Security News
In July 2019, the EUCC was the first candidate cybersecurity certification scheme request received by the EU Agency for Cybersecurity under the Cybersecurity Act. This scheme aims to serve as a successor to the currently existing schemes operating under the SOGIS MRA. It covers the certification of ICT products, using the Common Criteria ISO/IEC 15408 and is the foundation of a European Cybersecurity certification framework.
Chinese threat groups continue to deploy new malware strains on the compromised network of dozens of US and EU organizations after exploiting vulnerable Pulse Secure VPN appliances. In the previous report, FireEye mentioned 12 malware families found on and specifically designed to infect Pulse Secure VPN appliances.
Privacy organisations on Thursday complained to regulators in five European countries over the practices of Clearview AI, a company that has built a powerful facial recognition database using images "Scraped" from the web. While Clearview touts its technology's ability to help law enforcement, its critics say facial recognition is open to abuse and could ultimately eliminate anonymity in public spaces - pointing to cases like China's massive public surveillance system.
Microsoft has announced plans to ensure data processing of EU cloud services within the borders of the political bloc in a move that expert observers claim reveals problems with the firm's existing setup. In a blog, Brad Smith, Microsoft's president and chief legal officer, said the software and cloud services giant would, by the end 2022, enable EU customers of Azure, Microsoft 365, and Dynamics 365 to have all their data processed physically within the EU. To my understanding, there would still be direct access to data and keys from the US in this new Microsoft setup.
US tech giant Microsoft pledged Thursday to process and store all European cloud-based client data in the European Union amid unease in the region over the reach of US legislation on personal data collection. Microsoft's European clients have long been concerned over the legal status of data they store with US companies in the cloud and the extent to which they could be scrutinized by US authorities.
Klarrio is now offering its customers the opportunity to use EU-hosted infrastructure for their cloud needs selecting any of Exoscale's data center locations. Combining Klarrio's system integration expertise with Exoscale cloud infrastructure while adhering to initiatives such as Gaia-X will provide customers with best-of-breed technology and solutions.
The EU unveiled a plan Wednesday to regulate the sprawling field of artificial intelligence, aimed at helping Europe catch up in the new tech revolution while curbing the threat of Big Brother-like abuses. There have been competing concerns over the plans from both big tech and civil liberties groups arguing that the EU is either overreaching or not going far enough.
The European Commission and several other European Union organizations were hit by a cyberattack in March, according to a European Commission spokesperson. "The Commission has set up a 24/7 monitoring services and is actively taking mitigating measures."
Ireland's Data Protection Commission is investigating a massive data leak concerning a database containing personal information belonging to more than 530 million Facebook users. "Previous datasets were published in 2019 and 2018 relating to a large-scale scraping of the Facebook website which at the time Facebook advised occurred between June 2017 and April 2018 when Facebook closed off a vulnerability in its phone lookup functionality," the DPC said.
Sensitive data pertaining to the customers of top mobile services providers in the European Union is at risk of compromise due to improperly secured websites, data security and privacy firm Tala reveals. An analysis of the websites of 13 of the top mobile telecom companies in the EU has revealed that none of them has in place even the minimum necessary protections to be considered secure.