.png)
Publications
"I am very pleased to have been selected as a cybersecurity expert by the Basler Zeitung for an interview about the hack of the Basel Department of Education. It is important that we are aware of how big the threat of cyber attacks is and how we protect ourselves against them As experts, our job is to help companies and organizations protect their digital assets."
As Industry 4.0 continues to revolutionize manufacturing processes through digital transformation, the emergence of sophisticated cyber threats poses a significant risk to its integrity and security. One such threat gaining attention is the Pipedream Malware Toolkit, a versatile framework designed to target programmable logic controllers (PLCs) and industrial control systems (ICS).
In the ever-shifting realm of cybersecurity, organizations struggle with increasingly complicated challenges. Security threats morph in sophistication, often evading detection. As organizations strive to implement novel security controls, the complexity deepens. Advanced Persistent Threats (APTs) and insider attacks further complicate the task of security staff in identifying and mitigating risks. IT and OT Security staff find themselves stretched thin, managing an array of security technologies, highlighting the need for an integrated solution.
Amidst the giants of the search engine world, there exists an entity that has garnered the attention and concern of cybersecurity professionals worldwide: Shodan. Its reputation? Cataloging the vast array of connected devices, exposing the soft underbelly of our interconnected world.
The rapid advancement of artificial intelligence (AI) has introduced a new realm of possibilities, both positive and negative. Among the concerns surrounding AI's potential dark side, tools like WormGPT have emerged, capable of being leveraged for illegal activities. This article explores the potential risks associated with hackers leveraging WormGPT for developing sophisticated malware, highlights the limitations of classical antivirus systems and emphasizes the importance of Endpoint Detection and Response (EDR) managed by a Security Operations Center (SOC) for comprehensive threat analysis and proactive response.
In the increasingly digital landscape of education, schools are facing a rising wave of targeted cyberattacks. Hackers specifically target educational institutions due to the integration of technology in teaching and the valuable data they possess.......
In 2015, a team of researchers demonstrated a remote hacking attack on a Jeep Cherokee, emphasizing the vulnerabilities present in modern vehicles. The researchers were able to remotely exploit a vulnerability in the vehicle's infotainment system, gaining access to its Controller Area Network (CAN bus) and taking control of critical functions........
Ransomware attacks have emerged as a significant cybersecurity threat, targeting businesses of all sizes and sectors. Ransomware is a malicious software designed to encrypt files on a victim's computer or network, rendering them inaccessible until a ransom is paid. It is typically delivered through various means such as phishing emails, malicious downloads, or exploiting software vulnerabilities. Once infected, the victim receives instructions demanding a payment, often in cryptocurrency, in exchange for a decryption key to regain access to their files.
Behind these attacks are organized ransomware groups that operate with well-defined roles, responsibilities, and processes. This article aims to provide insights into the inner workings of ransomware groups that specifically target companies, shedding light on their organizational structure and operational procedures.
Recently, the education department of the Swiss city of Basel Stadt suffered a cyber attack at the hands of the hacker group known as BianLian. The attack resulted in the group being able to access and exfiltrate sensitive data from the department, and later published the data on the internet. The incident has caused widespread concern in the region and has highlighted the growing threat of cybercrime.
As cybersecurity threats continue to evolve, Security Operations Centers (SOCs) have become increasingly critical in safeguarding organizations against cyber attacks. SOC teams are responsible for monitoring and responding to security events around the clock, but the volume of alerts and incidents can quickly become overwhelming without the right tools and processes in place.
One key tool that can help SOC teams manage their workload effectively is a ticketing system. In this article, I will share my experience about the importance of a ticketing system in a SOC, the challenges and opportunities it presents, and how it can be integrated with a Security Information and Event Management (SIEM) system to enhance SOC operations.
As a cybersecurity professional, I've built and led two different Security Operations Centers (SOCs) and seen firsthand the challenges SOCs are facing in keeping their organizations secure from increasingly complex and sophisticated cyber threats. SOC teams often turn to Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) solutions to address these challenges.
Every cyberattack is unique. But at the same time, many hackers follow observable patterns. Therefore, it is of utmost importance for companies to recognize these indicators early. This means: to know, what hackers plan, what they do, and which methods they use. Exactly here is where intelligence becomes important.
For some time now, the situation surrounding the spread of Covid-19 (alias the "Corona Virus") has been persistent in all news channels. The need for information is huge – of course, why not? People want to know how to protect themselves and their families, how best to prevent infection and what to do in the event of an actual infection. It is well known that the fear of people can (unfortunately!) be used to make fast and a lot of money. At the moment not only the Covid-19-Virus is spreading, but also one or the other new scam, all around the topic "Corona".
