From a theoretical scenario to dangerous reality

Since February 2022, cybersecurity threats to railways in the European Union have changed fundamentally: nation-state actors are no longer a theoretical possibility, but a dangerous reality. Russia is trying to sabotage European railways, warns Prague đź’ˇ We therefore need to increase the resilience of the railway system against attacks by very capable attackers with access…

CVE-2024-3094: Why the xz-utils backdoor is more than a technical issue

Despite the Easter holidays, a lot of incredible work was done over the weekend by many researchers analysing the details of the xz-utils backdoor. Some examples are: As the situation unfolds, it is becoming clear that this was not just one of the most sophisticated technical (perhaps the most sophisticated) attempts to introduce a backdoor…

CVE-2024-3094: xz-utils backdoor

The newly discovered xz-utils backdoor, which was published yesterday (NVD – CVE-2024-3094 (nist.gov)) also affects one of the Linux distributions most used by penetration testers: Kali Linux. âť—Make sure, that you are updating your Kali installations as fast as possible, especially when you updated them before in the time frame between 26.03.2024 and 29.03.2024. đź’ˇFor…

Next conference: NĂĽrnberg

Today I’ve registered for attending the “CNA Forum Bahn+BahnTechnik 2024” conference with the title “Unlocking the opportunities of railtech” CNA Forum Bahntechnik | CNA – Center for transportation & logistics Neuer Adler e.V. (c-na.de) My personal focus for the conference will be the topics around the digitalisation of the railways and how to develop the…

Are Bluetooth Headsets Secure in the Era of Remote Work?

Since the onset of the COVID-19 pandemic, the world has seen a significant shift towards remote working. This shift has led to an increase in virtual meetings and, as a result, the use of Bluetooth headsets for convenience. But one question arises – are these Bluetooth headsets secure? To understand the security of a typical…