🔒 La #CybersecurityAct UE intensifica la presa sull'ICT, ma solleva domande sul 5G e la fibra. #5G #ICTSecurity 🛡️

🔗 https://www.tomshw.it/business/ue-blinda-ict-ma-il-5g-rischia-il-rallentamento-2026-01-21

[en] UK: Should #ransomware payments be banned?

"Governments underestimate the impact of #cybercrime at their peril."

"... without a ban covering the private as well as the public sector, threat actors would likely gravitate to the former."

"... we may see ... a potential evolution in the business model itself ... perhaps they would look to other options ..."

https://www.techmonitor.ai/comment-2/unintended-consequences-ransomware-ban

#cybersecurity #ictsecurity #cyberthreat #cyberthreat #exploit #trojan #spyware #vulnerability

Linux Foundation Open Source Summit North America:
"Linus Torvalds and his good friend Dirk Hohndel ... conversation about Linux development and related issues"

Interesting - They also talked about #security, XZ Utils incident, #LLMs, #hardware, RISK-V, #Git ...

https://www.zdnet.com/article/linus-torvalds-takes-on-evil-developers-hardware-errors-and-hilarious-ai-hype/

#gnulinux #linux #riskv #xz #xzutil #xzutils #llm #torvalds #hohndel #cybersecurity #ictsecurity #itsecurity #exploit #spyware #vulnerability #infosec #ai #aihype #linuxfoundation #opensourcesummit

[en] Voting: Weaknesses of Electronic Voting Machines (Prof. Appel, Schneier & Co.)

"Rather than assert that each component of the process can be made perfectly secure on its own, ... the goal of each component of the elections process is to validate every other component."

"... the hallmarks of a reliable and optimal election process are hand-marked paper ballots ..."

[Not "e-voting"]

https://freedom-to-tinker.com/2024/03/18/suggested-principles-for-state-statutes-regarding-ballot-marking-and-vote-tabulation/

#voting #votingmachine #ballot #election #evoting #ictsecurity #infosec #security

[en] Commercial spyware firms make mobile phones and devices increasingly insecure

"Nearly two thirds of mobile and browser flaws were used by spyware firms".

"... in 2023, spyware produced by commercial surveillance vendors (CSVs) were responsible for 64% of known exploited mobile and browser zero-day vulnerabilities."

https://cyberscoop.com/spyware-zero-days-2023/

#zeroday #spyware #csv #cyberthreat #exploit #vulnerability #cybersecurity #ictsecurity #itsecurity #infosec #mobile #mobilephone

[en] Serious security vulnerabilities in electronic RFID locks from dormakaba

"... identified weaknesses allow an attacker to unlock all rooms in a hotel using a single pair of forged keycards. Over [3m] hotel locks in 131 countries are affected."

"As of 03/2024, ... 36% of the impacted locks have been updated or replaced."

https://unsaflok.com/

#ResearchHighlights #dormakaba #kaba #saflok #unsaflok #privacy #rfid #rfidlock #cybersecurity #ictsecurity #itsecurity #infosec #security

[en] Microsoft Goes Open Source 😄 - Not Really Intentionally

"... breach was worse than initially understood and that the Russian hackers accessed Microsoft source code."
"... string of breaches affecting the company that have raised major questions in Washington about Microsoft’s security posture."

https://cyberscoop.com/microsoft-cozy-bear-russia/

#MediaHighlights #microsoft #opensource #oss #foss #sourcecode #hacking #hacker #breach #insecure #security #cybersecurity #infosec #ictsecurity #itsecurity #threat

A post claims that "Hackers increasingly abuse Cloudflare Tunnels for stealthy connections"

#Cloudflare Tunnels are supposed to create outbound-only connections to the Cloudflare network but are apparently also used "for nefarious purposes, such as gaining stealthy persistent access to the victim's network, evading detection, and exfiltrating compromised devices' data."

https://www.bleepingcomputer.com/news/security/hackers-increasingly-abuse-cloudflare-tunnels-for-stealthy-connections/

#abuse #cloud #cloudtunnel #cybersecurity #ictsecurity #itsecurity #infosec #security

Ban End-to-End Encryption in the EU?

"Leaked Government Document Shows Spain Wants to Ban End-to-End Encryption"

https://www.wired.com/story/europe-break-encryption-leaked-document-csa-law/

#cybersecurity #ictsecurity #itsecurity #infosec #privacy #security #cryptography #encryption #e2e #ee #endtoendencryption #goingdark #csam #cryptographer #technologist #whatsapp #signal #messenger
#MediaHighlights

[en] Android: Logging of Sensitive Data and Leak to Third Parties

"Logging of sensitive data in the Android ecosystem ..."
"... Logging of “activity” names can inadvertently reveal information about users through their app usage. "

Paper Prepub:
https://www.usenix.org/system/files/sec23fall-prepub-89-lyons.pdf

Media EL PAÍS:
https://english.elpais.com/science-tech/2023-05-22/this-is-how-android-apps-reveal-our-secrets-without-us-being-aware-of-it.html

#MediaHighlights
#ResearchHighlights

#android #dataleak #leak #mobilesecurity #ictsecurity #itsecurity #infosec #itsec #privacy #security #thirdparty