Ludger Peters
Wiesbaden, Hessen, Deutschland
509 Follower:innen
500+ Kontakte
Info
Mein duales Studium habe ich bei der Framatome GmbH (ehemals AREVA) in Erlangen…
Aktivitäten
-
In meinem Freundeskreis bin ich der einzige, der sich mit dem Thema #Sicherheit beschäftigt. Man findet das spannend, hört mir auch zu, zum Teil…
In meinem Freundeskreis bin ich der einzige, der sich mit dem Thema #Sicherheit beschäftigt. Man findet das spannend, hört mir auch zu, zum Teil…
Beliebt bei Ludger Peters
-
COP29 - where to start? The people! The people and teams I worked with in Baku really helped piece everything together. Compared with going about…
COP29 - where to start? The people! The people and teams I worked with in Baku really helped piece everything together. Compared with going about…
Beliebt bei Ludger Peters
-
Liebes Ehrenamt, lieber VDI, nach vier Jahren als Vorsitzende der VDI Young Engineers habe ich am Sonntag das "Amt" an meinen Nachfolger übergeben…
Liebes Ehrenamt, lieber VDI, nach vier Jahren als Vorsitzende der VDI Young Engineers habe ich am Sonntag das "Amt" an meinen Nachfolger übergeben…
Beliebt bei Ludger Peters
Berufserfahrung
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Ausbildung
-
-
–
Activities and Societies: Studentenrat, Fachschaftsrat Elektrotechnik
-
–
Activities and Societies: Big-Band, Orchester, Bläserklasse, Formel-Zukunft
Bescheinigungen und Zertifikate
Ehrenamt
-
Leitung Referat Kultur und Sport
Stura HSZG
– 2 Jahre 4 Monate
Mitglied in der Studentischen Verwaltung der Hochschule Zittau Görlitz
Dabei ab 2015 in der Leitung des Referates für Kultur und Sport tätig. -
Veranstaltungstechniker und Fotograf
Kronenkino Zittau
– 3 Jahre 2 Monate
Arts and Culture
Unterstützung des Kronenkino mit Fotos der Veranstaltungen und bei Bedarf auch als Technik bei Konzerten.
Veröffentlichungen
-
The Cyber Safe Position: An STPA for Safety, Security, and Resilience Co-Engineering Approach
Proceedings of the 19th International Conference on Availability, Reliability and Security / ACM
Model Based Security Engineering (MBSE) is a growing field of research, which is gaining popularity in the domain of Safety, Security, and Resilience Co-Engineering. The System Theoretic Process Analysis (STPA) is a method for systematically analyzing the behavior of complex systems to investigate their failure modes and the Unsafe Control Actions (UCA) that can lead to those failure modes. This paper expands the methodological scope of STPA, by including an iterative Root-Cause Analysis…
Model Based Security Engineering (MBSE) is a growing field of research, which is gaining popularity in the domain of Safety, Security, and Resilience Co-Engineering. The System Theoretic Process Analysis (STPA) is a method for systematically analyzing the behavior of complex systems to investigate their failure modes and the Unsafe Control Actions (UCA) that can lead to those failure modes. This paper expands the methodological scope of STPA, by including an iterative Root-Cause Analysis element, which examines the possible emergence of UCAs due to either malfunction, or malicious action. Output of the method are the attributes and constraints of Resilience Modes of system configuration and operation, named ”Cyber Safe Position“ (CSP). The proposed method is applied in the case study of a Photovoltaic Plant connected to a Virtual Power Plant (VPP).
Andere Autor:innen -
-
Machine Learning based predictive control to ensure integrity of industrial automation and control systems
IAEA International Conference on Computer Security in the Nuclear World: security for Safety
Historically separated Supervisory Control and Data Acquisition (SCADA) systems are now
interconnected due to the requirements of Industry 4.0. The resulting connections lead to new attack
vectors threatening critical infrastructure like power plants and electrical distribution networks.
The focus of this paper will be the early detection of failures and alterations within control systems. These
modifications of the control routines can result into physical damage of the…Historically separated Supervisory Control and Data Acquisition (SCADA) systems are now
interconnected due to the requirements of Industry 4.0. The resulting connections lead to new attack
vectors threatening critical infrastructure like power plants and electrical distribution networks.
The focus of this paper will be the early detection of failures and alterations within control systems. These
modifications of the control routines can result into physical damage of the controlled primary assets
(e.g., the Stuxnet attack). Cybersecurity experts shall be enabled to detect or confirm ongoing attacks in a
reasonable time frame. Utilizing information, generated by detection algorithms running in parallel to the
existing control systems.
The assumption for this paper is, that the goal of an attacker is to destroy or damage subsystems. This will
be detrimental to the functionality of the complete system with a potential of mid to long-term impact to
the whole site.
The paper is based on a PhD thesis [1] in the context of IAEA CRP J02008 with a focus on cybersecurity
for Electrical Power Systems (EPS) and a follow-up master thesis [2] demonstrating the possibilities of
anomaly detection using the Asherah Nuclear Simulator. This paper will address future improvement
possibilities, beyond the EPS cybersecurity scope.Andere Autor:innen -
-
Model-based Integrity Monitoring of Industrial Automation And Control Systems
Gesellschaft für Informatik, Bonn
This paper aims to enhance cyber security within Electrical Power Systems (EPS) of power plants by extending and using an updated plant simulator. In this paper, we assume a sophisticated attacker, as part of an Advanced Persistent Threat (APT), who gradually damages or manipulates primary assets (in the sense of ISO/IEC 27005:2018, e. g. main cooling water pumps, feedwater pumps, safety valves, and circuit breakers). Accordingly, we assume that the attack agent performs gradual manipulations…
This paper aims to enhance cyber security within Electrical Power Systems (EPS) of power plants by extending and using an updated plant simulator. In this paper, we assume a sophisticated attacker, as part of an Advanced Persistent Threat (APT), who gradually damages or manipulates primary assets (in the sense of ISO/IEC 27005:2018, e. g. main cooling water pumps, feedwater pumps, safety valves, and circuit breakers). Accordingly, we assume that the attack agent performs gradual manipulations at the application level. Detecting and predicting a potential anomaly is designed and implemented based on machine learning of expected behavior. The paper will include examples of attacks executed over an extended time period by gradually manipulating combinations of analog and binary signal values or set-points. Challenges related to the training of the detection algorithms, avoidance of false positives, and concise reporting to non-security domain experts will also be addressed.
Andere Autor:innen -
Prüfungsergebnisse
-
Masterarbeit
Prüfungsergebnis: 1,7
The Industrial Automation and Control System (IACS) are the backbone of controlling
the operation of the process industry (e.g. refineries), factories and plants, including
Nuclear Power Plant (NPP). Within this thesis, it is assumed that the attacker
already super-seeded a plant’s protection systems and gained direct access to some of
the lower tier Industrial Control System (ICS).
This thesis aims to enhance the cyber security of power plant components by extending
and using…The Industrial Automation and Control System (IACS) are the backbone of controlling
the operation of the process industry (e.g. refineries), factories and plants, including
Nuclear Power Plant (NPP). Within this thesis, it is assumed that the attacker
already super-seeded a plant’s protection systems and gained direct access to some of
the lower tier Industrial Control System (ICS).
This thesis aims to enhance the cyber security of power plant components by extending
and using an updated plant simulator. A related Ph.D. thesis [1] from the end of
2021 indicates that a considerable impact on primary assets (in the sense of ISO/IEC
27005:2018) is possible. However, the assumed attack scenarios would have an
immediate impact, e.g. an attacker has direct access to an industrial communication
network or supporting assets (e.g. embedded devices) that control at least one critical
primary asset. It is assumed, that a sophisticated attacker, as part of an Advanced
Persistant Threat (APT), breach the cyber protection of the facility and aims to
damage primary assets (e.g. main cooling water pumps, feedwater pumps, safety
valves, circuit breakers). Accordingly, we assume that the attack agent performs
gradual manipulations at the application level. Detecting and predicting a potential
anomaly is designed and implemented based on machine learning of expected behavior.
The thesis will include examples of attacks executed over an extended time period by
manipulating combinations of analog and binary signal values or set-points. Challenges
related to the training of the detection algorithms, avoidance of false positives and
concise reporting to non-security domain experts will also be addressed. -
Diplomarbeit
Prüfungsergebnis: 1,0
Within this part of my dual degree program i wrote my diploma thesis: "Prototype’s implementation of a virtualized Instrumentation and Control System for Nuclear Power Plants"
-
Mechatroniker (IHK 2016)
Prüfungsergebnis: 78 Punkte
Abschluss der innerhalb der ersten 2,5 Studienjahre absolvierten Ausbildung
Sprachen
-
Deutsch
Muttersprache oder zweisprachig
-
Englisch
Verhandlungssicher
-
Französisch
Grundkenntnisse
Organisationen
-
Gesellschaft für Informatik e.V.
-
–Heute -
VDI Verein Deutscher Ingenieure e.V.
-
–Heute
Weitere Aktivitäten von Ludger Peters
-
CEO sein ist wichtig, Papa sein wichtiger. 👨👧👦 Ja, mein Job erfüllt mich und ist mir wichtig. Was aber immer an erster Stelle bei mir stehen…
CEO sein ist wichtig, Papa sein wichtiger. 👨👧👦 Ja, mein Job erfüllt mich und ist mir wichtig. Was aber immer an erster Stelle bei mir stehen…
Beliebt bei Ludger Peters
-
Ich habe Tränen gelacht und konnte dann selbst kaum aufhören zu schreiben. Auf TikTok und Instagram trendet gerade #womeninmalefields. Juliane…
Ich habe Tränen gelacht und konnte dann selbst kaum aufhören zu schreiben. Auf TikTok und Instagram trendet gerade #womeninmalefields. Juliane…
Beliebt bei Ludger Peters
Weitere ähnliche Profile
Weitere Beiträge entdecken
-
Cyver.io
#AI is the double-edged sword in #cybersecurity ⚔️ What happens when this innovation becomes a vulnerability? Jasmin Landry, Security Researcher and HackerOne Pentester put it together quite nicely (check out the quote in the post ⬇️) Two key fronts to consider here: 1️⃣ Security for AI: managing the risks that come with AI deployments. 2️⃣ AI for Security: leveraging AI to detect and manage vulnerabilities faster than ever before. But here’s the kicker: even with cutting-edge AI tools, human expertise is still critical to ensuring trustworthy, secure innovation. In our recent deep dive into AI and vulnerability management, we highlight how security teams are adapting to stay ahead of threats—and what it means for the future. 💬 What’s your take?
-
Hackmanit GmbH
Finding security vulnerabilities in TLS-Libraries automatically using TLS-Anvil. Check out our new german article in the "IT-SICHERHEIT magazine" or on our cybersecurity blog. 🌐 Hackmanit Blog https://lnkd.in/eYW-VN4E ✅ German magazine article by IT-SICHERHEIT https://lnkd.in/ea-yU_eE 🛠️ TLS-Anvil https://tls-anvil.com/ 🔑 KoTeBi https://www.kotebi.de/en/ #TLS #itsecurity #itsicherheit #cybersicherheit #cybersecurity
-
usd AG international
Anatomy Lesson from the Perspective of a Pentester - Guest Lecture at Johannes Gutenberg University Mainz 🎓 Our colleague Matthias Göhring was once again invited to give a guest lecture at Johannes Gutenberg-Universität Mainz. This time, the topic was “Professional Penetration Testing”. The question arose: What characterizes a good #PenetrationTest and how should it be structured? The lecture also covered topics such as the different types of technical security analyses and the management of #vulnerabilities. Thank you very much for the great event. We look forward to the next one! 📰👉 https://lnkd.in/eTbXTyRi #Pentesting #CyberSecurity #JGUMainz #moresecurity
-
Ralf Ladner
#OTSecurity - Many companies are trying to adapt the concepts of IT security to operational technology - are IT security approaches at all effective or rather counterproductive for the manufacturing industry? Statement von Kai Thomsen, SANS Institute #OperationalTechnology #Cybersecurity #Security #ITSecurity #Fertigung #Industrie SANS Institute #Betriebssicherheit #ITOTKonvergenz #Latency #Manufactoring #Legacy #Compliance Kafka Kommunikation GmbH & Co KG
-
William Collins
Tageszusammenfassung - 16.08.2024 by CERT.at via CERT.at - Tagesberichte ([Global] Data Breach) URL: https://ift.tt/wAjQZT0 End-of-Day report Timeframe: Mittwoch 14-08-2024 18:00 - Freitag 16-08-2024 18:00 Handler: Alexander Riepl Co-Handler: n/a News Opinion: More layers in malware campaigns are not a sign of sophistication Ten infection and protection layers to deploy malware sounds impressive and very hard to deal with. However, adding more layers counterintuitively does the opposite for antivirus evasion and is not a sign of sophistication. Why is that so? https://lnkd.in/g9RmBUaU Ailurophile: New Infostealer sighted in the wild We discovered a new stealer in the wild called "Ailurophile Stealer-. The stealer is coded in PHP and the source code indicates potential Vietnamese origins. It is available for purchase through a subscription model via its own webpage. Through the .. https://lnkd.in/gRXERDVm Tusk: unraveling a complex infostealer campaign Kaspersky researchers discovered Tusk campaign with ongoing activity that uses Danabot and StealC infostealers and clippers to obtain cryptowallet credentials and system data. https://lnkd.in/gv-uMFnE PrestaShop GTAG Websocket Skimmer During a recent investigation we uncovered another credit card skimmer leveraging a web socket connection to steal credit card details from an infected PrestaShop website.While PrestaShop is not the most popular eCommerce solution for online stores it is still in the top 10 most common ecommerce platforms in use on the web, and clocks in at just .. https://lnkd.in/gRWzinBk Ransomware Attacks on Industrial Firms Surged in Q2 2024 Dragos has seen a significant increase in ransomware attacks on industrial organizations in Q2 2024 compared to the previous quarter. https://lnkd.in/g38TJYmp Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Environments We recount an extensive cloud extortion campaign leveraging exposed .env files of at least 110k domains to compromise organizations AWS environments. https://lnkd.in/gW2EQaPH New infostealer targets macOS devices, appears to have Russian links Researchers have discovered new information-stealing malware labeled Banshee Stealer that is designed to breach Apple computers. https://lnkd.in/gYZRV2XD Iranian backed group steps up phishing campaigns against Israel, U.S. Google-s Threat Analysis Group shares insights on APT42, an Iranian government-backed threat actor. https://lnkd.in/gKpjcGWv Ransomware Prevention Guide for Mana...
-
William Collins
Tageszusammenfassung - 16.08.2024 by CERT.at via CERT.at - Tagesberichte ([Global] Security Breach) URL: https://ift.tt/wAjQZT0 End-of-Day report Timeframe: Mittwoch 14-08-2024 18:00 - Freitag 16-08-2024 18:00 Handler: Alexander Riepl Co-Handler: n/a News Opinion: More layers in malware campaigns are not a sign of sophistication Ten infection and protection layers to deploy malware sounds impressive and very hard to deal with. However, adding more layers counterintuitively does the opposite for antivirus evasion and is not a sign of sophistication. Why is that so? https://lnkd.in/g9RmBUaU Ailurophile: New Infostealer sighted in the wild We discovered a new stealer in the wild called "Ailurophile Stealer-. The stealer is coded in PHP and the source code indicates potential Vietnamese origins. It is available for purchase through a subscription model via its own webpage. Through the .. https://lnkd.in/gRXERDVm Tusk: unraveling a complex infostealer campaign Kaspersky researchers discovered Tusk campaign with ongoing activity that uses Danabot and StealC infostealers and clippers to obtain cryptowallet credentials and system data. https://lnkd.in/gv-uMFnE PrestaShop GTAG Websocket Skimmer During a recent investigation we uncovered another credit card skimmer leveraging a web socket connection to steal credit card details from an infected PrestaShop website.While PrestaShop is not the most popular eCommerce solution for online stores it is still in the top 10 most common ecommerce platforms in use on the web, and clocks in at just .. https://lnkd.in/gRWzinBk Ransomware Attacks on Industrial Firms Surged in Q2 2024 Dragos has seen a significant increase in ransomware attacks on industrial organizations in Q2 2024 compared to the previous quarter. https://lnkd.in/g38TJYmp Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Environments We recount an extensive cloud extortion campaign leveraging exposed .env files of at least 110k domains to compromise organizations AWS environments. https://lnkd.in/gW2EQaPH New infostealer targets macOS devices, appears to have Russian links Researchers have discovered new information-stealing malware labeled Banshee Stealer that is designed to breach Apple computers. https://lnkd.in/gYZRV2XD Iranian backed group steps up phishing campaigns against Israel, U.S. Google-s Threat Analysis Group shares insights on APT42, an Iranian government-backed threat actor. https://lnkd.in/gKpjcGWv Ransomware Prevention Guide for ...
-
MomentEra Private Limited
🌟 Ready to dive into the world of cybersecurity? Join us in Austria for the #unhackedconference! 🗓️ With top-notch speakers, engaging workshops, and fantastic networking opportunities, also earn #CPDCredits, this is an event you don’t want to miss. Click the link to register: https://lnkd.in/gCG7NF2Z #cybersecurity #hacking
-
John Sotiropoulos
An interesting story (with good insights from Sarah Fluchs) about car models (VW Up and T6.1 as well as three Porsche models) discontinued by their manufacturing because they could not meet the UNECE R 155 transitional regulation. Since the core of this is to "demonstrate that cyber security was adequately considered", the moral of the story is simple: whether it's apps, cars, IoT, AI models, etc., secure by design is a must. #securebydesign #security
-
Prof. Dr. Dennis-Kenji Kipker
CVE-2024-9191: #Sicherheitslücke bei #Okta #Gerätezugangssteuerungssoftware "Verify Agent for Windows" ermöglicht Abgriff von #Passwörtern - #Update verfügbar: "The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The vulnerability was discovered via routine penetration testing." https://lnkd.in/eAJwP3zk
-
Michael Grollmus
You should know these threats for your #ICS systems. The Bundesamt für Sicherheit in der Informationstechnik (BSI) publishes a list of the top 10 threats every year 🚨 What is your top threat to your #ICS system? You always want to be 💡 up to date 💡 in the field of #automation #technology? Then activate the 🔔 in my profile and don't miss any posts. Learn more about the Siemens #TIAPortal from experts at GROLLMUS #automatisierungstechnik #automation #Grollmus #Cybersecurity
-
Srajan Gupta
Very interesting scenario. This case clearly underlines the growing impact of security regulation in product developement lifecycle and market dynamics. It also highlights a need for clearer and timely communication of such regulatory impacts by the governing body. Thanks for sharing Sarah Fluchs #securitybydesign
-
WEI (Worldcom Exchange, Inc.)
Researchers at Palo Alto Networks recently discovered the Swiss Army Suite, an automated vulnerability scanning tool, during routine telemetry monitoring. This tool has been used by attackers to scan web services and sites, and evade detection with patterns that bypass common traffic filtering tools. With advanced #MachineLearning models integrated into their #NGFW and Cloud-Delivered Security Services, organizations are protected against these evolving threats, effectively preventing zero-day exploit attempts and detecting SQL injection attacks. More in this report. #SOAR https://hubs.la/Q02Sq41n0
-
The Linux Foundation
🗣️ Attention Linux developers, researchers, and end-users! The Linux Security Summit in Vienna, Austria, 16-17 September is looking for speakers! We need you if you are an expert on: 🔧Security Tools 🔧Security UX 🔧Open Source Supply Chain for the Linux OS 🔧Emerging Technologies, Threats & Techniques 🔧AND MORE 💻 Submit to speak by 19 May: https://hubs.la/Q02rkWBc0. #LinuxSecuritySummit #OpenSource #OSS #CallForProposals #CallForPapers #CFP #CallForSpeakers #LinuxFoundation #events #OpenSourceDevelopment #OpenSourceCommunity #linux #security #UXSecurity #EmbeddedSecurity #IoTSecurity #OpenSourceSecurity #LinuxSecurity
-
Teri Radichel 🩵
This post summarizes a lot of the other posts I’ve written about setting up pfSense in one place with limited screenshots. Will test more with UDM Pro in upcoming posts. If you are trying to improve the security of your home network check it out. https://lnkd.in/dsecikqG
1 Kommentar -
The Record from Recorded Future News
‘Serious hacker attack’ forces Frankfurt university to shut down IT systems. Why it matters: 1. The recent cyber attack on the Frankfurt University of Applied Sciences affirms Germany's universities, particularly those offering courses in applied sciences, as targets for hacking attempts - potentially disrupting education and research. 2. The attack reveals cybercriminals' growing capability to infiltrate even well-protected systems; the university's inability to estimate its extent suggests hackers may have accessed critical parts of its infrastructure, impacting services and communication. 3. Ongoing attacks against universities not only threaten institutional operations but also disrupt students' lives, emphasizing the need for increased cybersecurity measures. Recent incidents show hackers' potential to affect a broad range of services, from enrollment to building access, underscoring the urgent need for comprehensive and robust cyber defenses. Learn more by visiting The Record from Recorded Future News: https://lnkd.in/eMvwyPvV
-
Prof. Dr. Dennis-Kenji Kipker
#Paloalto warnt vor aktueller kritischer #Zeroday #Schwachstelle in #Firewall, die bereits ausgenutzt wird und empfiehlt mitigierende Maßnahmen: "Palo Alto Networks has observed threat activity exploiting an unauthenticated remote command execution vulnerability against a limited number of firewall management interfaces which are exposed to the Internet. We are actively investigating this activity. We strongly recommend customers ensure access to your management interface is configured correctly in accordance with our recommended best practice deployment guidelines. In particular, we recommend that you immediately ensure that access to the management interface is possible only from trusted internal IPs and not from the Internet. The vast majority of firewalls already follow this Palo Alto Networks and industry best practice." https://lnkd.in/eU43ATvb
3 Kommentare
Weitere Mitglieder namens Ludger Peters in Deutschland
-
Ludger Peters
Fachbereichsleiter TGA bei Goldbeck GmbH
-
Ludger Peters
Geschäftsführer
-
Ludger Peters
Tendering Manager bei Steelco Group
-
Ludger Peters
GF bei PAS GmbH
Es gibt auf LinkedIn 11 weitere Personen namens Ludger Peters, die sich in Deutschland befinden.
Weitere Mitglieder anzeigen, die Ludger Peters heißen