For various reasons I wasn’t able to write a summary for 2023. But if I had known then what to expect in 2024 with the current xz/liblzma1, I would have written a modified version of Wilhelm Hey’s “Alle Jahre wieder”2 instead of the recap. As for the vulnerability itself, there are already a number of blogs on the subject, the best known being by Evan Boehs3 and Bruce Schneier4. My two cents? Read more...

Recently I have been asked a lot about AI-related topics and what I think about them. Some time ago I wrote a blog post about chatGPT and it’s view on OT security (ChaDGPT on Cyber Security). Of course, the hype around AI hasn’t stopped since then, and we still seem to be on the hype train, with new information flooding social media every week. My conclusion at that time was the following: Read more...

In today’s digital age, where data breaches and cyber attacks have become all too common, ensuring robust cybersecurity measures is crucial for the survival and reputation of any company. However, despite the growing awareness and the staggering costs associated with breaches, many organizations continue to struggle in establishing effective cybersecurity frameworks. So, why is it so hard for companies to have good cybersecurity in place? This blog post highlights some of the complex challenges that businesses face when it comes to safeguarding their digital assets. Read more...

Am 19. und 20. April findet die Potsdamer Sicherheitskonferenz statt. Die Themen reichen vom Schutz kritischer Infrastrukturen, über Cyberwar bis hin zu Cybersicherheit und Digitale Souveränität. Über letzteren Punkt möchte ich vorab einige Worte schreiben, die aus meiner Sicht relevant sind und hoffentlich teilweise zur Ansprache kommen. In einer Zeit, in der wir immer mehr unserer persönlichen und geschäftlichen Informationen online teilen und unsere Abhängigkeit von Technologie zunimmt, wird die Bedeutung von Cybersicherheit und digitaler Souveränität immer größer. Read more...

2023 is here and the thought about writing some best practices about “Staying Safe on Public WiFi” strucked me while connected to a public WiFi. As convenient as it is to connect to free public WiFi when we’re on the go, it’s important to remember that these networks can also be a security risk. Hackers and cybercriminals often target public WiFi networks because they are more vulnerable to attacks. Here are some tips for staying safe on public WiFi. Read more...

The year 2022 is coming to it’s end and since I got some spare time, might as well write my personal recap. log4j and ransomeware When log4j got public attention in the beginning of 2022 (altough it got discovered in the end of 2021) the IT world was in panic and patch mode. Administrators worked overtime and Security Professionals had their hands full with consultancy and a lot of mail + paperwork. Read more...

What is a red team? A red team is a group of individuals who use their skills and expertise to challenge and test the effectiveness of an organization’s plans, processes, and systems. The term “red team” comes from the concept of “red teaming” which is a form of structured, independent analysis and evaluation that is designed to identify weaknesses and vulnerabilities in an organization’s plans, systems, and operations. Red teams are typically composed of experts in a variety of fields, including security, engineering, risk management, and operations. Read more...

There is always the year of “X”, like the year of the linux desktop :P And it seems that 2022 is the year of stable diffusion1 and openAI. After This introduction, the following sections are based on the output of ChatGPT2, or as I like to call it: ChaDGPT. It’s capabilities are more than impressive, but see for yourself… What is AI? Artificial intelligence (AI) has its roots in the field of computer science, which emerged in the 1940s. Read more...

TIBER1 (Threat Intelligence-Based Ethical Red Teaming) is a framework to assess the cybersecurity resilience of financial institutions. TIBER tests are designed to simulate real-world cyber threats and attacks, and are intended to help financial institutions identify and address weaknesses in their cybersecurity posture. A quick how to Here are some general guidelines for how TIBER tests can be best executed: Identify the scope of the test: TIBER tests should be focused on a specific aspect of an organization’s cybersecurity posture, such as its network, applications, or processes. Read more...

Although it’s just September yet, it feels like the year is almost over with all the stuff there is to do. The CISSP with 90 days left until the exam is almost around the corner and a lot of other private stuff is still in the making. Cleaning, Clearing, Erasing, Purging, Degaussing and Destruction The thought for this blogpost originated when I put my old server racks in the car for destruction. Read more...