Typosquatting is a popular method using similarly looking names to draw people into malicious content – such as phishing websites or fake software packages. It leverages our “brain optimization” that matches what we see with what we already know – even if it’s not exactly the same. I haven’t installed any shady software, but it’s still a good example how easily our brain could be used against us by utilizing our biases.

As I’ve written here, the EU unveiled a roadmap for addressing the encryption woes of law enforcement agencies in June 2025. As a preparation for this push, a “High-Level Group on access to data for effective law enforcement” has summarized the problems for law enforcement and developed a list of recommendations. Let’s have a look at this report.

There are some new developments in the EU policy sphere. Here are the main points.

We will get reports under the Cyber Resilience Act concerning actively exploited vulnerabilities of products with digital elements. When should a national CSIRT delay the dissemination of such reports to other CSIRTs in the CSIRTs Network?

On Friday, April 10th, Fortinet released information about a worldwide compromise of FortiGate devices, giving the attacker persistent read-only access. Threat actors seemingly used three known vulnerabilities in the SSL VPN feature to gain initial access to the devices and a symbolic link in the file system to survive patching of FortiOS.

The EU is revising the 2017 Cybersecurity blueprint. Here is my take on the proposal.

What can the history of file sharing tell us about the prospects of chat control legislation?

It might be a helpful abstraction to view LLMs as a compression/de-compression algorithm that can utilize an enormous storage of knowledge to make the process much more efficient, as long as you accept the fact that this a very lossy compression which only preserves the core concepts contained in the input but is free to change the representation of this information content. And, of course, it is prone to make wrong associations and hallucinate content.

How did our tool for “get situational awareness by asking the constituency questions” perform during the KSÖ exercise last week?

Not just the seasons, or my attempts to appear in the office in an outfit other than holey conference shirts, shorts and Birkenstock slippers that are cyclical. The desire of politicians for a "government trojan" or surveillance of digital communication seemingly follows a constant rhythm as well - and apparently it's that time again. Federal Chancellor Karl Nehammer is making the surveillance of digital communication a fixed condition for a future political coalition.