Security

What is a vulnerability?

ByStefan Karg 05.10.202225.08.2025

Security basics: What is a vulnerability?

Political

Open AI Sora Text-to-video
ByStefan Karg 19.02.202425.08.2025

The advances in text-to-video models are staggering. With several elections coming up this year and next, it gives a glimpse of the implications for media and social media and how easy it could be to produce very real looking fake news to influence political discussions.

Read More Open AI Sora Text-to-video
Political | Security | Vulnerabilities

MITRE CVE list might go offline today
ByStefan Karg 16.04.202525.08.2025

😬 MITRE CVE list might go offline today! This would be catastrophic for global vulnerability management. What I’ve described as a scenario theoretically possible in How Trump 2.0 could affect the IT industry in Europe might become reality more quickly than I’ve thought and not on the NIST-NVD level, but on the MITRE level including…

Read More MITRE CVE list might go offline today
Security

Company ID cards on social media
ByStefan Karg 01.07.202225.08.2025

Be careful, what you post in your social media profile! Unfortunately, this is valuable input for a potential attacker. Especially the layout of the ID is interesting, in this case even with a valid ID… 🙁 In best case, the processes are designed in a way, that only this information will not lead to anything…

Read More Company ID cards on social media
Cyber Resilience Act (CRA)

Article 14 strikes first: The september 2026 CRA Reporting Deadline
ByStefan Karg 31.03.202631.03.2026

Most CRA conversations I have right now orbit around December 2027. That’s the wrong date to focus on first. Article 14 of the CRA – the reporting obligation for actively exploited vulnerabilities and severe incidents – applies from 11.09.2026. That’s roughly 5 months from now. And 15 months before the rest of the regulation kicks…

Read More Article 14 strikes first: The september 2026 CRA Reporting Deadline
Cyber Resilience Act (CRA) | Uncategorized

CRA: Standardization projects
ByStefan Karg 01.12.202501.12.2025

Currently a lot of standardization projects regarding the CRA are on-going. These standardization projects aim to develop harmonized European standards for the fundamental cybersecurity requirements of the CRA and the requirements regarding vulnerability management (horizontal standards) as well as different product categories (vertical standards). You can find an overview over the currently active standardization projects…

Read More CRA: Standardization projects
AI

How will AI affect the security of industrial systems?
ByStefan Karg 07.06.202325.08.2025

This excellent talk from RSA Conference 2023 tries to answer this question with what is currently known regarding: A clear recommendation to watch this presentation by Jason Kramer and Dr. Ulrich Lang, CEO to anyone in the OT/ICS industry.

Read More How will AI affect the security of industrial systems?

Similar Posts