2025

Start to annoy hackers today by using two-factor authentication (2FA)!

Setting up 2-Step Verification (2SV) – NCSC.GOV.UK

Security

Crisis and Disaster checklist
ByStefan Karg 14.01.202614.01.2026

Incidents such as the blackout in parts of Berlin lasting several days emphasize the importance of personal preparation for crisis and disaster. The German BBK has published checklists for this purpose. The BBK is the German Federal Office of Civil Protection and Disaster Assistance. Personally I don’t prefer to check off such a list on…

Read More Crisis and Disaster checklist
OT

Investigation of cyber-attack on Polish rail network
ByStefan Karg 28.08.202325.08.2025

The Polish Press Agency (PAP) reports a cyber attack on the Polish rail network in the north-west of the country in Szczecin. A BBC article reports: “Hackers broke into railway frequencies to disrupt traffic in the north-west of the country overnight, the Polish Press Agency (PAP) reported on Saturday.The signals were interspersed with recording of…

Read More Investigation of cyber-attack on Polish rail network
Security

Attack via public links
ByStefan Karg 10.08.202225.08.2025

This is actually a very interesting attack vector described in this post:As an attacker place a Google Ad for a keyword, which will be mapped to accidentally pasted unprotected Dropbox links (I’m sure, this will also work with other cloud providers) and see what you will get… LinkedIn Post

Read More Attack via public links
Vulnerabilities

CVE-2024-3094: Why the xz-utils backdoor is more than a technical issue
ByStefan Karg 02.04.202425.08.2025

Despite the Easter holidays, a lot of incredible work was done over the weekend by many researchers analysing the details of the xz-utils backdoor. Some examples are: As the situation unfolds, it is becoming clear that this was not just one of the most sophisticated technical (perhaps the most sophisticated) attempts to introduce a backdoor…

Read More CVE-2024-3094: Why the xz-utils backdoor is more than a technical issue
AI

Identification in times of AI
ByStefan Karg 23.03.202325.08.2025

Voice and video as a means of identification can no longer be considered as secure! Let me predict, that the threat of impersonation through deepfakes and AI generated content will be one of the next big things. They will be used for fraudulent activities or for attempts to manipulate the public opinion. We need new…

Read More Identification in times of AI
Cyber Resilience Act (CRA)

Understanding “Products with Digital Elements” Under the Cyber Resilience Act (CRA)
ByStefan Karg 16.02.202616.02.2026

If you’re evaluating whether your product falls under the Cyber Resilience Act (CRA), you’ve likely encountered the term “Product with Digital Elements” (PDE). This term is central to the CRA, and understanding it is crucial. The Cyber Resilience Act (CRA) defines the scope of its regulations in Article 2, which explicitly references “products with digital…

Read More Understanding “Products with Digital Elements” Under the Cyber Resilience Act (CRA)

Similar Posts