Security

DDoS attacks

ByStefan Karg 03.02.202325.08.2025

The German Federal Office for Information Security (BSI) informs about a wave of DDoS attacks against websites of mainly airports as well as from the financial sector and the government, which happened last week.

Post of BSI on LinkedIn

OT

New Publication: Automated Security Risk Management for trains
ByStefan Karg 21.07.202525.08.2025

Patric Birr and I published an article in SIGNAL+DRAHT, the leading international medium for control and safety technology plus communication and information technology in the railway sector. In the article we propose automating Security Risk Assessments by using digital twins. These allow attack trees to be derived automatically enabling a systematic analysis of potential attack…

Read More New Publication: Automated Security Risk Management for trains
Vulnerabilities

CVE-2024-3094: xz-utils backdoor
ByStefan Karg 30.03.202425.08.2025

The newly discovered xz-utils backdoor, which was published yesterday (NVD – CVE-2024-3094 (nist.gov)) also affects one of the Linux distributions most used by penetration testers: Kali Linux. ❗Make sure, that you are updating your Kali installations as fast as possible, especially when you updated them before in the time frame between 26.03.2024 and 29.03.2024. 💡For…

Read More CVE-2024-3094: xz-utils backdoor
Conferences / Events

Thanks for attending
ByStefan Karg 11.11.202225.08.2025

A big “Thank you” to all participants for attending the German edition of our ICS – Informatik Consulting Systems webinar today! I’m very happy, that so many people were interested in the topic “Security lifecycle management for existing ETCS products”. 📣 In case you’ve missed it or you’re not speaking German – don’t worry! There…

Read More Thanks for attending
Security

Software supply chain attacks
ByStefan Karg 03.02.202225.08.2025

An attack on the software build pipeline can to some degree be compared to an attack on your supply chain. Your code can be 100% reviewed, but still the end product will contain malicious code – a very dangerous situation. Defending software build pipelines from malicious attack – NCSC.GOV.UK

Read More Software supply chain attacks
Political

Open AI Sora Text-to-video
ByStefan Karg 19.02.202425.08.2025

The advances in text-to-video models are staggering. With several elections coming up this year and next, it gives a glimpse of the implications for media and social media and how easy it could be to produce very real looking fake news to influence political discussions.

Read More Open AI Sora Text-to-video
OT

Attack on GSM-R
ByStefan Karg 10.10.202225.08.2025

Cables for GSM-R were intentionally cut this morning in northern Germany. This is a very serious incident and has to be carefully investigated with regard to the motivation of the attackers. Link to article of German newspaper “Die Zeit” (08.10.2022)

Read More Attack on GSM-R

Similar Posts