Vulnerability reporting in the Cyber Resilience Act: not such a good idea?
Digital Sovereignty | Opinions

Vulnerability reporting in the Cyber Resilience Act: not such a good idea?

By Rayna Stamboliyska
This European regulation aims to improve the security of products and services that have digital components, by imposing requirements on their manufacturers and distributors. This is a commendable endeavor. However, it would be wrong if such an ambitious regulation were not open to improvement. Let’s take a closer look at this process.

Agenda

+

Vidéos

  • Cyber industrial safety
  • Security and Stability in Cyberspace
  • Cybercrime
  • Cyber risks
  • Operational security
  • Antifraud action
  • Digital identity & KYC
  • Digital Sovereignty
  • Digital transition
Cyber industrial safety
Cloud computing: the manufacturing industry’s cybersecurity Achilles’ heel
09 February 2024

Cloud computing: the manufacturing industry’s cybersecurity Achilles’ heel

A report by Netwrix has shown that no other sector suffers more phishing attacks against its cloud computing infrastructures.
Strengthening of strategic partnership between Eviden and Microsoft
31 January 2024

Strengthening of strategic partnership between Eviden and Microsoft

Atos division specialized in AI, cloud, big data and cybersecurity thus hoping to generate extra 2.6 billion euros in income over five years.
A review of Stuxnet, history’s first act of cyber warfare
16 January 2024

A review of Stuxnet, history’s first act of cyber warfare

Study reveals how Dutch spy allowed CIA and Mossad to disrupt Iran’s nuclear program in the late 2000s.
Vulnerabilities uncovered in Bosch industrial impact wrenches
12 January 2024

Vulnerabilities uncovered in Bosch industrial impact wrenches

If exploited, vulnerabilities could paralyze vehicle assembly lines or render vehicles defective or dangerous.
Iranian cybercriminals cut off water supply in two Irish towns
18 December 2023

Iranian cybercriminals cut off water supply in two Irish towns

Cyber Av3ngers currently targeting Israeli-operated infrastructure, in support of Palestine.  
Russian cyberattack takes Ukraine power plant offline
15 December 2023

Russian cyberattack takes Ukraine power plant offline

Attack carried out same day as series of missile strikes on Ukrainian energy infrastructure.
Security and Stability in Cyberspace
The US neutralizes the infiltration of the pro-China Volt Typhoon cyber group
08 February 2024

The US neutralizes the infiltration of the pro-China Volt Typhoon cyber group

The cybercriminals had penetrated critical US civilian infrastructures, which could have been severely disrupted in the event of a crisis.
Ukrainian military intelligence increases cyberattacks against Russian targets
06 February 2024

Ukrainian military intelligence increases cyberattacks against Russian targets

GUR MO claims attacks against Ministry of Defense and industrial IT service provider.
Pro-Russian group Midnight Blizzard gained access to emails of Microsoft executives
31 January 2024

Pro-Russian group Midnight Blizzard gained access to emails of Microsoft executives

Cybercriminals seemed to be mostly looking for information about themselves.
Google TAG warns of spear phishing attack by pro-Russian group Coldriver
27 January 2024

Google TAG warns of spear phishing attack by pro-Russian group Coldriver

Cybercriminals impersonate someone trusted by target and link them to backdoor install.
Israel–Azerbaijan: a cyberstrategic partnership
25 January 2024

Israel–Azerbaijan: a cyberstrategic partnership

By Pierre-Yves Baillet
Cooperation based on mutual interests has become a key feature of bilateral relations between the two countries.
OpenAI opens door to military use of its tech
18 January 2024

OpenAI opens door to military use of its tech

ChatGPT publisher adopts new terms of use.
Cybercrime
Renaud Feil (Synacktiv): “Operation Triangulation may have originated from the Five Eyes”
14 February 2024

Renaud Feil (Synacktiv): “Operation Triangulation may have originated from the Five Eyes”

By Fabrice Deblock
Exploiting several “zero-day” vulnerabilities in iOS devices, Operation Triangulation targeted the antivirus company Kaspersky, among others, in the summer of 2023. Here is a detailed look at the ...
FTX cryptocurrency theft suspects identified
13 February 2024

FTX cryptocurrency theft suspects identified

US authorities have charged three people with stealing more than $400 million through a SIM card swap scam.
OSINT in the judicial process: a growing phenomenon
12 February 2024

OSINT in the judicial process: a growing phenomenon

By Fanny Tan
From collecting open-source evidence to presenting it in court, challenges persist. However, several tools and initiatives are emerging to facilitate and enhance OSINT’s integration into the ...
Cyberattack paralyzes EMT dispatch in Quebec
06 February 2024

Cyberattack paralyzes EMT dispatch in Quebec

Dispatchers resort to manual processing, affecting care prioritization.
2024: Regulation and Cyber-Surveillance, a Pivotal Year for the Cloud Market
02 February 2024

2024: Regulation and Cyber-Surveillance, a Pivotal Year for the Cloud Market

By Fabrice Deblock
While 2024 is undoubtedly the year of generative AI, it will also be decisive for cloud providers, both due both to their direct contributions to the issue of AI and through the creation or ...
LockBit leader wants identity of rival cybercrime boss
31 January 2024

LockBit leader wants identity of rival cybercrime boss

Hacker offering reward to unmask head of Clop, which broke code preventing Russian cybercriminals from targeting Russian organizations.
Cyber risks
When geopolitical tensions intrude on the Olympic Games
21 February 2024

When geopolitical tensions intrude on the Olympic Games

By Fanny Tan
While financially motivated cyberattacks represent the number one cybersecurity threat to the Olympic Games, the specter of geopolitical attacks remains a major issue, with potentially devastating ...
The 2024 Olympics: is algorithmic video surveillance a danger?
15 February 2024

The 2024 Olympics: is algorithmic video surveillance a danger?

By Pascal Coillet-Matillon
Some see the technology being tested at the 2024 Olympic Games as a slippery slope toward a society of widespread surveillance. Others believe that it poses no danger. Which is true?
Blockchain takes on deepfakes: ushering in an era of digital veracity
24 January 2024

Blockchain takes on deepfakes: ushering in an era of digital veracity

By Agathe Laurent
With the continuing advances in artificial intelligence (AI), deepfakes are spreading at an alarming rate. These creations pose major challenges to the authenticity of content and the reliability of ...
How to minimize software supply chain threats
22 January 2024

How to minimize software supply chain threats

By Zachary Amos
Software development is a complex process. It’s a highly collaborative effort, often involving code from multiple outside developers and connections to other programs and vendors. While its ...
Cybersecurity: European 2024 Trends & Predictions
18 January 2024

Cybersecurity: European 2024 Trends & Predictions

By Zeki Turedi, CTO Europe de CrowdStrike
Cybersecurity is once again at a pivotal juncture ahead of 2024, marked by a rapidly evolving threat landscape that continues to be driven by a year of technological advancement. The digital world ...
Kaspersky identified 411,000 malware programs a day in 2023
03 January 2024

Kaspersky identified 411,000 malware programs a day in 2023

Software publisher’s latest report indicates boom in backdoors and malware hidden in PDF and Office documents.
Operational security
AI: how is it impacting the cyber security professions?
08 February 2024

AI: how is it impacting the cyber security professions?

By Fabrice Deblock
In the field of information system security, which roles are most affected by the emergence of artificial intelligence? Here is a close-up look at five of them.
Ransomware: the professional negotiator’s role
28 January 2024

Ransomware: the professional negotiator’s role

Negotiating with cybercriminals very much like negotiating with kidnappers.
Airbus in talks to acquire big data and cybersecurity branch of Atos
28 January 2024

Airbus in talks to acquire big data and cybersecurity branch of Atos

Business valued at between 1.5 and 1.8 billion euros now aircraft manufacturer’s only focus.
Corporate email: what are tomorrow’s security solutions?
16 January 2024

Corporate email: what are tomorrow’s security solutions?

By Thomas Joos
Analysts estimate that the number of emails sent and received every day will continue to rise, hitting 392.5 billion per day by 2026. As a result, security solutions will have to keep pace with ...
Cybersecurity and health: €750 million for speed and resilience
10 January 2024

Cybersecurity and health: €750 million for speed and resilience

By Vincent Trély, président de l'APSSIS
“CaRE” (Cyber acceleration and Resilience of Establishments) is a French government program resulting from the work of the “Cyber Task Force” set up in December 2022 by three ...
Between threats and legal uncertainty, vulnerability researchers are flying blind
05 January 2024

Between threats and legal uncertainty, vulnerability researchers are flying blind

By Fabrice Deblock
With silent patches, threats, indecision from European institutions, and legal gray areas, vulnerability researchers’ work seems to be an impossible task. Let’s look back on the ...
Antifraud action
Hong Kong: $26 million stolen thanks to a deepfake
07 February 2024

Hong Kong: $26 million stolen thanks to a deepfake

Cybercriminals spoofed the face and voice of a multinational’s CFO to demand payments from an unsuspecting employee.
Data leak at Anthropic
06 February 2024

Data leak at Anthropic

Service provider for generative AI specialist accidentally sent file with personal customer information to third party.
Fake SEC tweet triggers Bitcoin surge
12 January 2024

Fake SEC tweet triggers Bitcoin surge

Cybercriminals hacked X (formerly Twitter) account of US financial authority to announce approval of Bitcoin ETF.
23andMe hack: company blames its users
11 January 2024

23andMe hack: company blames its users

Fourteen hundred accounts behind the chain reaction data breach used recycled passwords, available in cybercriminal “directories”.
Domain names: ICANN launches information request service
12 December 2023

Domain names: ICANN launches information request service

Service will make it possible to view host data, particularly in context of investigation.
Okta data leak: company recognizes all customers concerned
11 December 2023

Okta data leak: company recognizes all customers concerned

Cyberattack hit identity and access management company in September 2023.
Digital identity & KYC
Digital identity: towards common European Union / United States terminology
11 January 2024

Digital identity: towards common European Union / United States terminology

NIST published first draft of comparative chart between US and EU regulatory frameworks on digital identity.
Wallix launches SaaS platform dedicated to access and identity
17 December 2023

Wallix launches SaaS platform dedicated to access and identity

Wallix One-PAM enables management of all corporate digital accesses, with high-level security and high degree of automation.
European digital identity wallet: large-scale trial run in Luxemburg
12 December 2023

European digital identity wallet: large-scale trial run in Luxemburg

Potential consortium and Luxemburg authorities to test four EUDIW use cases.
Interim agreement on European digital identity wallet
14 November 2023

Interim agreement on European digital identity wallet

European Parliament and Council pass first bill to regulate measures on identification throughout European Union.
UN supports digital identity for developing nations
21 October 2023

UN supports digital identity for developing nations

UNDP and SIA join forces to roll out digital identification solutions, tech deemed “essential to furthering human rights.”
Crypto theft linked to LastPass hack?
13 September 2023

Crypto theft linked to LastPass hack?

In late August 2023, cybersecurity researchers published an investigation connecting 150 cryptocurrency thefts over the month of December 2022, to the data leak suffered by LastPass in November 2022. ...
Digital Sovereignty
Vulnerability reporting in the Cyber Resilience Act: not such a good idea?
22 February 2024

Vulnerability reporting in the Cyber Resilience Act: not such a good idea?

By Rayna Stamboliyska
This European regulation aims to improve the security of products and services that have digital components, by imposing requirements on their manufacturers and distributors. This is a commendable ...
AI Act: the start of a new era
19 February 2024

AI Act: the start of a new era

By Fabrice Deblock
As the draft regulation on artificial intelligence makes its way through the final stages of approval within the European institutions, Noshin Khan, Associate Director, Ethics & Compliance at ...
Public administration: France and Germany join forces for sovereign tools
13 February 2024

Public administration: France and Germany join forces for sovereign tools

The two countries want to jointly develop secure messaging and generative AI tools that are independent of non-European players.
DMA: Apple ends App Store monopoly
31 January 2024

DMA: Apple ends App Store monopoly

However, company introduced additional fees for third-party app stores, which could prove contrary to European regulations.
Commercial launch of Bleu, “trustworthy cloud” provided by Orange, Capgemini and Microsoft
27 January 2024

Commercial launch of Bleu, “trustworthy cloud” provided by Orange, Capgemini and Microsoft

Three partners aiming for SecNumCloud 3.2 certification in 2025.
European Cyber Shield passed by European Commission
11 January 2024

European Cyber Shield passed by European Commission

Trilogue talks should lead to final draft of Cyber Solidarity Act.
Digital transition
Regulating competition in the AI market: a new David versus Goliath?
20 February 2024

Regulating competition in the AI market: a new David versus Goliath?

By Stanislas Tarnowski
After the AI Act, the European Competition Authority’s proceedings against Microsoft, OpenIA and generative AI, now it’s the turn of the French Competition Authority to take a closer look ...
The cybersecurity of connected vehicles: a race between manufacturers and cybercriminals
16 February 2024

The cybersecurity of connected vehicles: a race between manufacturers and cybercriminals

By Thomas Joos
Until now, connected vehicles operated independently, but today they represent an integral part of a vast ecosystem network. This development has brought with it new cybersecurity threats that call ...
Iris2: the architecture of the European Internet constellation soon to be revealed
10 February 2024

Iris2: the architecture of the European Internet constellation soon to be revealed

By Antoine Meunier
The shape of Europe’s future internet constellation was a hot topic at the 16th European Space Conference, held in Brussels on 23 and 24 January, with a round table discussion featuring key ...
The EU-27 unanimously adopt the AI Act
09 February 2024

The EU-27 unanimously adopt the AI Act

France, highly critical of the agreement negotiated in December 2023, ultimately did not block the legislation.
“Cyberpunk: Edgerunners”: an anime series that treats the human body like any other product
06 February 2024

“Cyberpunk: Edgerunners”: an anime series that treats the human body like any other product

By Olivier Parent
Inspired by the “Cyberpunk 2077” video game, this series is the chronicle of a disaster foretold in a world where all the fine technocentric ideas seem to have become the stuff of nightmares.
Egypt commits to accelerated digitalization
05 February 2024

Egypt commits to accelerated digitalization

By Nourihan Sobeie
Although various global crises have highlighted the Egyptian state’s structural and institutional weaknesses (COVID-19, war in Ukraine), the government is adopting a politically proactive ...

Our
partners