LAGEBILD CYBER SECURITY 2025
Save Your Seat
Diese Zertifizierung durch das Bundesamt für Sicherheit in der Informationstechnik (BSI) erweitert die globale Sicherheit von Check Points Sicherheitsplattform und unterstützt den vertrauenswürdigen Einsatz in Umgebungen mit hohem Sicherheitsstandard in mehr als 30 Ländern. Check ...
Cybersecurity is rapidly growing with DevSecOps, Cloud Security, and Cryptography becoming key integrations in order to meet new challenges. The research studie
Der Rohbau des neuen Forschungszentrums für IT-Sicherheit an der TU Graz wurde Ende März 2025 fertiggestellt. Die Inbetriebnahme ist für März 2026 vorgesehen.
Introduction Imagine a world where even the most secure data can be cracked open like a candy...
(Bild: KI-Generiert / DALL-E) Der Cyber Resilience Act stellt IoT-Entwickler vor komplexe Herausforderungen bei der Umsetzung von Cybersicherheit. Wie können Unternehmen die strengen Vorschriften erfüllen, welche Lösungen bieten echte Unterstützung und welche Rolle spielen unabhängige Prüfungen?
(Bild: Dall-E / KI-generiert) Microsofts Sicherheitsupdate im April 2025 schließt eine Windows-Schwachstelle, offenbart jedoch eine neue, möglicherweise schwerwiegende Sicherheitslücke.
©ADN Konzentrierten sich Sicherheitsstrategien früher stark auf Soft- und Hardware von Unternehmen, müssen heute längst Faktoren wie die Cloud, Drittanbieter, IoT, soziale Netzwerke und vor allem der Mensch als Schwachstelle einbezogen werden. Hinzukommt, dass laut KPMG immer mehr Unternehmen die Komplexität und Kosten ihrer Technologien reduzieren wollen. Das stellt auch Partner vor Herausforderungen, in einer regelrechten Flut […]
Smarthome-Anwendungen wie vernetzte Küchengeräte, eine automatische Lichtsteuerung oder sprachgesteuerte digitale Assistenten finden sich in immer mehr Wohnungen. Bei allem Komfort bietet die smarte Technik jedoch auch ein Einfallstor für Cyberkriminelle.
Der LevelBlue Futures Report 2025 zeigt, dass nur 29 Prozent der Führungskräfte auf KI-gestützte Bedrohungen vorbereitet sind – obwohl fast die Hälfte davon ausgeht, dass sie auftreten werden.
Die fortschreitende Digitalisierung treibt die Vernetzung in der Automobilindustrie immer weiter voran. CYKEN hat dazu OEMs und Tier‑1‑Zulieferer befragt und zentrale Trends und Herausforderungen im Automotive Cybersecurity-Management ermittelt. Die Ergebnisse sind alarmierend: Cyberangriffe auf Hersteller und Zulieferer verursachten
Weiterlesen →
Chitchanok Chuengsatiansup ist Ende 2024 von der University of Melbourne an die Universität Klagenfurt gewechselt, um hier weiter an optimierten kryptographischen Codes zu arbeiten, die mehrere Ziele gewährleisten: Während die […]
Already supporting multiple enterprise clients, including Fortune 500 companies, Terra Security plans to use the funding to enhance its AI-driven penetration testing agents, improve platform functionality, and expand its global customer base
PQShield's UltraPQ-Suite allows companies across the global technology supply chain to adapt to new post-quantum cryptography (PQC) standardsThe products offer an unparalleled range of IP for
Wie funktionieren Ransomware-as-a-Service (RaaS) Modelle? Lesen Sie über die Bedrohungen durch DragonForce und Anubis.
(Bild: TetateaX/stock.adobe.com via KIT) Neue Algorithmen zum Schlüsselabgleich sollen Quantenresistenz mit Standardhardware bieten, so ein Karlsruher Forscherteam nach einer Demonstration in München. Die Technologie könne binnen fünf Jahren global eingesetzt werden.
Der Global Cyber Attack Report von Check Point zeigt eine starke Zunahme der Cyber-Angriffe in Östrreich – mit 69 Prozent ein stärkeres Wachstum als weltweit (47 Prozent). Global sind besonders Ransomware-Angriffe mit einem Anstieg von 126 Prozent durch die Decke gegangen.
Experten warnen, dass Cyberattacken durch die globalen Spannungen deutlich zunehmen könnten. Besonders in den USA schlagen Cyber-Fachleute Alarm.
Enterprise AI use has surged over 3,000%, with ChatGPT dominating but also being the most-blocked app due to security concerns, says Zscaler report.
AI is no longer the technology of tomorrow; it’s today’s most pressing business opportunity. According to recent findings from Semarchy, an overwhelming 75% of organisations plan to invest in AI technologies in 2025 alone. This surge in interest reflects AI’s potential to transform operations, streamline decision-making, and unlock new competitive advantages. But with this accelerated
Is Arista Networks Inc (ANET) the Best Edge Computing Stock to Buy According to Hedge Funds? We recently published a list of 13 Best Edge Computing …
The case for quantitative thinking in cyber risk
The exponential rise in cyberthreats has rendered malware detection a crucial component of cybersecurity. Traditional signature-based detection technologies are insufficient for combating emerging threat vectors, as increasingly complex malware targets sensitive systems. Machine learning techniques have emerged as a viable alternative for the precise detection and classification of malware through data-driven insights. This study presents a comprehensive malware detection system that combines Convolutional Neural Networks (CNN) with sophisticated machine learning (ML) methodologies, including ensemble techniques like Random Forest and Gradient Boosted Decision Trees. To rectify class imbalance and enhance model performance, the framework utilizes extensive preprocessing methods, including SMOTE. The Random Forest achieved the highest accuracy of 97.4%, followed by Gradient Boosted Decision Trees at 96.7%; the CNN demonstrated competitive performance at 95.0%. Dynamic API call sequences were identified as essential elements for precise classification. The proposed technique significantly reduces false negatives, hence ensuring improved protection against malicious software and enhancing recall. This research provides a scalable framework for future malware detection systems and demonstrates how machine learning may enhance cybersecurity protocols.
The integration of smart devices and advanced communication infrastructure has turned power systems into cyber-physical systems (CPS), introducing cyber vulnerabilities. One such vulnerability arises from the use of the address resolution protocol (ARP), which is commonly employed in power systems’ information technology (IT) infrastructure to assign internet protocol (IP) addresses to devices such as relays, controllers, and meters. Due to the lack of authentication in ARP, attackers can exploit it to infiltrate substation automation systems (SAS). To detect and locate ARP spoofing attacks, a novel network intrusion detection system (NIDS) was developed using Snort3, TShark, and Python scripts to monitor ARP broadcast messages. This detection method was tested on a dedicated, real-time multi-agent CPS testbed, where a microgrid is simulated as the physical layer using a real-time digital simulator (RTDS). While the cyber layer consists of a multi-agent control implemented in a graphical network simulator (GNS3) together with Raspberry Pi devices. The real-time operator’s view is developed in Grafana visualization, mimicking the real-life microgrid operation. Two common practical ARP attacks, known as man-in-the-middle (MITM) and false data injection (FDI) attacks, were conducted to evaluate the performance of the proposed NIDS method. Both MITM and FDI attacks were implemented using IT network testing tools, such as Ettercap and the Scapy library in Python. The results have shown that the proposed NIDS system can detect, localize, and publish the IP address of the attacker in both MITM and FDI attack scenarios. In addition, the impact analysis results indicated that for an identical malicious payload, the FDI attack is more severe when compared to MITM due to intermittent nature of false data injection.
In the face of increasingly complex IoT environments and increasing data volumes, existing encryption algorithms still need to be further optimized in terms of the balance between efficiency and security. For embedded systems, their hardware resources are limited, and the current optimization strategies still have shortcomings in improving system performance, reducing power consumption and enhancing system stability. In this study, the optimization strategy of encryption algorithm and embedded system based on IoT security is studied. Designed for lightweight encryption algorithms and deployed in embedded systems, it aims to balance the security and performance of IoT devices and provide users with a seamless and reliable service experience. In this study, three encryption algorithms, AES-Light, SPECK and SIMON, were selected and compared on ARM Cortex-M series microcontrollers. Experiments show that the SPECK algorithm leads with its excellent encryption and decryption rate, which is 15% faster than AES-Light, while the power consumption of SIMON is reduced by 20%. Based on this, preferred encryption schemes suitable for different IoT scenarios are established. In addition, in order to overcome the limitation of fixed encryption settings in a dynamic network environment, this project proposes an adaptive encryption strength adjustment strategy. By monitoring the risk level of the equipment in real-time and automatically optimizing the encryption parameters, the security guarantee is improved by 30% in high-risk situations while avoiding unnecessary computing overhead in low-risk scenarios, improving the overall efficiency by more than 15%, and significantly enhancing the intelligence and adaptability of IoT systems.