Market-Analysis-Driven Methodology for Assessing Charging Station Cybersecurity

Modern charging communication standards for electric vehicles include optional security controls such as TLS-based authentication and encryption. However, with tens of thousands of fast charging points deployed in any given country, individually testing each one for security control support is...

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

An elusive hacker who went by the handle "UNKN " and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer...

A Mysterious Numbers Station Is Broadcasting Through the Iran War

First heard as US and Israeli strikes on Iran began, the shortwave broadcast has since been traced to a US military base in Germany—but its purpose and its operator remain unclear...

Defending the Power Grid by Segmenting the EV Charging Cyber Infrastructure

This paper examines defending the power grid against load-altering attacks using electric vehicle charging. It proposes to preventively segment the cyber infrastructure that charging station operators CSOs use to communicate with and control their charging stations, thereby limiting the impact of...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at the David R. Cheriton School of Computer Science in Waterloo, Ontario, Canada, on January 27, 2026, at 1:30 PM ET. I’m speaking at the Université de Montréal in Montreal, Quebec, Canada, on January 29, 2026, at 4:00...

DEV 7113 RF over Fiber Distribution System 安全漏洞

The DEV 7113 RF over Fiber Distribution System is a chassis from DEV Germany that is used in telecommunications infrastructure. A security vulnerability exists in the DEV 7113 RF over Fiber Distribution System version 32-0078 H.01, which stems from improper access control and could lead to an...

pretix-offlinesales 安全漏洞

pretix-offlinesales is an extension plugin for a ticketing system from pretix Germany. A security vulnerability exists in pretix-offlinesales that stems from an API endpoint that allows access to sensitive files via UUID, which could lead to unauthorized data access...

European Authorities Dismantle €600 Million Crypto Fraud Network in Global Sweep

Nine people have been arrested in connection with a coordinated law enforcement operation that targeted a cryptocurrency money laundering network that defrauded victims of €600 million $688 million. According to a statement released by Eurojust today, the action took place between October 27 and ...

编号撤回

The SICK AG TLOC100-100 is a mobile robot positioning system from SICK Germany. This CVE number has been withdrawn...

EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations

Threat actors have been observed using seemingly legitimate artificial intelligence AI tools and software to sneakily slip malware for future attacks on organizations worldwide. According to Trend Micro, the campaign is using productivity or AI-enhanced tools to deliver malware targeting various...

Link11 Highlights Growing Cybersecurity Risks and Introduces Integrated WAAP Platform

Frankfurt am Main, Germany, 20th August 2025, CyberNewsWire...

PT-2025-33881 · Undefined · Undefined

ParsedReport CompletenessMedium 19-08-2025 The emergence of MountBot, which hides its processes https://blog.nicter.jp/2025/08/mountbot 2025aug/ Report completeness: Medium Threats: Mountbot Rapperbot Socat tool Victims: Iot devices, Online game servers, Minecraft servers, Asus wifi routers,...

New Malware Campaign Uses Cloudflare Tunnels to Deliver RATs via Phishing Chains

A new campaign is making use of Cloudflare Tunnel subdomains to host malicious payloads and deliver them via malicious attachments embedded in phishing emails. The ongoing campaign has been codenamed SERPENTINECLOUD by Securonix. It leverages "the Cloudflare Tunnel infrastructure and Python-based...

SYNCPILOT LIVE CONTRACT 输入验证错误漏洞

SYNCPILOT LIVE CONTRACT is a real-time contract program from SYNCPILOT Germany. A security vulnerability exists in SYNCPILOT LIVE CONTRACT that stems from a path traversal vulnerability in the file download function, which could result in an unauthenticated user downloading an arbitrary file...

Germany Shuts Down eXch Over $1.9B Laundering, Seizes €34M in Crypto and 8TB of Data

Germany's Federal Criminal Police Office aka Bundeskriminalamt or BKA has seized the online infrastructure and shutdown linked to the eXch cryptocurrency exchange over allegations of money laundering and operating a criminal trading platform. The operation was carried out on April 30, 2025,...

Germany Most Targeted Country in Q1 2025 DDoS Attacks

Cloudflare’s Q1 2025 DDoS Threat Report: DDoS attacks surged 358% YoY to 20.5M. Germany hit hardest; gaming and…...

Optimize Application Performance Across Germany with New Berlin Distributed Region

...

Siemens TeleControl Server Basic SQL Injection Vulnerability (CNVD-2025-08601)

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from a SQL injection vulnerability that originates from a SQL injection in the internal method LockTcmSettings, which can be exploited by an attacker to bypass...

WordPress wpShopGermany IT-RECHT KANZLEI plugin <= 2.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin wpShopGermany IT-RECHT KANZLEI versions = 2.0...

OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection

A new malware campaign has been observed leveraging social engineering tactics to deliver an open-source rootkit called r77. The activity, condemned OBSCUREBAT by Securonix, enables threat actors to establish persistence and evade detection on compromised systems. It's currently not known who is...