DKE
This morning I’m on the way to Frankfurt for ICS – Informatik Consulting Systems participating at a DKE security working group meeting regarding standardisation of railway security.
Similar Posts
Windows 3.11 in 2024? Here’s why.
There is a job advert for a Windows 3.11 administrator role in the rail industry doing the rounds on the internet right now – e.g. here at Heise. It’s often accompanied by the question why such old systems are still in use – it’s 2024! Yes, this is the reality of OT systems – not…
Are Bluetooth Headsets Secure in the Era of Remote Work?
Since the onset of the COVID-19 pandemic, the world has seen a significant shift towards remote working. This shift has led to an increase in virtual meetings and, as a result, the use of Bluetooth headsets for convenience. But one question arises – are these Bluetooth headsets secure? To understand the security of a typical…
How railway cyber security works in a nutshell
Step 1: Plan Security Management: This is the first step in the process, indicating the importance of planning and managing security measures effectively. Step 2: Security Risk Analysis (IEC 62443-3-2): The second step involves conducting a security risk analysis in accordance with the IEC 62443-3-2 standard. This step is crucial for identifying potential security risks…
Railway Security standards
In this post, I delve into the most relevant standards that secure our railway systems. Using Europe and Germany as a case study for the local and national level of standards, the following infographics provides a comprehensive overview of the most relevant standards helping to increase security on the tracks. 📄 Download infographics as pdf:…
WormGPT and FraudGPT
As with any new technology, the “other side” is trying to figure out how to use it to their advantage. The normal commercial versions of LLMs have barriers built in to prevent the creation of malware code or phishing mails, for example. If you remove these barriers, you get the output that we as security…
CVE-2024-3094: Why the xz-utils backdoor is more than a technical issue
Despite the Easter holidays, a lot of incredible work was done over the weekend by many researchers analysing the details of the xz-utils backdoor. Some examples are: As the situation unfolds, it is becoming clear that this was not just one of the most sophisticated technical (perhaps the most sophisticated) attempts to introduce a backdoor…