Security

3 types of 2FA

ByStefan Karg 20.07.202225.08.2025

Today you can learn about 3 types of two-factor authentication (2FA).

OT

New Publication: Automated Security Risk Management for trains
ByStefan Karg 21.07.202525.08.2025

Patric Birr and I published an article in SIGNAL+DRAHT, the leading international medium for control and safety technology plus communication and information technology in the railway sector. In the article we propose automating Security Risk Assessments by using digital twins. These allow attack trees to be derived automatically enabling a systematic analysis of potential attack…

Read More New Publication: Automated Security Risk Management for trains
Security

Crisis and Disaster checklist
ByStefan Karg 14.01.202614.01.2026

Incidents such as the blackout in parts of Berlin lasting several days emphasize the importance of personal preparation for crisis and disaster. The German BBK has published checklists for this purpose. The BBK is the German Federal Office of Civil Protection and Disaster Assistance. Personally I don’t prefer to check off such a list on…

Read More Crisis and Disaster checklist
OT

Is your OT-to-cloud connection secure?
ByStefan Karg 10.05.202325.08.2025

Here are some questions to ask! Of course this is not the full list of questions, since your environment has to be known to choose the corresponding countermeasures.

Read More Is your OT-to-cloud connection secure?
Vulnerabilities

New MS Exchange Zero-day vulnerability
ByStefan Karg 29.09.202225.08.2025

New MS Exchange zero-day: https://www.bsi.bund.de/SharedDocs/Cybersicherheitswarnungen/DE/2022/2022-258168-1032.html

Read More New MS Exchange Zero-day vulnerability
OT

Investigation of cyber-attack on Polish rail network
ByStefan Karg 28.08.202325.08.2025

The Polish Press Agency (PAP) reports a cyber attack on the Polish rail network in the north-west of the country in Szczecin. A BBC article reports: “Hackers broke into railway frequencies to disrupt traffic in the north-west of the country overnight, the Polish Press Agency (PAP) reported on Saturday.The signals were interspersed with recording of…

Read More Investigation of cyber-attack on Polish rail network
Security

Attack via public links
ByStefan Karg 10.08.202225.08.2025

This is actually a very interesting attack vector described in this post:As an attacker place a Google Ad for a keyword, which will be mapped to accidentally pasted unprotected Dropbox links (I’m sure, this will also work with other cloud providers) and see what you will get… LinkedIn Post

Read More Attack via public links

Similar Posts