Security

What is a vulnerability?

ByStefan Karg 05.10.202225.08.2025

Security basics: What is a vulnerability?

Security

Document classification
ByStefan Karg 07.09.202225.08.2025

Do you classify your documents? Here’s what you should consider!

Read More Document classification
Vulnerabilities

CVE-2024-3094: xz-utils backdoor
ByStefan Karg 30.03.202425.08.2025

The newly discovered xz-utils backdoor, which was published yesterday (NVD – CVE-2024-3094 (nist.gov)) also affects one of the Linux distributions most used by penetration testers: Kali Linux. ❗Make sure, that you are updating your Kali installations as fast as possible, especially when you updated them before in the time frame between 26.03.2024 and 29.03.2024. 💡For…

Read More CVE-2024-3094: xz-utils backdoor
Vulnerabilities

CVE-2024-3094: Why the xz-utils backdoor is more than a technical issue
ByStefan Karg 02.04.202425.08.2025

Despite the Easter holidays, a lot of incredible work was done over the weekend by many researchers analysing the details of the xz-utils backdoor. Some examples are: As the situation unfolds, it is becoming clear that this was not just one of the most sophisticated technical (perhaps the most sophisticated) attempts to introduce a backdoor…

Read More CVE-2024-3094: Why the xz-utils backdoor is more than a technical issue
Cyber Resilience Act (CRA)

CRA FAQ
ByStefan Karg 04.12.202504.12.2025

The EU Commission services have just released a comprehensive FAQ to help to demystify the implementation of the Cyber Resilience Act. If the official text left you scratching your head, this 66-page document might be your go-to resource for first practical answers to your questions. Worth a bookmark. Read it here:EU Commission – CRA Implementation

Read More CRA FAQ
Cyber Resilience Act (CRA)

Article 14 strikes first: The september 2026 CRA Reporting Deadline
ByStefan Karg 31.03.202631.03.2026

Most CRA conversations I have right now orbit around December 2027. That’s the wrong date to focus on first. Article 14 of the CRA – the reporting obligation for actively exploited vulnerabilities and severe incidents – applies from 11.09.2026. That’s roughly 5 months from now. And 15 months before the rest of the regulation kicks…

Read More Article 14 strikes first: The september 2026 CRA Reporting Deadline
AI

Would you recognize?
ByStefan Karg 06.07.202325.08.2025

📸 How good are you at recognising AI-generated people? ❓ Would you be sceptical if the person tried to connect with you on LinkedIn, for example? You can test yourself on these two sites: 🌐 Which Face Is Real?🌐 thispersondoesnotexist.com

Read More Would you recognize?

Similar Posts