👩🎓 Learn another security term this Wednesday: What is an exploit?
Despite the Easter holidays, a lot of incredible work was done over the weekend by many researchers analysing the details of the xz-utils backdoor. Some examples are: As the situation unfolds, it is becoming clear that this was not just one of the most sophisticated technical (perhaps the most sophisticated) attempts to introduce a backdoor…
Security basics: What is a vulnerability?
What is the role of us security professionals when it comes to AI powered systems?
In this post, I delve into the most relevant standards that secure our railway systems. Using Europe and Germany as a case study for the local and national level of standards, the following infographics provides a comprehensive overview of the most relevant standards helping to increase security on the tracks. 📄 Download infographics as pdf:…
A Military-Type Explosive Sent Via USB Drive (gbhackers.com) ⚡ So far, USB-Killer devices were used by attackers (or pentesters) to disable or destroy devices with USB interfaces by discharging a high power electrical shock into the data lines of the USB port. ❗ If you find a USB stick somewhere: Do not plug it into…
An attack on the software build pipeline can to some degree be compared to an attack on your supply chain. Your code can be 100% reviewed, but still the end product will contain malicious code – a very dangerous situation. Defending software build pipelines from malicious attack – NCSC.GOV.UK