Security News

The European Systemic Risk Board proposed a new systemic cyber incident coordination framework that would allow EU relevant authorities to coordinate better when responding to major cross-border cyber incidents impacting the Union's financial sector. ESRB is an independent EU body established in 2010 that oversees the European Union's financial system to prevent and mitigate systemic risk.

The European Union is, once again, calling on bug hunters to delve into specific open source software and report bugs."One criteria in selecting bug bounties was their use within European public services," the European Commission Open Source Programme Office explained.

The European Data Protection Supervisor has ordered European Union law enforcement agency Europol to delete any data it has on individuals that's over six months old, provided there's no link to criminal activity. The investigation concluded the law enforcement agency needed to up its game when it came to data minimisation and retention and encouraged Europol to make necessary changes and then let the EDPS know of its action plan.

The European Parliament's Internal Market and Consumer Protection Committee has adopted the Digital Services Act proposal by 36 votes to 7 and 2 abstentions. The main goal of the DSA is to empower EU regulators to control large internet platforms and impose stricter mechanisms for removing "Fake news" and "Abusive content."

Ukrainian law enforcement arrested 51 suspects believed to have been selling stolen personal data on hacking forums belonging to hundreds of millions worldwide, including Ukraine, the US, and Europe. "As a result of the operation, about 100 databases of personal data relevant for 2020-2021 were seized," the Cyberpolice Department of the National Police of Ukraine said.

It was reported that the private key used to sign EU Digital Covid certificates was leaked and circulated on messaging apps and online data breach marketplaces. The key was misused to generate certificates for Adolf Hitler, Mickey Mouse, and Sponge Bob that were, for a short time, recognized as valid by official government apps.

The EU needs more cybersecurity graduates to plug the political bloc's shortage of skilled infosec bods, according to a report from the ENISA online security agency. In a new report titled "Addressing the EU Cybersecurity Skills Shortage and Gap Through Higher Education", academics Jason Nurse and Konstantinos Adamos, together with ENISA's Athanasios Grammatopoulos and Fabio Di Franco, said the European Union needs to get more students signing up for cybersecurity degrees.

The European Commission has taken action to improve the cybersecurity of wireless devices available on the European market. The delegated act to the Radio Equipment Directive adopted today aims to make sure that all wireless devices are safe before being sold on the EU market.

Having struck down Safe Harbor - the agreement governing EU-US data transfers - in 2015, the Court of Justice of the European Union went on to condemn its replacement, the beleaguered EU-US Privacy Shield, to a similar fate just over a year ago. Now, it would be wrong to say that lightning struck a third time - the CJEU did not invalidate SCCs - but the Court did rule, in the same judgment that put an end to the Privacy Shield, that businesses must assess the underlying transfer of data to which the contracts apply.

As of Thursday morning Eastern time, Adolf Hitler and Mickey Mouse could still validate their digital Covid passes, SpongeBob Squarepants was out of luck, and the European Union was investigating a leak of the private key used to sign the EU's Green Pass vaccine passports. On Wednesday, the Italian news agency ANSA reported that several underground vendors were selling passes signed with the stolen key on the Dark Web, and that the EU had called "Several high-level meetings" to investigate whether the theft was an isolated incident.