While Hurricane Hilary heads for Mexico and Southern California the world has just seen another security vulnerability named Storm-0558. I guess no-one will ever really know what happened, but from publicly available information the story goes like this: An allegedly Chinese hacker group stole a signing key from tokens within Microsoft Azure Active Directory (MS … More After the Storm
In the middle of August 2022, Andreessen Horowitz, the King Arthur’s knights of venture capital firms, announced that it would provide the highest amount of round A funding for a risk investment in their history ever (up until now): 350 million US Dollars. The recipient is a startup called called Flow. Flow is the new … More He WeWorked, but now he is in the Flow…
Third times a charm… Or so they say. The OpenSource encryption library OpenSSL had its third “major” security vulnerability, which was fixed with a patch available as of November 1, 2022. As per CVE-2022-3786 and CVE-2022-3602 the security vulnerability constitute X.509 email address buffer overflows. 8 years ago it was Heartbleed. This security vulnerability was … More And another OpenSSL security vulnerability
In his regular show on Friday Oct 7, 2022**, German satirist and TV host, Jan Böhmermann, reported about Germany’s Cybersecurity council. The question only is, which one… Turns out we have two: One, which was inaugurated by Germany’s Ministry of Defence. This is a council made up of politicians from Bund and Länder (representatives from … More Germany’s Cybersecurity council(s) or Social Engineering goes organisations*
An analysis based on past behaviour, his autobiography and selected sources I usually write about topics like software and IT security in my blog. However given the geopolitical events, I decided to publish this blog which at least fits into the area of international security. So, who is Vladimir Putin? Vladimir Putin grew up like … More Vladimir Putin: with whom do we have to deal here?
A book about how to start and develop an SAP career, where I am the co-author got published yesterday. I wrote the chapter on how to create a career development plan. Book is in German. Check it out here: https://www.rheinwerk-verlag.de/deine-sap-karriere-einsteigen-skills-entwickeln-durchstarten/
I switched jobs on May 1, 2022, and now work as a Chief Development Architect Security returning to my old strengths. The time as a manager of an Internal Investigations Team investigating cases of fraud, corruption and bribery went by in a whim. If you stretch your mind a little bit, you could still state … More What I learned as an internal fraud investigator?
After a couple of articles on fraud related topics, I decided that it is high time that I publish another article on a security topic, which is dear to my heart. Quantum computing is on the brink of becoming a reality. IBM conducts research and innovation with its system Quantum Eagle. The German government decided … More Quantum computing will soon break current encryption algorithms
After my last blog on Language of a Con Manhttps://wordpress.com/post/gerlindezibulski.com/137 I have been listening to a lot of podcasts mostly on fraud and fraudsters. I will share a list of interesting podcasts, documentaries, and books in a future blog. One of the podcasts however was ABC’s podcast “Truth and Lies” on Jeffrey Epstein, deceased … More More on deviant language
I usually don’t look at cults when analysing fraud, but I was given the recommendation by American friends of mine to check out NXIVM (pronounced NEXIUM), of which I had not heard anything before. More details can be found here for example: https://en.wikipedia.org/wiki/NXIVM. I got curious and subscribed to an additional channel from one of … More Language of a con man – what can be learned from the NXIVM cult
Gerlinde 