DDoS attacks
The German Federal Office for Information Security (BSI) informs about a wave of DDoS attacks against websites of mainly airports as well as from the financial sector and the government, which happened last week.
Similar Posts
Attack via public links
This is actually a very interesting attack vector described in this post:As an attacker place a Google Ad for a keyword, which will be mapped to accidentally pasted unprotected Dropbox links (I’m sure, this will also work with other cloud providers) and see what you will get… LinkedIn Post
ISO 27005 Information Security Risk Manager
This month I’ve earned the Information Security Risk Manager. ISO/IEC 27005 certification of rigcert.education. Having multiple years of experience in managing security risks in OT environments according to IEC 62443-3-2, the ISO 27005 provides an extended perspective on risk management. Effective information security risk management is crucial for maintaining secure systems. Failing to properly assess…
Software supply chain attacks
An attack on the software build pipeline can to some degree be compared to an attack on your supply chain. Your code can be 100% reviewed, but still the end product will contain malicious code – a very dangerous situation. Defending software build pipelines from malicious attack – NCSC.GOV.UK
Defense in Depth
Food for thought on the public holiday in Germany: What is defense in depth and why should you consider it?
Bing AI message limitation
There was an interesting article published about Bing’s AI chat bot using a LLM (Large Language Model) this weekend in the New York Times. A clear recommendation for reading:Why a Conversation With Bingβs Chatbot Left Me Deeply Unsettled – The New York Times