Attack on GSM-R

ByStefan Karg 10.10.202225.08.2025

Cables for GSM-R were intentionally cut this morning in northern Germany. This is a very serious incident and has to be carefully investigated with regard to the motivation of the attackers.

Link to article of German newspaper “Die Zeit” (08.10.2022)

Vulnerabilities

CVE-2024-3094: xz-utils backdoor
ByStefan Karg 30.03.202425.08.2025

The newly discovered xz-utils backdoor, which was published yesterday (NVD – CVE-2024-3094 (nist.gov)) also affects one of the Linux distributions most used by penetration testers: Kali Linux. ❗Make sure, that you are updating your Kali installations as fast as possible, especially when you updated them before in the time frame between 26.03.2024 and 29.03.2024. 💡For…

Read More CVE-2024-3094: xz-utils backdoor
Political

From a theoretical scenario to dangerous reality
ByStefan Karg 05.04.202425.08.2025

Since February 2022, cybersecurity threats to railways in the European Union have changed fundamentally: nation-state actors are no longer a theoretical possibility, but a dangerous reality. Russia is trying to sabotage European railways, warns Prague 💡 We therefore need to increase the resilience of the railway system against attacks by very capable attackers with access…

Read More From a theoretical scenario to dangerous reality
Security

Identity is the new perimeter
ByStefan Karg 29.04.202325.08.2025

Identity is the new perimeter. What does this mean in times of AI – both on the offensive and the defensive side? 💡 Rohit Ghai talks about this in an inspiring keynote at RSA Conference 2023. Well worth watching! https://www.youtube.com/watch?v=plMlFAxHJ6s

Read More Identity is the new perimeter
Security

Real world phishing attacks
ByStefan Karg 25.01.202325.08.2025

This post is a great example, that a spear phishing attack also works in the offline world. It does not always have to be an e-mail! Thank you to Marc Torke for sharing this. The letter in the picture is claiming to come from an official German court and was sent to a newly founded…

Read More Real world phishing attacks
Conferences / Events

Security for Safety pitch at it-sa 2021
ByStefan Karg 19.10.202125.08.2025

A short excerpt from my pitch on ‘Security for Safety’ as part of the BW-International Session at it-sa 2021 is available here: Post | LinkedIn

Read More Security for Safety pitch at it-sa 2021
Standardization

DKE
ByStefan Karg 15.09.202325.08.2025

This morning I’m on the way to Frankfurt for ICS – Informatik Consulting Systems participating at a DKE security working group meeting regarding standardisation of railway security.

Read More DKE

Similar Posts