Sven Herpig
@z-edian.bsky.social
Once wrote a "sensible policy blueprint" on active cyber defense
Currently: operational parameters of Chinese cyber campaigns & all things vulnerability disclosure
Formerly German government
https://github.com/z-edian/publications
Avatar @midjourney
Currently: operational parameters of Chinese cyber campaigns & all things vulnerability disclosure
Formerly German government
https://github.com/z-edian/publications
Avatar @midjourney
Sneak peek into our upcoming paper on [working title]:
Assessing Irresponsibility in Cyber Operations
A Guide for Operators and Decision-Makers in Times of Strategic Competition
#cybersecurity #PRC #China #CyberOperations
Assessing Irresponsibility in Cyber Operations
A Guide for Operators and Decision-Makers in Times of Strategic Competition
#cybersecurity #PRC #China #CyberOperations
September 25, 2025 at 7:39 AM
Sneak peek into our upcoming paper on [working title]:
Assessing Irresponsibility in Cyber Operations
A Guide for Operators and Decision-Makers in Times of Strategic Competition
#cybersecurity #PRC #China #CyberOperations
Assessing Irresponsibility in Cyber Operations
A Guide for Operators and Decision-Makers in Times of Strategic Competition
#cybersecurity #PRC #China #CyberOperations
Im Podcast "Cybersecurity ist Chefsache" habe ich mit Nico über Aktive Cyberabwehr in Deutschland gesprochen.
Hier geht es zum Podcast: www.youtube.com/watch?v=g6SP...
Hier geht es zum Podcast: www.youtube.com/watch?v=g6SP...
Hackback: Digitale Selbstverteidigung oder gefährliches Spiel mit dem Feuer?
YouTube video by Cybersecurity ist Chefsache
www.youtube.com
March 3, 2025 at 12:40 PM
Im Podcast "Cybersecurity ist Chefsache" habe ich mit Nico über Aktive Cyberabwehr in Deutschland gesprochen.
Hier geht es zum Podcast: www.youtube.com/watch?v=g6SP...
Hier geht es zum Podcast: www.youtube.com/watch?v=g6SP...
One person's backdoor is another person's fucked up update mechanism connecting to a random university's server in #China.
Oh #cybersecurity, you never seize to amaze me.
www.bleepingcomputer.com/news/securit...
Oh #cybersecurity, you never seize to amaze me.
www.bleepingcomputer.com/news/securit...
Backdoor found in two healthcare patient monitors, linked to IP in China
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that Contec CMS8000 devices, a widely used healthcare patient monitoring device, include a backdoor that quietly sends patient...
www.bleepingcomputer.com
February 12, 2025 at 9:01 AM
One person's backdoor is another person's fucked up update mechanism connecting to a random university's server in #China.
Oh #cybersecurity, you never seize to amaze me.
www.bleepingcomputer.com/news/securit...
Oh #cybersecurity, you never seize to amaze me.
www.bleepingcomputer.com/news/securit...
Update about #offensive #Chinese #cyber activities.
Mastodon: infosec.exchange/@z_edian/113...
LinkedIn: www.linkedin.com/posts/dr-sve...
#cybersecurity #PRC #China #threat #APT
Mastodon: infosec.exchange/@z_edian/113...
LinkedIn: www.linkedin.com/posts/dr-sve...
#cybersecurity #PRC #China #threat #APT
December 23, 2024 at 12:31 PM
Update about #offensive #Chinese #cyber activities.
Mastodon: infosec.exchange/@z_edian/113...
LinkedIn: www.linkedin.com/posts/dr-sve...
#cybersecurity #PRC #China #threat #APT
Mastodon: infosec.exchange/@z_edian/113...
LinkedIn: www.linkedin.com/posts/dr-sve...
#cybersecurity #PRC #China #threat #APT
Aus der Tagesspiegel Background Cybersecurity-Reihe "Cybersicherheit - Forschung & Behörden: Was 2024 wichtig war – und wir uns für 2025 vornehmen sollten".
Link (Paywall): background.tagesspiegel.de/it-und-cyber...
Link (Paywall): background.tagesspiegel.de/it-und-cyber...
December 19, 2024 at 9:01 AM
Aus der Tagesspiegel Background Cybersecurity-Reihe "Cybersicherheit - Forschung & Behörden: Was 2024 wichtig war – und wir uns für 2025 vornehmen sollten".
Link (Paywall): background.tagesspiegel.de/it-und-cyber...
Link (Paywall): background.tagesspiegel.de/it-und-cyber...
December 12, 2024 at 1:25 PM
Chinese APTs Behaving Badly
"We have no idea why attackers would do this or what benefit they would get from torching their victims’ infrastructure."
Via news.risky.biz/fcc-to-deman...
"We have no idea why attackers would do this or what benefit they would get from torching their victims’ infrastructure."
Via news.risky.biz/fcc-to-deman...
December 12, 2024 at 11:36 AM
Chinese APTs Behaving Badly
"We have no idea why attackers would do this or what benefit they would get from torching their victims’ infrastructure."
Via news.risky.biz/fcc-to-deman...
"We have no idea why attackers would do this or what benefit they would get from torching their victims’ infrastructure."
Via news.risky.biz/fcc-to-deman...
Ein paar kurze Punkte zur neuen Formulierungshilfe zum NIS-2-Umsetzungs- und Cybersicherheitsstärkungsgesetzes (NIS2UmsuCG) basierend auf meiner schriftlichen Stellungnahme für die Sachverständigenanhörung im Innenausschuss.
www.linkedin.com/feed/update/...
www.linkedin.com/feed/update/...
December 12, 2024 at 9:00 AM
Ein paar kurze Punkte zur neuen Formulierungshilfe zum NIS-2-Umsetzungs- und Cybersicherheitsstärkungsgesetzes (NIS2UmsuCG) basierend auf meiner schriftlichen Stellungnahme für die Sachverständigenanhörung im Innenausschuss.
www.linkedin.com/feed/update/...
www.linkedin.com/feed/update/...
Reposted by Sven Herpig
From now on, every time there is a new proposal to backdoor e2ee apps, we're just going to point to this, right?
www.nbcnews.com/tech/securit...
www.nbcnews.com/tech/securit...
U.S. officials urge Americans to use encrypted apps amid cyberattack that exposed live phone calls
Officials from the FBI and CISA said it was impossible to predict when the telecommunications companies would be fully safe from interlopers.
www.nbcnews.com
December 4, 2024 at 1:35 AM
From now on, every time there is a new proposal to backdoor e2ee apps, we're just going to point to this, right?
www.nbcnews.com/tech/securit...
www.nbcnews.com/tech/securit...
Hot off the virtual press: our new publication, 'Vulnerability Disclosure: Guiding Governments from Norm to Action', is now available!
Check it out here:: www.interface-eu.org/publications...
#cybersecurity #vulnerability #disclosure
Check it out here:: www.interface-eu.org/publications...
#cybersecurity #vulnerability #disclosure
December 4, 2024 at 11:54 AM
Hot off the virtual press: our new publication, 'Vulnerability Disclosure: Guiding Governments from Norm to Action', is now available!
Check it out here:: www.interface-eu.org/publications...
#cybersecurity #vulnerability #disclosure
Check it out here:: www.interface-eu.org/publications...
#cybersecurity #vulnerability #disclosure
Noch einmal schlafen ;)
December 2, 2024 at 8:42 PM
Noch einmal schlafen ;)
Reposted by Sven Herpig
Hey everyone, INC Ransom has added A CHILDREN’S HOSPITAL to their list of victims.
Your periodic reminder that people who carry out ransomware attacks are worthless pieces of shit who deserve no mercy.
Your periodic reminder that people who carry out ransomware attacks are worthless pieces of shit who deserve no mercy.
According to https://ransomware.live, incransom ransomware group has added NHS Alder Hey to its victims.
November 28, 2024 at 5:03 PM
Hey everyone, INC Ransom has added A CHILDREN’S HOSPITAL to their list of victims.
Your periodic reminder that people who carry out ransomware attacks are worthless pieces of shit who deserve no mercy.
Your periodic reminder that people who carry out ransomware attacks are worthless pieces of shit who deserve no mercy.
"Governments could build collaborative programs that bring together AI research institutions and cybersecurity researchers to ensure adequate expertise is dedicated to identifying and remediating security vulnerabilities."
www.aipolicyperspectives.com/p/securing-ai
#AI #vulnerabilities
www.aipolicyperspectives.com/p/securing-ai
#AI #vulnerabilities
Securing AI
Lessons from cybersecurity
www.aipolicyperspectives.com
November 28, 2024 at 9:32 AM
"Governments could build collaborative programs that bring together AI research institutions and cybersecurity researchers to ensure adequate expertise is dedicated to identifying and remediating security vulnerabilities."
www.aipolicyperspectives.com/p/securing-ai
#AI #vulnerabilities
www.aipolicyperspectives.com/p/securing-ai
#AI #vulnerabilities
"We believe this is the first public example of an AI agent finding a previously unknown exploitable memory-safety issue in widely used real-world software."
googleprojectzero.blogspot.com/2024/10/from...
#cybersecurity #machinelearning #AI #vulnerabilities
googleprojectzero.blogspot.com/2024/10/from...
#cybersecurity #machinelearning #AI #vulnerabilities
From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code
Posted by the Big Sleep team Introduction In our previous post, Project Naptime: Evaluating Offensive Security Capabilities of Large L...
googleprojectzero.blogspot.com
November 28, 2024 at 9:29 AM
"We believe this is the first public example of an AI agent finding a previously unknown exploitable memory-safety issue in widely used real-world software."
googleprojectzero.blogspot.com/2024/10/from...
#cybersecurity #machinelearning #AI #vulnerabilities
googleprojectzero.blogspot.com/2024/10/from...
#cybersecurity #machinelearning #AI #vulnerabilities
"To protect our nation’s digital infrastructure, we must adopt a “See Something, Say Something” mindset in #cybersecurity. When researchers report #vulnerabilities or evidence of breaches, organizations should engage them as partners rather than adversaries."
www.cisa.gov/news-events/...
www.cisa.gov/news-events/...
Engaging with Security Researchers: Embracing a “See Something, Say Something” Culture | CISA
www.cisa.gov
November 28, 2024 at 9:08 AM
"To protect our nation’s digital infrastructure, we must adopt a “See Something, Say Something” mindset in #cybersecurity. When researchers report #vulnerabilities or evidence of breaches, organizations should engage them as partners rather than adversaries."
www.cisa.gov/news-events/...
www.cisa.gov/news-events/...
"Between 2023 and 2024, more than 35 advisories [...] concerned zero-day vulnerabilities exploited by Chinese threat actors. These account for 41% of all advisories with a high or very high threat level"
research.cert.orangecyberdefense.com/hidden-netwo...
#Cybersecurity #China #Vulnerabilities
research.cert.orangecyberdefense.com/hidden-netwo...
#Cybersecurity #China #Vulnerabilities
Orange Cyberdefense CERT Threat Research: The hidden network map
research.cert.orangecyberdefense.com
November 28, 2024 at 9:05 AM
"Between 2023 and 2024, more than 35 advisories [...] concerned zero-day vulnerabilities exploited by Chinese threat actors. These account for 41% of all advisories with a high or very high threat level"
research.cert.orangecyberdefense.com/hidden-netwo...
#Cybersecurity #China #Vulnerabilities
research.cert.orangecyberdefense.com/hidden-netwo...
#Cybersecurity #China #Vulnerabilities
"Rapid exploitation of 0day vulnerabilities is the new normal"
news.risky.biz/the-plas-cyb...
#Vulnerabilities #Cybersecurity #CVD #0Day
news.risky.biz/the-plas-cyb...
#Vulnerabilities #Cybersecurity #CVD #0Day
The PLA's Cyber Operations Go Dark
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation.
You can hear a...
news.risky.biz
November 28, 2024 at 9:01 AM
"Rapid exploitation of 0day vulnerabilities is the new normal"
news.risky.biz/the-plas-cyb...
#Vulnerabilities #Cybersecurity #CVD #0Day
news.risky.biz/the-plas-cyb...
#Vulnerabilities #Cybersecurity #CVD #0Day
"Nowadays, the MSS is the big kahuna and, since 2021, has been linked to the majority of cyber operations attributed to the PRC."
"PLA has been retasked to directly support military operations."
news.risky.biz/the-plas-cyb...
#China #Cybersecurity #CyberCampaigns
"PLA has been retasked to directly support military operations."
news.risky.biz/the-plas-cyb...
#China #Cybersecurity #CyberCampaigns
The PLA's Cyber Operations Go Dark
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. It's supported by Lawfare with help from the William and Flora Hewlett Foundation.
You can hear a...
news.risky.biz
November 28, 2024 at 8:59 AM
"Nowadays, the MSS is the big kahuna and, since 2021, has been linked to the majority of cyber operations attributed to the PRC."
"PLA has been retasked to directly support military operations."
news.risky.biz/the-plas-cyb...
#China #Cybersecurity #CyberCampaigns
"PLA has been retasked to directly support military operations."
news.risky.biz/the-plas-cyb...
#China #Cybersecurity #CyberCampaigns
"Liminal Panda, an advanced persistent threat (APT) hyper-focused on gathering intelligence from telecommunications networks."
www.darkreading.com/threat-intel...
#China #Cybersecurity #APT
www.darkreading.com/threat-intel...
#China #Cybersecurity #APT
China's Liminal Panda APT Attacks Telcos, Steals Data
In US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering SMS messages, unique identifiers, and other metadata along the ...
www.darkreading.com
November 28, 2024 at 8:54 AM
"Liminal Panda, an advanced persistent threat (APT) hyper-focused on gathering intelligence from telecommunications networks."
www.darkreading.com/threat-intel...
#China #Cybersecurity #APT
www.darkreading.com/threat-intel...
#China #Cybersecurity #APT
Reposted by Sven Herpig
I wrote a very timely introduction to digital security for journalists for @gijn.org, this guidance may also apply to activists, lawyers, and anyone else doing at-risk work these days. gijn.org/resource/int...
Introduction to Investigative Journalism: Digital Security
Digital security may seem a little daunting at first, but increased security will help investigative journalists build trust with — and protect — current and future sources.
gijn.org
November 27, 2024 at 11:39 AM
I wrote a very timely introduction to digital security for journalists for @gijn.org, this guidance may also apply to activists, lawyers, and anyone else doing at-risk work these days. gijn.org/resource/int...
Reposted by Sven Herpig
If you're afraid of the NSA or some Russian group abusing vulnerabilities on your computer, think again.
Game developers are the real threats, and they'll proudly boast about installing rootkits on your system; just so they can make sure that their games run at 15FPS.
Game developers are the real threats, and they'll proudly boast about installing rootkits on your system; just so they can make sure that their games run at 15FPS.
November 25, 2024 at 6:29 PM
If you're afraid of the NSA or some Russian group abusing vulnerabilities on your computer, think again.
Game developers are the real threats, and they'll proudly boast about installing rootkits on your system; just so they can make sure that their games run at 15FPS.
Game developers are the real threats, and they'll proudly boast about installing rootkits on your system; just so they can make sure that their games run at 15FPS.
Hosting "my" first #UnitedNations side event in #NewYork in Dec 3. Topic: #Vulnerability Disclosure.
Big thank you to our partners, the @cyberseccenter.bsky.social and the German Ministry of Foreign Affairs.
More info: unodaweb-meetings.unoda.org/public/2024-...
#cybersecurity
Big thank you to our partners, the @cyberseccenter.bsky.social and the German Ministry of Foreign Affairs.
More info: unodaweb-meetings.unoda.org/public/2024-...
#cybersecurity
unodaweb-meetings.unoda.org
November 24, 2024 at 12:13 PM
Hosting "my" first #UnitedNations side event in #NewYork in Dec 3. Topic: #Vulnerability Disclosure.
Big thank you to our partners, the @cyberseccenter.bsky.social and the German Ministry of Foreign Affairs.
More info: unodaweb-meetings.unoda.org/public/2024-...
#cybersecurity
Big thank you to our partners, the @cyberseccenter.bsky.social and the German Ministry of Foreign Affairs.
More info: unodaweb-meetings.unoda.org/public/2024-...
#cybersecurity
interface ist jetzt permanentes Mitglied im Nationalen Cyber-Sicherheitsrat.
Mehr Infos: www.linkedin.com/posts/dr-sve...
Mehr Infos: www.linkedin.com/posts/dr-sve...
Dr. Sven Herpig on LinkedIn: UPDATE: Mitgliedschaft von interface im Nationalen…
UPDATE: Mitgliedschaft von interface im Nationalen Cyber-Sicherheitsrat
Ich freue mich darüber, dass sich die Mitglieder des Nationalen Cyber-Sicherheitsrats…
www.linkedin.com
November 21, 2024 at 5:20 PM
interface ist jetzt permanentes Mitglied im Nationalen Cyber-Sicherheitsrat.
Mehr Infos: www.linkedin.com/posts/dr-sve...
Mehr Infos: www.linkedin.com/posts/dr-sve...
Reposted by Sven Herpig
If you've missed #BigSleep on other platforms:
Project Zero blog:
LLMs find 0days now!
And: our fuzzer setup did *not* reproduce it!
googleprojectzero.blogspot.com/2024/10/from...
Project Zero blog:
LLMs find 0days now!
And: our fuzzer setup did *not* reproduce it!
googleprojectzero.blogspot.com/2024/10/from...
From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code
Posted by the Big Sleep team Introduction In our previous post, Project Naptime: Evaluating Offensive Security Capabilities of Large L...
googleprojectzero.blogspot.com
November 20, 2024 at 6:22 PM
If you've missed #BigSleep on other platforms:
Project Zero blog:
LLMs find 0days now!
And: our fuzzer setup did *not* reproduce it!
googleprojectzero.blogspot.com/2024/10/from...
Project Zero blog:
LLMs find 0days now!
And: our fuzzer setup did *not* reproduce it!
googleprojectzero.blogspot.com/2024/10/from...