A high-angle close-up of yellow and black road markings on asphalt surface.

Political

BSI warns against Kaspersky

ByStefan Karg 16.03.202225.08.2025

German Federal Office For Information Security (BSI) now officially warns to use anti-virus software of the russian manuafacturer Kaspersky.

BSI – FAQ – Kaspersky

Vulnerabilities

CVE-2024-3094: xz-utils backdoor
ByStefan Karg 30.03.202425.08.2025

The newly discovered xz-utils backdoor, which was published yesterday (NVD – CVE-2024-3094 (nist.gov)) also affects one of the Linux distributions most used by penetration testers: Kali Linux. ❗Make sure, that you are updating your Kali installations as fast as possible, especially when you updated them before in the time frame between 26.03.2024 and 29.03.2024. 💡For…

Read More CVE-2024-3094: xz-utils backdoor
Security

Crisis and Disaster checklist
ByStefan Karg 14.01.202614.01.2026

Incidents such as the blackout in parts of Berlin lasting several days emphasize the importance of personal preparation for crisis and disaster. The German BBK has published checklists for this purpose. The BBK is the German Federal Office of Civil Protection and Disaster Assistance. Personally I don’t prefer to check off such a list on…

Read More Crisis and Disaster checklist
Security

ISO 27005 Information Security Risk Manager
ByStefan Karg 16.12.202517.12.2025

This month I’ve earned the Information Security Risk Manager. ISO/IEC 27005 certification of rigcert.education. Having multiple years of experience in managing security risks in OT environments according to IEC 62443-3-2, the ISO 27005 provides an extended perspective on risk management. Effective information security risk management is crucial for maintaining secure systems. Failing to properly assess…

Read More ISO 27005 Information Security Risk Manager
OT

On the rails again… 🚆😎
ByStefan Karg 15.03.202325.08.2025

Read More On the rails again… 🚆😎
OT

Is your OT-to-cloud connection secure?
ByStefan Karg 10.05.202325.08.2025

Here are some questions to ask! Of course this is not the full list of questions, since your environment has to be known to choose the corresponding countermeasures.

Read More Is your OT-to-cloud connection secure?
Political | Security | Vulnerabilities

MITRE CVE list might go offline today
ByStefan Karg 16.04.202525.08.2025

😬 MITRE CVE list might go offline today! This would be catastrophic for global vulnerability management. What I’ve described as a scenario theoretically possible in How Trump 2.0 could affect the IT industry in Europe might become reality more quickly than I’ve thought and not on the NIST-NVD level, but on the MITRE level including…

Read More MITRE CVE list might go offline today

Similar Posts