What is a vulnerability?
Security basics: What is a vulnerability?
Security basics: What is a vulnerability?
I’m happy to share that last weekend I passed the Microsoft Certified: Azure AI Fundamentals certification exam. As a rail security professional, why am I sitting for an AI-related exam when I’m not a data scientist? The rail industry is moving more and more towards interconnected technical solutions. Of course, we are not yet seeing…
This morning I’m on the way to Frankfurt for ICS – Informatik Consulting Systems participating at a DKE security working group meeting regarding standardisation of railway security.
The newly discovered xz-utils backdoor, which was published yesterday (NVD – CVE-2024-3094 (nist.gov)) also affects one of the Linux distributions most used by penetration testers: Kali Linux. ❗Make sure, that you are updating your Kali installations as fast as possible, especially when you updated them before in the time frame between 26.03.2024 and 29.03.2024. 💡For…
The Polish Press Agency (PAP) reports a cyber attack on the Polish rail network in the north-west of the country in Szczecin. A BBC article reports: “Hackers broke into railway frequencies to disrupt traffic in the north-west of the country overnight, the Polish Press Agency (PAP) reported on Saturday.The signals were interspersed with recording of…
Real time AI applications can bring huge benefits but also come with (social) risks we will have to deal with. The example below is a good demonstration of what is possible today. I’m very curious regarding the public discussion on how we will balance benefits vs. risks of such applications without killing technological progress in…
An attack on the software build pipeline can to some degree be compared to an attack on your supply chain. Your code can be 100% reviewed, but still the end product will contain malicious code – a very dangerous situation. Defending software build pipelines from malicious attack – NCSC.GOV.UK