Security

What is an exploit?

ByStefan Karg 03.10.202225.08.2025

👩‍🎓 Learn another security term this Wednesday: What is an exploit?

Cyber Resilience Act (CRA)

CRA Compliance Deadline: Why Your Customers Won’t Wait Until December 2027
ByStefan Karg 25.03.202625.03.2026

Most manufacturers plan their CRA compliance around one date: 11 December 2027. That’s when the Cyber Resilience Act fully applies, and that’s the CRA compliance deadline their project plans are built around. From a regulatory perspective, this makes sense. From a business perspective, it’s already too late. The regulatory date is not the market date…

Read More CRA Compliance Deadline: Why Your Customers Won’t Wait Until December 2027
Security

Real world phishing attacks
ByStefan Karg 25.01.202325.08.2025

This post is a great example, that a spear phishing attack also works in the offline world. It does not always have to be an e-mail! Thank you to Marc Torke for sharing this. The letter in the picture is claiming to come from an official German court and was sent to a newly founded…

Read More Real world phishing attacks
Cyber Resilience Act (CRA)

Article 14 strikes first: The september 2026 CRA Reporting Deadline
ByStefan Karg 31.03.202631.03.2026

Most CRA conversations I have right now orbit around December 2027. That’s the wrong date to focus on first. Article 14 of the CRA – the reporting obligation for actively exploited vulnerabilities and severe incidents – applies from 11.09.2026. That’s roughly 5 months from now. And 15 months before the rest of the regulation kicks…

Read More Article 14 strikes first: The september 2026 CRA Reporting Deadline
AI

WormGPT and FraudGPT
ByStefan Karg 28.07.202325.08.2025

As with any new technology, the “other side” is trying to figure out how to use it to their advantage. The normal commercial versions of LLMs have barriers built in to prevent the creation of malware code or phishing mails, for example. If you remove these barriers, you get the output that we as security…

Read More WormGPT and FraudGPT
AI

How will AI affect the security of industrial systems?
ByStefan Karg 07.06.202325.08.2025

This excellent talk from RSA Conference 2023 tries to answer this question with what is currently known regarding: A clear recommendation to watch this presentation by Jason Kramer and Dr. Ulrich Lang, CEO to anyone in the OT/ICS industry.

Read More How will AI affect the security of industrial systems?
Vulnerabilities

CVE-2024-3094: xz-utils backdoor
ByStefan Karg 30.03.202425.08.2025

The newly discovered xz-utils backdoor, which was published yesterday (NVD – CVE-2024-3094 (nist.gov)) also affects one of the Linux distributions most used by penetration testers: Kali Linux. ❗Make sure, that you are updating your Kali installations as fast as possible, especially when you updated them before in the time frame between 26.03.2024 and 29.03.2024. 💡For…

Read More CVE-2024-3094: xz-utils backdoor

Similar Posts