Security

3 types of 2FA

ByStefan Karg 20.07.202225.08.2025

Today you can learn about 3 types of two-factor authentication (2FA).

Security

Attack via public links
ByStefan Karg 10.08.202225.08.2025

This is actually a very interesting attack vector described in this post:As an attacker place a Google Ad for a keyword, which will be mapped to accidentally pasted unprotected Dropbox links (I’m sure, this will also work with other cloud providers) and see what you will get… LinkedIn Post

Read More Attack via public links
OT | Security | Standardization

Railway Security standards
ByStefan Karg 08.08.202425.08.2025

In this post, I delve into the most relevant standards that secure our railway systems. Using Europe and Germany as a case study for the local and national level of standards, the following infographics provides a comprehensive overview of the most relevant standards helping to increase security on the tracks. 📄 Download infographics as pdf:…

Read More Railway Security standards
OT

OT security testing
ByStefan Karg 21.07.202225.08.2025

This was my start into the new week this morning! 🌞🚴 This week I’m at one of our customers laboratories. Certain tests with OT components require physical presence and can’t be done remotely – which is a difference to a lot of IT environments.

Read More OT security testing
Security

ISO 27005 Information Security Risk Manager
ByStefan Karg 16.12.202517.12.2025

This month I’ve earned the Information Security Risk Manager. ISO/IEC 27005 certification of rigcert.education. Having multiple years of experience in managing security risks in OT environments according to IEC 62443-3-2, the ISO 27005 provides an extended perspective on risk management. Effective information security risk management is crucial for maintaining secure systems. Failing to properly assess…

Read More ISO 27005 Information Security Risk Manager
OT | Security | Standardization

IEC 62443-3-2 Risk Assessment Workflow
ByStefan Karg 01.02.202525.08.2025

Critical infrastructure faces a growing number of security threats.. Critical infrastructure typically relies on Industrial Automation and Control Systems (IACS) and other non-IT components, often referred to as “Operational Technology.” To effectively assess cybersecurity risks within operational technology (OT) systems, adhering to the internationally recognized IEC 62443 standard is best practice. IEC 62443-3-2, part of…

Read More IEC 62443-3-2 Risk Assessment Workflow
Vulnerabilities

New MS Exchange Zero-day vulnerability
ByStefan Karg 29.09.202225.08.2025

New MS Exchange zero-day: https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2022/2022-258168-1032.html

Read More New MS Exchange Zero-day vulnerability

Similar Posts