Security basics: What is a vulnerability?
What a good start into the weekend 😎 📄 The German BSI has published a guideline for developers regarding potential vulnerabilies in AI systems. 📣 From my point of view, a security risk assessment on systems using AI technologies has to consider the attacks on the AI parts of the system as well. A security…
Do you classify your documents? Here’s what you should consider!
This month I’ve earned the Information Security Risk Manager. ISO/IEC 27005 certification of rigcert.education. Having multiple years of experience in managing security risks in OT environments according to IEC 62443-3-2, the ISO 27005 provides an extended perspective on risk management. Effective information security risk management is crucial for maintaining secure systems. Failing to properly assess…
Be careful, what you post in your social media profile! Unfortunately, this is valuable input for a potential attacker. Especially the layout of the ID is interesting, in this case even with a valid ID… 🙁 In best case, the processes are designed in a way, that only this information will not lead to anything…
As with any new technology, the “other side” is trying to figure out how to use it to their advantage. The normal commercial versions of LLMs have barriers built in to prevent the creation of malware code or phishing mails, for example. If you remove these barriers, you get the output that we as security…
The German Federal Office for Information Security (BSI) informs about a wave of DDoS attacks against websites of mainly airports as well as from the financial sector and the government, which happened last week. Post of BSI on LinkedIn