Log4Shell, a vulnerability in the Java application logging framework Log4J has been called the worst security vulnerability ever. Is that just the usual hype, though? Or why haven't we seen the forecast large scale exploitation of this bug? Is there something more sinister at play here?
Pegasus isn't new. Anyone in the field has known about NSO Group's spyware and its use against politicians, activists and journalists for half a decade. What's worth discussing, though, is how the topic has been ignored for so long. Both by the press and by iPhone maker Apple.
The US President says it's likely that hacker attacks will lead to a real war and that is something that scares me a lot.
Let's talk about ransomware. Ransomware is not the problem. People being lazy is the problem.
After talking about a hack that was caused by Microsoft's cloud email service last week, we now look at the next infosec disaster in recent months: How Microsoft stood by as hundreds of thousands of their customers' on-premise Exchange mail servers got breached and totally owned.
Analysing the SolarWinds hacker attack, which has been called the largest data breach the world has ever seen. Was it actually that bad? I'm trying to put it in perspective and discuss some aspects that have been neglected by much of the mainstream coverage.
What is cyber war? Who engages in it, what consequences does it have? What's the difference to everyday hacker attacks? And does it actually exist?