blog
28.03.2024 Hobby hunter notes: PyPI under attack
When I wrap up at CERT.at, where I mostly work on our notification system (if you’re a network operator in Austria and got a misassigned notification about some security issues – I might have been involved in that), I sometimes change my hat and explore other “cyber”-security areas, especially looking for malicious packages in PyPI, a standard Python package repository. The short summary is: there are a lot of them – but also, don’t panic.
blog
12.09.2023 The European Cyber Shield
The EU has been pushing the concept of the "European Cyber Shield" within the Digital Europe Programme as well as with the proposed "Cyber Solidarity Act".
I've written a paper on how I see this idea and how the Act could be improved.
blog
06.09.2023 A classification of CTI Data feeds
We at CERT.at process and share a wide selection of cyber threat intelligence (CTI) as part of our core mission as Austria’s hub for IT security information. Right now, we are involved in two projects that involve the purchase of commercial CTI. I encountered some varying views on what CTI is and what one should do with the indicators of compromise (IoCs) that are part of a CTI feed.
This blog post describes my view on this topic.