Security

DDoS attacks

ByStefan Karg 03.02.202325.08.2025

The German Federal Office for Information Security (BSI) informs about a wave of DDoS attacks against websites of mainly airports as well as from the financial sector and the government, which happened last week.

Post of BSI on LinkedIn

AI

Microsoft Certified: Azure AI Fundamentals
ByStefan Karg 04.06.202325.08.2025

I’m happy to share that last weekend I passed the Microsoft Certified: Azure AI Fundamentals certification exam. As a rail security professional, why am I sitting for an AI-related exam when I’m not a data scientist? The rail industry is moving more and more towards interconnected technical solutions. Of course, we are not yet seeing…

Read More Microsoft Certified: Azure AI Fundamentals
Security

Defense in Depth
ByStefan Karg 01.11.202225.08.2025

Food for thought on the public holiday in Germany: What is defense in depth and why should you consider it?

Read More Defense in Depth
OT | Security | Standardization

IEC 62443-3-2 Risk Assessment Workflow
ByStefan Karg 01.02.202525.08.2025

Critical infrastructure faces a growing number of security threats.. Critical infrastructure typically relies on Industrial Automation and Control Systems (IACS) and other non-IT components, often referred to as “Operational Technology.” To effectively assess cybersecurity risks within operational technology (OT) systems, adhering to the internationally recognized IEC 62443 standard is best practice. IEC 62443-3-2, part of…

Read More IEC 62443-3-2 Risk Assessment Workflow
Security

Üstra hacked
ByStefan Karg 04.04.202325.08.2025

Cybersecurity in public transport: The operator of Hannover’s public transport was hacked. According to the linked article, it seems to be a ransomware attack. Bus and railway operation are not affected, but different systems such as the displays at the stations or the ticketing platform for the new “Deutschlandticket”. https://www.csoonline.com/de/a/cyberattacke-auf-hannoversche-verkehrsbetriebe,3674537

Read More Üstra hacked
Political | Security | Vulnerabilities

MITRE CVE list might go offline today
ByStefan Karg 16.04.202525.08.2025

😬 MITRE CVE list might go offline today! This would be catastrophic for global vulnerability management. What I’ve described as a scenario theoretically possible in How Trump 2.0 could affect the IT industry in Europe might become reality more quickly than I’ve thought and not on the NIST-NVD level, but on the MITRE level including…

Read More MITRE CVE list might go offline today
Security

Real world phishing attacks
ByStefan Karg 25.01.202325.08.2025

This post is a great example, that a spear phishing attack also works in the offline world. It does not always have to be an e-mail! Thank you to Marc Torke for sharing this. The letter in the picture is claiming to come from an official German court and was sent to a newly founded…

Read More Real world phishing attacks

Similar Posts