#nis2-compliance

[ follow ]
#cybersecurity #data-breach #vulnerabilities #european-commission #ai #privacy #security #data-security
EU data protection
fromwww.theguardian.com
1 day ago

Some Interrail travellers told to cancel passports as hacked data posted online

Holidaymakers in Europe must replace passports after personal data was hacked and sold on the dark web, causing stress and financial burden.
#cybersecurity
DevOps
fromSecuritymagazine
2 days ago

The Security Metric That's Failing You

Measuring patch rates does not equate to a secure environment; real risks often lie in misconfigurations and outdated permissions.
Information security
fromInfoWorld
1 day ago

UK's NCSC calls passkeys the default, says passwords are no longer fit for the purpose

Passkeys are recommended as the primary authentication method due to their security and user-friendliness compared to traditional passwords.
DevOps
fromTheregister
1 day ago

Hybrid clouds have two attack surfaces - so watch both

Hybrid cloud management tools present significant security vulnerabilities that users often overlook.
Careers
fromSecuritymagazine
4 days ago

Advance Your Cybersecurity Career

Degrees and certifications in cybersecurity indicate foundational knowledge but hands-on experience and skills are more critical for success.
Privacy technologies
fromTheregister
1 day ago

NCSC: Passkeys now good enough to be the default standard

The NCSC endorses passkeys as the default authentication standard, urging consumers to abandon passwords for enhanced security.
DevOps
fromSecuritymagazine
2 days ago

The Security Metric That's Failing You

Measuring patch rates does not equate to a secure environment; real risks often lie in misconfigurations and outdated permissions.
Information security
fromInfoWorld
1 day ago

UK's NCSC calls passkeys the default, says passwords are no longer fit for the purpose

Passkeys are recommended as the primary authentication method due to their security and user-friendliness compared to traditional passwords.
more#cybersecurity
#remote-work
Remote teams
fromFast Company
1 day ago

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.
Remote teams
fromFast Company
1 day ago

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require careful management.
Remote teams
fromFast Company
1 day ago

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.
Remote teams
fromFast Company
1 day ago

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.
Remote teams
fromFast Company
1 day ago

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require careful management.
Remote teams
fromFast Company
1 day ago

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.
more#remote-work
#privacy
Privacy professionals
fromSecuritymagazine
2 days ago

The Privacy-Security Partnership: How We Bend Risk in a Resource Crunch

Fewer privacy practitioners feel confident in meeting laws, while resource shortages and compliance challenges increase stress in the field.
Privacy technologies
fromComputerWeekly.com
6 days ago

Privacy, power, and encryption: why end-to-end security matters | Computer Weekly

Privacy is a fundamental human condition, and end-to-end encryption is essential for protecting communications in a surveillance-heavy world.
Privacy professionals
fromSecuritymagazine
2 days ago

The Privacy-Security Partnership: How We Bend Risk in a Resource Crunch

Fewer privacy practitioners feel confident in meeting laws, while resource shortages and compliance challenges increase stress in the field.
Privacy technologies
fromComputerWeekly.com
6 days ago

Privacy, power, and encryption: why end-to-end security matters | Computer Weekly

Privacy is a fundamental human condition, and end-to-end encryption is essential for protecting communications in a surveillance-heavy world.
more#privacy
Privacy technologies
fromTheregister
22 hours ago

Proton CEO: Age checks turn internet into ID checkpoint

Age verification risks transforming the internet into a system requiring identification for all users, compromising anonymity and security.
#data-breach
France news
fromTechCrunch
1 day ago

France confirms data breach at government agency that manages citizens' IDs | TechCrunch

The French government agency ANTS confirmed a data breach affecting citizens' identity documents, potentially involving millions of personal records.
France news
fromEngadget
1 day ago

France's national agency for managing IDs and passports suffered a data breach last week

France Titres confirmed a security breach exposing personal data, including names and contact information, with potential for phishing attacks.
France news
fromTheregister
2 days ago

France's 'Secure' ID agency probes claimed 19M record breach

A significant data breach may have exposed personal information of up to 19 million individuals in France.
Privacy professionals
fromTheregister
3 days ago

Lovable denies data leak, cites 'intentional behavior'

Lovable's platform has a significant security flaw allowing free accounts to access sensitive user information, raising concerns about data protection.
EU data protection
fromTheregister
3 weeks ago

European Commission admits breach of public web systems

The European Commission confirmed a data breach affecting its public web infrastructure, with details on the extent and nature of the data taken remaining unclear.
France news
fromTechCrunch
1 day ago

France confirms data breach at government agency that manages citizens' IDs | TechCrunch

The French government agency ANTS confirmed a data breach affecting citizens' identity documents, potentially involving millions of personal records.
France news
fromEngadget
1 day ago

France's national agency for managing IDs and passports suffered a data breach last week

France Titres confirmed a security breach exposing personal data, including names and contact information, with potential for phishing attacks.
France news
fromTheregister
2 days ago

France's 'Secure' ID agency probes claimed 19M record breach

A significant data breach may have exposed personal information of up to 19 million individuals in France.
Privacy professionals
fromTheregister
3 days ago

Lovable denies data leak, cites 'intentional behavior'

Lovable's platform has a significant security flaw allowing free accounts to access sensitive user information, raising concerns about data protection.
EU data protection
fromTheregister
3 weeks ago

European Commission admits breach of public web systems

The European Commission confirmed a data breach affecting its public web infrastructure, with details on the extent and nature of the data taken remaining unclear.
more#data-breach
#digital-sovereignty
fromZDNET
1 day ago
European startups

98% of IT leaders want digital sovereignty: Now SUSE is operationalizing it for companies everywhere

European startups
fromZDNET
1 day ago

98% of IT leaders want digital sovereignty: Now SUSE is operationalizing it for companies everywhere

SUSE is focusing on digital sovereignty to enhance choice and resilience in enterprise IT globally.
Europe politics
fromTheregister
1 week ago

Digital sovereignty isn't just a buzzword - it's the future

European governments and companies are prioritizing digital sovereignty due to concerns over US control and dependency.
more#digital-sovereignty
fromTNW | Artificial-Intelligence
1 day ago
London startup

BT, Nscale, and Nvidia announce UK sovereign AI partnership

Nscale and BT are partnering to build AI data centres in the UK, enhancing national AI infrastructure using Nvidia's technology.
#ai
Artificial intelligence
fromwww.cbc.ca
2 days ago

Anthropic's latest AI model is sparking fears from cybersecurity experts and the banking sector. Here's why. | CBC News

Mythos, Anthropic's advanced AI model, poses cybersecurity risks by uncovering vulnerabilities faster than they can be fixed.
fromMedium
3 days ago
Artificial intelligence

How to mitigate the risk of AI implementation in enterprise environments

Artificial intelligence
fromwww.cbc.ca
2 days ago

Anthropic's latest AI model is sparking fears from cybersecurity experts and the banking sector. Here's why. | CBC News

Mythos, Anthropic's advanced AI model, poses cybersecurity risks by uncovering vulnerabilities faster than they can be fixed.
Information security
fromSecurityWeek
1 day ago

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.
Information security
fromTechzine Global
1 week ago

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.
more#ai
Fundraising
fromIndependent
3 days ago

Company has more than 2m stolen from account following cyber attack

Future Energy Capital Limited lost over €2m due to a cyber attack last October.
Data science
fromInfoWorld
3 days ago

Addressing the challenges of unstructured data governance for AI

Enterprises must enhance data governance for unstructured data as AI transforms data management practices.
Information security
fromSecurityWeek
2 hours ago

Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents

Agentic AI is transforming cybersecurity, presenting both opportunities for defenders and risks for attackers, necessitating a strategic response from the industry.
EU data protection
fromTheregister
5 hours ago

Greece's flexible approach to Europe biometric entry system

Greece is implementing the EU's biometric Entry/Exit System flexibly to manage border traffic and address delays experienced by British travelers.
#data-privacy
EU data protection
fromThedrum
3 days ago

The future of data, privacy and ethics

Misleading practices in e-commerce, such as false stock availability, are regulated by the European Commission to protect consumers.
Privacy professionals
fromThe Verge
1 hour ago

A new Republican privacy bill could be 'worse than no standard at all'

Congress is attempting to pass a national data privacy law that may weaken protections in some states while strengthening them in others.
EU data protection
fromThedrum
3 days ago

The future of data, privacy and ethics

Misleading practices in e-commerce, such as false stock availability, are regulated by the European Commission to protect consumers.
more#data-privacy
European startups
fromTechzine Global
4 days ago

Cisco Sovereign Critical Infrastructure now available in Europe

Cisco launches Sovereign Critical Infrastructure across EMEA, enabling organizations to innovate while maintaining control over their data and infrastructure.
fromBusiness Matters
3 days ago

Why UK SMEs Are Prioritising Streetworks Certification in 2026

NRSWA certification has transitioned from a nice-to-have credential to a genuine precondition for winning local-authority and utility contracts, reflecting a tightening labor market.
London startup
Information security
fromInfoWorld
1 day ago

Offer customers passkeys by default, UK's NCSC tells enterprises

Passkeys are recommended as the primary authentication method due to their security against phishing and credential reuse.
EU data protection
fromTechzine Global
2 days ago

New EU rules stall due to lack of data center data

Europe's data center sustainability regulations reveal significant gaps in data quality and reporting, hindering accurate assessments of energy consumption and environmental impact.
DevOps
fromInfoQ
2 days ago

Cloudflare Outlines MCP Architecture as Enterprises Confront Security and Governance Risks

Centralized governance and remote infrastructure are essential for secure Model Context Protocol deployments, addressing risks like prompt injection and supply chain attacks.
#cloud-computing
European startups
fromTechzine Global
3 days ago

The European cloud of the future is built using actual, physical containers

Cloud workloads increasingly utilize physical containers through initiatives like the Modular Integrated Sustainable Datacenter (MISD) project.
European startups
fromTechzine Global
3 days ago

Dutch central bank chooses Lidl for European Cloud

De Nederlandsche Bank is signing a contract with Schwarz Digits to reduce dependence on American cloud services and switch to a European alternative.
European startups
fromTechzine Global
3 days ago

The European cloud of the future is built using actual, physical containers

Cloud workloads increasingly utilize physical containers through initiatives like the Modular Integrated Sustainable Datacenter (MISD) project.
European startups
fromTechzine Global
3 days ago

Dutch central bank chooses Lidl for European Cloud

De Nederlandsche Bank is signing a contract with Schwarz Digits to reduce dependence on American cloud services and switch to a European alternative.
more#cloud-computing
#ai-security
Artificial intelligence
fromTechRepublic
3 days ago

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.
Information security
fromFortune
20 hours ago

Security experts head to D.C. to debate standards for securing AI systems as Mythos raises the stakes | Fortune

AI systems are becoming attractive targets for adversaries, with vulnerabilities discovered faster than developers can respond.
Information security
fromSecuritymagazine
2 days ago

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.
Artificial intelligence
fromTechRepublic
3 days ago

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.
Information security
fromFortune
20 hours ago

Security experts head to D.C. to debate standards for securing AI systems as Mythos raises the stakes | Fortune

AI systems are becoming attractive targets for adversaries, with vulnerabilities discovered faster than developers can respond.
Information security
fromSecuritymagazine
2 days ago

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.
more#ai-security
Information security
fromIT Brew
18 hours ago

Asking around: When does ransomware threat intelligence become noise?

Effective threat intelligence requires filtering information relevant to specific market segments to avoid overwhelming alerts.
EU data protection
fromTechRepublic
3 days ago

EU to Classify ChatGPT as VLOSE Under Digital Services Act

ChatGPT may be classified as a 'Very Large Online Search Engine' under the Digital Services Act, imposing stricter compliance on OpenAI.
#cloud-sovereignty
European startups
fromTheregister
3 days ago

Europe picks 4 sovereign cloud providers, but one has Google

The European Commission awarded contracts for cloud services, raising concerns about true independence due to involvement of S3NS, a Thales and Google Cloud joint venture.
European startups
fromTheregister
3 days ago

Europe picks 4 sovereign cloud providers, but one has Google

The European Commission awarded contracts for cloud services, raising concerns about true independence due to involvement of S3NS, a Thales and Google Cloud joint venture.
more#cloud-sovereignty
DevOps
fromwww.bankingdive.com
4 days ago

How proactive DEX strengthens IT compliance in financial services

Proactive DEX management helps financial services organizations address compliance challenges by continuously monitoring and improving the digital workplace.
fromSecuritymagazine
1 day ago

Operationally Ineffective: Putting CVEs in a Chokehold with Privilege Disruption

A Common Vulnerability Exposure (CVE) that cannot reach the privilege plane is operationally ineffective - even at a CVSS Score of 10. This should be a core philosophy that is embedded into the fabric of software engineering.
Information security
DevOps
fromComputerWeekly.com
4 days ago

Storage implications of a modern IT architecture | Computer Weekly

Organizations are increasingly using containers to modernize applications and manage both cloud-native and traditional workloads with Kubernetes.
France news
fromEngadget
5 days ago

DOJ refuses to help French authorities in criminal probe of X

The US Department of Justice supports X amid a French criminal investigation, claiming it aims to regulate the platform's activities unjustly.
#nist
Information security
fromSecuritymagazine
1 day ago

NIST's New Prioritization Criteria for CVEs, Examined by Experts

NIST is changing its approach to handling cybersecurity vulnerabilities by prioritizing certain CVEs for immediate enrichment in the National Vulnerability Database.
Information security
fromSecuritymagazine
1 day ago

NIST's New Prioritization Criteria for CVEs, Examined by Experts

NIST is changing its approach to handling cybersecurity vulnerabilities by prioritizing certain CVEs for immediate enrichment in the National Vulnerability Database.
more#nist
EU data protection
fromwww.independent.co.uk
1 week ago

What are EU digital identity wallets? The benefits and risks explained

The Independent provides accessible journalism on critical issues like reproductive rights and digital identity, emphasizing the importance of on-the-ground reporting.
#cyber-security
EU data protection
fromComputerWeekly.com
1 week ago

CYBERUK '26: UK lagging on legal protections for cyber pros | Computer Weekly

The outdated Computer Misuse Act hinders UK cyber security innovation and needs urgent reform to protect cyber professionals.
fromComputerWeekly.com
2 days ago
Information security

Nation states responsible for 'nationally significant' cyber attacks against UK, says NCSC chief | Computer Weekly

EU data protection
fromComputerWeekly.com
1 week ago

CYBERUK '26: UK lagging on legal protections for cyber pros | Computer Weekly

The outdated Computer Misuse Act hinders UK cyber security innovation and needs urgent reform to protect cyber professionals.
Information security
fromComputerWeekly.com
1 day ago

Interview: Critical local infrastructure is missing link in UK cyber resilience | Computer Weekly

Local infrastructure in the UK is vulnerable to cyber attacks, risking severe disruption to essential services and public safety.
Information security
fromComputerWeekly.com
2 days ago

Nation states responsible for 'nationally significant' cyber attacks against UK, says NCSC chief | Computer Weekly

The UK faces increased cyber security threats from hostile states and AI advancements, with an average of four significant attacks weekly.
Information security
fromComputerWeekly.com
2 days ago

Sans Institute preps live systems for Nato cyber exercise | Computer Weekly

The Sans Institute is providing a real operational cyber range for the NATO Locked Shields exercise to enhance cyber security training and readiness.
more#cyber-security
Information security
fromComputerWeekly.com
2 days ago

Anthropic's Mythos raises the stakes for security validation | Computer Weekly

The rise of autonomous AI in security introduces unpredictability, complicating the validation of defenses against evolving threats.
#cisa
Information security
fromThe Verge
1 day ago

Anthropic's Mythos rollout has missed America's cyberscurity agency

CISA lacks access to Anthropic's cybersecurity model, raising concerns about its prioritization and effectiveness in digital security.
Information security
fromSecurityWeek
3 days ago

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.
Information security
fromThe Verge
1 day ago

Anthropic's Mythos rollout has missed America's cyberscurity agency

CISA lacks access to Anthropic's cybersecurity model, raising concerns about its prioritization and effectiveness in digital security.
Information security
fromSecurityWeek
3 days ago

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.
more#cisa
Information security
fromSecurityWeek
2 days ago

Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data

SBOMs and VEX statements fail to enhance software supply chain security due to poor decision-making and inconsistent interpretation of available data.
Privacy professionals
fromMedCity News
1 month ago

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.
#cyberattack
EU data protection
fromSecurityWeek
3 weeks ago

European Commission Reports Cyber Intrusion and Data Theft

The European Commission confirmed a cyberattack that compromised its cloud infrastructure, resulting in the theft of hundreds of gigabytes of data.
EU data protection
fromTechCrunch
3 weeks ago

European Commission confirms cyberattack after hackers claim data breach | TechCrunch

A cyberattack on the European Commission's cloud infrastructure resulted in the theft of significant data, but internal systems remain unaffected.
EU data protection
fromSecurityWeek
3 weeks ago

European Commission Reports Cyber Intrusion and Data Theft

The European Commission confirmed a cyberattack that compromised its cloud infrastructure, resulting in the theft of hundreds of gigabytes of data.
EU data protection
fromTechCrunch
3 weeks ago

European Commission confirms cyberattack after hackers claim data breach | TechCrunch

A cyberattack on the European Commission's cloud infrastructure resulted in the theft of significant data, but internal systems remain unaffected.
more#cyberattack
#cybercrime
Information security
fromTechCrunch
1 week ago

European police email 75,000 people asking them to stop DDoS attacks | TechCrunch

A global law enforcement operation targeted over 75,000 alleged cybercriminals using DDoS-for-hire services, resulting in arrests and domain takedowns.
Information security
fromNextgov.com
4 weeks ago

European officials highlight private sector help in major cybercrime takedowns

Private sector partners play a crucial role in cybercrime takedowns, aiding law enforcement in disrupting criminal activities and infrastructure.
Information security
fromTechCrunch
1 week ago

European police email 75,000 people asking them to stop DDoS attacks | TechCrunch

A global law enforcement operation targeted over 75,000 alleged cybercriminals using DDoS-for-hire services, resulting in arrests and domain takedowns.
Information security
fromNextgov.com
4 weeks ago

European officials highlight private sector help in major cybercrime takedowns

Private sector partners play a crucial role in cybercrime takedowns, aiding law enforcement in disrupting criminal activities and infrastructure.
more#cybercrime
Miscellaneous
fromTheregister
2 months ago

European Commission probes breach of staff mobile devices

Intruders accessed European Commission mobile device management systems, potentially exposing some staff names and mobile numbers while no mobile devices were compromised.
Privacy professionals
fromDataBreaches.Net
1 month ago

Shutdown Stalls Compliance Plans for Cyber Breach Reporting Rule - DataBreaches.Net

A partial government shutdown delays the DHS cybersecurity incident reporting rule, leaving companies uncertain about compliance requirements and enforcement timelines.
EU data protection
fromTheregister
1 month ago

EU law advisor wants cybercrime protections fast-tracked

EU legal advisor urges banks to reimburse cybercrime victims immediately rather than delaying payments pending fraud investigations, regardless of gross negligence claims.
EU data protection
fromTechzine Global
2 months ago

Metadata, cloud sovereignty's weak spot

US authorities can access some metadata of cloud users in European sovereign clouds, potentially revealing operational and behavioral information despite data residency protections.
fromTechRepublic
3 months ago

EU's New Cybersecurity Act Could Ban High-Risk Suppliers - TechRepublic

Yesterday (Jan. 20), the Commission unveiled its revised Cybersecurity Act proposal after months of behind-the-scenes negotiations that reportedly caused substantial friction between officials and member states. This sweeping update introduces measures to identify and potentially exclude "high-risk" third countries and companies from Europe's critical digital infrastructure across 18 essential sectors, including energy systems. As cybersecurity threats continue rising since the original Act took effect seven years ago, the EU is essentially drawing new battle lines in the global tech landscape.
Information security
Information security
fromTechzine Global
1 month ago

Cyber resilience gap: High confidence, but reality lags behind

Organizations invest heavily in cyber resilience but remain vulnerable to external threats due to perimeter-focused strategies that neglect ecosystem-wide protection.
Information security
fromSecuritymagazine
2 months ago

Understanding Breaches Before and After They Happen: What Every Organization Should Know

Most security breaches result from neglected fundamentals—human error, unpatched systems, weak authentication, and poor network segmentation—rather than advanced, novel exploits.
Information security
fromNextgov.com
2 months ago

NIST releases a new draft cybersecurity framework for systems that never stop moving

Transportation cybersecurity lags behind other critical infrastructure sectors, creating evacuation and public-safety risks as transit systems become more digitalized.
[ Load more ]