Is there an after one seems to wonder? Although the major hardware vendors have shipped fixes or new chips closing these vulnerabilities, new findings seem to appear every so often. One also wonders how the hardware vendors closed these vulnerabilities as some cases required a major architectural change, which could only be accomplished with new … More After Spectre and Meltdown – what now?
In this linked article where an NSA employee gives advice on how to keep your systems secure, it should become crystal clear that you have to keep your security patching up-to-date. According to the quotes in the article even security vulnerabilities that existed only for hours on a system can be exploited by adversaries. So … More How to keep your systems secure? – Always implement the latest security patch as soon as possible
You have a system that has long been out of maintenance. Although you might have implemented up to latest available patch and everything’s running smoothly, there is no beating around the bush: Your system is insecure. The software vendors as well as security researchers will have found security vulnerabilities that are getting fixed in higher releases, … More Your system or application is definitely insecure, if…
When I studied at University one of my professors would always say, that we have to get a feel for trouble to succeed in life. (In German: “Sie müssen immer Störgefühle bekommen”.) Others would call it follow your intuition or get a hunch, but whatever you want to name it, one of the most prominent … More Social Engineering is alive and kicking
We seem to hear about a major data breach at a company on a daily basis. Either the media is reporting more or the number of publicly known attacks rises or both. What can we learn from these reports? It is always data and application that adversaries are after. Although this is a no-brainer, we … More Internet pillory – what we need to learn from the Ashley Madison hack