Security News

We've excited to say that we're short-listed in nine different categories in this year's European Cybersecurity Blogger Awards. We're up for awards for our website, our podcast, our social media feeds on Twitter and Instagram, our cybersecurity videos, and for the Grand Prix for Best Overall Security Blog.

European law enforcement authorities say they have dismantled a cybercrime group named "InfinityBlack" after arresting several individuals in Poland and Switzerland. Europol said the site was run by a group that set up multiple platforms specializing in the sale of compromised login credentials.

As governments race to develop mobile tracing apps to help contain infections, attention is turning to how officials will ensure users' privacy. Traditional methods involving in-person interviews of patients are time consuming and labor intensive, so countries want an automated solution in the form of smartphone contact tracing apps.

European efforts to define a contact-tracing protocol aimed at making it easier for authorities to detect cases of COVID-19 appear to be having a rather vivid disagreement. One of the efforts is the Pan-European Privacy-Preserving Proximity Tracing group, a Germany-based effort to develop a contact-tracing protocol.

Workiva, provider of the world's leading connected reporting and compliance platform, launched W for ESEF, a focused solution to help European companies simplify compliance with the European Securities and Markets Authority requirements for European Single Electronic Format reporting. W for ESEF - which is available in 23 European languages - offers a distinct subset of functionality for companies that want a targeted ESEF solution.

A European consortium based in Switzerland plans to this week launch an opt-in location-detecting app to expedite contact-tracing those who have encountered coronavirus carriers. The new group, named Pan-European Privacy-Preserving Proximity Tracing, promises a GDPR-compliant app that sounds a lot like Singapore's TraceTogether service, but also offers considerable detail on how the service is designed to preserve privacy.

Financially-motivated hackers believed to be operating out of Russia recently targeted companies in Western Europe, and the attacks apparently involved a combination of two Windows vulnerabilities that Microsoft did not expect to be exploited. According to Singapore-based cybersecurity firm Group-IB, the threat groups tracked as TA505 and Silence - the company previously found links between the two groups - targeted at least two pharmaceutical and manufacturing companies in Belgium and Germany in late January.

European authorities managed to crack down on two cybercrime gangs responsible for stealing millions by employing SIM hijacking. To perform SIM hijacking, hackers trick the victim's wireless operator into swapping the mobile phone number to a SIM card the attackers control.

The European Network of Transmission System Operators for Electricity revealed this week that malicious actors breached its corporate network. TSOs are responsible for the transmission of electric power across the main high-voltage networks, and ENTSO-E works with them on the implementation of energy policies and achieving Europe's energy and climate policy objectives.

Hackers who may have ties to Iran have recently turned their attention to the European energy sector, using open source tools to target one firm's network as part of an cyberespionage operation, according to the security firm Recorded Future. The precise goal of the campaign that the Recorded Future analysts describe in a report released Thursday is not clear, although other studies have found that several Iranian-backed advanced persistent threat groups have targeted U.S. and European businesses connected to the energy sector over the last several years - before the tensions between the U.S. and Iran recently heated up.