1 min

Security breaches: Joe Biden’s ultimatum to federal agencies

U.S. President Joe Biden and the Cybersecurity and Infrastructure Security Agency (CISA) give U.S. federal agencies six months to fix their security flaws

Operational security - November 24, 2021

In August 2021, a damning U.S. Senate report showed that seven out of eight U.S. federal agencies were unable to protect their critical data from intrusion attempts.

The investigation revealed large-scale security flaws in the IS of the State Department and agencies responsible for housing, transport, agriculture, health, education, and social security. Only the Department of Homeland Security proved to be sufficiently robust.

On 3 November 2021, CISA, mandated by President Joe Biden, gave the seven agencies in question six months to fix these hundreds of vulnerabilities—some of which active for more than a decade. According to CISA, this directive applies “to all software and hardware used on agency premises or hosted by third parties on behalf of an agency.”

https://www.silicon.co.uk/security/security-management/federal-agencies-patch-systems-425284

The Software Defined Vehicle: a growing need for cybersecurity

By Thomas Joos

In-vehicle cybersecurity is on the verge of major changes that will affect all vehicle manufacturers. Vehicles are now more connected than ever, and today’s on-board computer is a high-performance ...

16 November 2023

Artificial intelligence: the world is waking up to the risks

By Louis Nauges

The past week was intense in the world of artificial intelligence (AI). In the space of a few days, five documents were published by prestigious institutions all examining the issue of AI and its ...

10 November 2023

Google’s Play Store promotes secure apps

Badge now certifies apps that pass cybersecurity test.

09 November 2023

How phishing scams utilize OSINT

By Zachary Amos

Open-source intelligence may be increasing the risks posed by phishing scams. Many people aren’t aware of how much may be available about them online, but scammers do, and they’re taking ...

07 November 2023

Cyberscore: is France really taking the digital threat seriously?

By Alexandre Lazarègue, avocat spécialisé en droit du numérique

The cyberscore, introduced by law on March 3, 2022, aims to do for cybersecurity what the nutriscore did for food. However, with its limited scope and modest requirements, it is not certain that it ...

04 November 2023

Ransomware: 40 countries make commitment to no longer pay ransoms

Alliance led by United States and supported by European Union seeks to dry up funding for cybercriminal groups.

Cyber industrial safety

21 October 2023

Siemens launches industrial cybersecurity analysis tool

During maintenance phases, software tests resilience of organization’s IT/OT environment.

04 October 2023

Energy: critical flaw in industrial surveillance machinery

Nozomi Networks has identified three vulnerabilities, one critical, with no available patches, in equipment widely used by energy infrastructure.

26 September 2023

State-affiliated groups are main cyber threat to industry

Energy sector accounts for 39% of cyber incidents in ICS/OT processes.

06 September 2023

Industrial cybersecurity: the need for IT/OT convergence

In an interview with Alliancy published on August 29, 2023, Jean-François Siquet, OT product manager at Air Liquide, reviewed the securing of OT processes required by digitalization. He recognizes ...

17 July 2023

Wallix raises €10.5 million

The French specialist in privileged access raised 5.5 million euros in one night only.

04 July 2023

Despite improvements, OT cybersecurity remains a problem

Fortinet’s latest report shows that 75% of manufacturers have suffered at least one intrusion in the last 12 months.

Security and Stability in Cyberspace

07 November 2023

United States: SEC sues SolarWinds

The Securities and Exchange Commission (SEC), the US stock exchange regulatory authority, filed a lawsuit at the end of October 2023, against the SolarWinds software publisher and its CISO, Timothy ...

02 November 2023

Canada bans WeChat and Kaspersky for government employees

Federal administration will ban Chinese social network and Russian antivirus on government devices.

02 November 2023

Canada: Chinese disinformation campaign targets federal MPs

Attacks meant to discredit Chinese-speaking Canadian personality critical of People’s Republic of China.

31 October 2023

“We are at cyberwar!” Really?

By Stanislas Tarnowski

What better than a war to mobilize everyone’s energy? Armis presents a report on perceptions of cyber warfare and how companies and public authorities are preparing to confront this threat. ...

27 October 2023

Will the Moon soon get Internet?

By Antoine Meunier

The new wave of lunar exploration programs that began with the Artemis 1 mission last year will be very different than the program of the 1960s. The missions that will take off in the coming years ...

26 October 2023

Why is there so much misinformation about the Israel-Hamas war on X?

By Fanny Tan

Since Hamas’s surprise attack against Israel on October 7, 2023, social media has been inundated with false and misleading content, especially X (formerly Twitter). How can we explain such a ...

Cybercrime

19 November 2023

Data theft at PC cloud platform Shadow

On October 11, 2023, Shadow, the French cloud computing PC specialist, admitted it had suffered a data theft, at the end of September 2023. The scope of the attack remains unknown but cybercriminals ...

17 November 2023

Qakbot botnet still active

International police sting had dismantled infrastructure end of August 2023.

16 November 2023

Google Cloud resists unprecedented DDoS attack

With 398 million requests per second, denial of service attack most significant in history, shattering previous record.

15 November 2023

Operation Triangulation reveals vulnerabilities at Apple

By Fabrice Deblock

At its annual Security Analyst Summit (SAS) in late October 2023, Kaspersky’s Global Research and Analysis Team (GReAT) revealed a number of elements about Operation Triangulation, which ...

13 November 2023

Who unplugged the Mozi botnet?

Mystery kill switch ended botnet in summer of 2023.

10 November 2023

Reshipping service for goods bought with stolen bankcards falls prey to hack

Named SWAT USA Drop Service, cybercriminal enterprise employs 1,200 people in the United States.

Operational security

02 November 2023

United States: Joe Biden signs first executive order on AI

Scope remains limited as Congress unable to pass bipartisan bill on issue.

19 October 2023

Can generative AI help break attack chains?

By Fabrice Deblock

With cyberattacks on corporate supply chains on the rise, how can we stop suppliers from being the weakest link in an organization’s cybersecurity? What could generative AI bring to this ...

17 October 2023

HarfangLab raises 25 million euros

French startup wants to become European leader in cyber threat detection and response (EDR) software.

07 October 2023

Yves Bernaert, new CEO of Atos Group

Yves Bernaert leaves Accenture management to head Eviden, tech giant’s cloud, cybersecurity, supercomputer, and quantum branch.

27 September 2023

Threat detection and AI: Cisco acquires Splunk

Cisco acquisition of data analysis solutions provider for 28 billion dollars seeks to harness cybersecurity transformation brought on by AI boom.

25 September 2023

Thirty-eight TB of internal Microsoft data left unprotected for three years

Computer giant under fire for failing to protect sensitive data.

Antifraud action

21 September 2023

Europol takes down cyber-equipped betting fraud gang

On September 15, 2023, Europol revealed a sting carried out in March 2023 against a fraudulent sporting bets gang operating from Spain and led by Romanian and Bulgarian nationals. The group stands ...

05 September 2023

Messenger to implement default end-to-end encryption

Long-awaited development in wake of illegal abortion controversy in Nebraska Fraud prevention.

04 August 2023

50 million dollars in crypto stolen from Curve

White hat hackers are said to be among the attackers of this decentralized finance platform.

01 August 2023

ChatGPT already has two evil twins

Named “FraudGPT” and “WormGPT”, two chatbots can write fraudulent messages and simple malware.

28 July 2023

United States: OpenAI under FTC investigation

The US Federal Trade Commission is investigating ChatGPT over claims of misrepresentation.

13 July 2023

Olympic Games: ANSSI argues for “healthy paranoia”

Vincent Strubel, head of ANSSI, goes over security measures for Paris 2024 Games, as well as threats the event faces.

Digital identity & KYC

14 November 2023

Interim agreement on European digital identity wallet

European Parliament and Council pass first bill to regulate measures on identification throughout European Union.

21 October 2023

UN supports digital identity for developing nations

UNDP and SIA join forces to roll out digital identification solutions, tech deemed “essential to furthering human rights.”

13 September 2023

Crypto theft linked to LastPass hack?

In late August 2023, cybersecurity researchers published an investigation connecting 150 cryptocurrency thefts over the month of December 2022, to the data leak suffered by LastPass in November 2022. ...

11 September 2023

Finland experiments with digital passports

On August 28, 2023, Finnish authorities launched a pilot project allowing Finnish citizens to use a digital version of their passport. The experiment, carried out in Helsinki airport in partnership ...

07 July 2023

European Digital Identity Wallet: text makes progress, but disagreements persist

The European Commission, the European Parliament, and the Council have completed a round of negotiations on this key text for the EU’s digital transformation.

19 June 2023

The Catholic Church in France gives priests digital IDs

It is now possible to verify if priests are authorized to say Mass or hear confession, and thus make sure they are not accused of any sexual crimes

Digital Sovereignty

08 December 2023

[2023 Montreal InCyber Forum] Thinking big: is a global data protection regulatory framework on the way?

By Jean-François Bélanger

Imposing a binding set of global regulations is unrealistic, since it would require states to give up their legal autonomy. However, the positive influences of the GDPR are spreading, inspiring ...

04 December 2023

AI Act: towards three-tiered generative AI regulation

Ongoing negotiations in Brussels could lead to requirements for AI models according to size and popularity.

22 November 2023

TikTok: an application under surveillance

By Fabrice Deblock

The Chinese social network is under scrutiny by the American and European authorities, who want to know exactly how their citizens’ data is being used. This comes at a time when geostrategic ...

13 November 2023

Apple: must iMessage comply with the DMA?

Google and four network providers want Apple instant messaging service to comply with “gatekeeper” interoperability requirements.

08 November 2023

NIS2 on the horizon: companies need to get ready

By Thomas Joos

The aim of this new European directive is to strengthen cybersecurity in Europe. It is set to replace the NIS1 directive, whose requirements are no longer up to the task of improving security, ...

04 November 2023

AI: France, Germany and Italy want to strengthen EU’s strategic autonomy

Economy ministers from three member States want to promote growth of most innovative European companies.

Digital transition

06 December 2023

Business intelligence faced with generative AI: overcoming fears

By Arnaud Marquant, directeur des opérations chez KB Crawl

The current use of generative AI in the business intelligence sector raises a number of fears. These may be overcome by educating professionals.

04 December 2023

Digital assistants: a new team member joins manned flights

By Antoine Meunier

Space, almost by definition, is undoubtedly the most technological sector that exists. While early space-age machines, including the first manned capsules, didn’t even have on-board computers, ...

23 November 2023

How AI is shaking up intellectual property

By Pascal Coillet-Matillon

On August 3, 2023, The New York Times changed the legal notice on its website. The US daily now requires its written consent for an AI to use its data for training. It’s a sign that generative ...

22 November 2023

[InCyber Forum Montreal] Generative AI: reinventing copyright

By Marion Lefebvre

Widespread access to generative artificial intelligence is shaking up how we work and create. However, the growing use of this technology has quickly raised two considerable legal issues: how to ...

22 November 2023

“Ex Machina”: a film that explores the (intimate) relationships between humans and machines…and much more

By Olivier Parent

This science fiction movie, directed by Alex Garland, is a “No Exit” that examines the possibilities of human empathy toward an artificially intelligent system. Moreover, it uses ...

20 November 2023

Corporate cryptocurrency cashflow: balancing flexibility and security

By Agathe Laurent

The rise of cryptocurrencies is being felt in the business world. Companies’ adoption of this technology raises specific issues of governance and security. Here is a guide to the topic.

Security breaches: Joe Biden’s ultimatum to federal agencies

Read also