127 civil society organisation and unions urge the European Commission to halt its planned Digital Omnibus, warning it would roll back digital rights in the EU
- 0 Followers
- 0 Following
- 1 Posts
EU's cybersecurity agency reports surge in cyberattacks against public administrations across Europe
EU's cybersecurity agency reports surge in cyberattacks against public administrations across Europe - KDE Social
cross-posted from: https://lemmy.kde.social/post/4937011 [https://lemmy.kde.social/post/4937011] > Archived link [https://web.archive.org/web/20251110165503/https://industrialcyber.co/reports/enisa-report-reveals-surge-in-ddos-and-data-breaches-against-eu-public-administration/] > > A new report from ENISA (European Union Agency for Cybersecurity) warns that public administrations across the EU are facing a surge in cyberattacks, with hacktivists increasingly relying on distributed denial-of-service (DDoS) campaigns. Central governments were the most targeted, accounting for 69% of incidents. The majority of incidents targeted the websites of parliaments, ministries, and national authorities/agencies, largely skewed by DDoS attacks. > > As these institutions handle vast amounts of sensitive data and provide essential public services amid growing digitization, even a single incident can cause major disruption and erode public trust. The 42-page report identifies DDoS attacks, data breaches, ransomware, and social engineering as the most prevalent threats. ENISA’s latest sectoral analysis offers a comprehensive view of these risks, aiming to inform better risk assessments, strengthen mitigation strategies, and guide policymaking across the public sector. > > … > > ENISA expects several trends to shape the cyber threat landscape for the EU’s public administration sector in 2025. DDoS campaigns are likely to continue, particularly around major events such as elections and international summits, though they may not cause significant operational disruptions. State-linked activity is also expected to persist, with Russia- and China-aligned intrusion groups maintaining cyber espionage campaigns aimed at collecting strategic data from EU institutions. > > The use of artificial intelligence in social engineering is projected to grow, with generative language models, voice-cloning, and face-swap tools increasingly leveraged for phishing, vishing, and misinformation campaigns. These operations may move beyond simple extortion to focus on manipulating public opinion and eroding trust. Opportunistic ransomware attacks are also anticipated to continue, causing occasional but notable service disruptions across the public sector. > > … > > The report also identified state-nexus intrusion sets publicly documented as associated with Russia and China that were active in cyberespionage campaigns against the public administration in the EU, notably targeting governmental entities. > > …
EU's cybersecurity agency reports surge in cyberattacks against public administrations across Europe
EU's cybersecurity agency reports surge in cyberattacks against public administrations across Europe - KDE Social
cross-posted from: https://lemmy.kde.social/post/4937011 [https://lemmy.kde.social/post/4937011] > Archived link [https://web.archive.org/web/20251110165503/https://industrialcyber.co/reports/enisa-report-reveals-surge-in-ddos-and-data-breaches-against-eu-public-administration/] > > A new report from ENISA (European Union Agency for Cybersecurity) warns that public administrations across the EU are facing a surge in cyberattacks, with hacktivists increasingly relying on distributed denial-of-service (DDoS) campaigns. Central governments were the most targeted, accounting for 69% of incidents. The majority of incidents targeted the websites of parliaments, ministries, and national authorities/agencies, largely skewed by DDoS attacks. > > As these institutions handle vast amounts of sensitive data and provide essential public services amid growing digitization, even a single incident can cause major disruption and erode public trust. The 42-page report identifies DDoS attacks, data breaches, ransomware, and social engineering as the most prevalent threats. ENISA’s latest sectoral analysis offers a comprehensive view of these risks, aiming to inform better risk assessments, strengthen mitigation strategies, and guide policymaking across the public sector. > > … > > ENISA expects several trends to shape the cyber threat landscape for the EU’s public administration sector in 2025. DDoS campaigns are likely to continue, particularly around major events such as elections and international summits, though they may not cause significant operational disruptions. State-linked activity is also expected to persist, with Russia- and China-aligned intrusion groups maintaining cyber espionage campaigns aimed at collecting strategic data from EU institutions. > > The use of artificial intelligence in social engineering is projected to grow, with generative language models, voice-cloning, and face-swap tools increasingly leveraged for phishing, vishing, and misinformation campaigns. These operations may move beyond simple extortion to focus on manipulating public opinion and eroding trust. Opportunistic ransomware attacks are also anticipated to continue, causing occasional but notable service disruptions across the public sector. > > … > > The report also identified state-nexus intrusion sets publicly documented as associated with Russia and China that were active in cyberespionage campaigns against the public administration in the EU, notably targeting governmental entities. > > …
EU's cybersecurity agency reports surge in cyberattacks against public administrations across Europe
EU's cybersecurity agency reports surge in cyberattacks against public administrations across Europe - KDE Social
Archived link [https://web.archive.org/web/20251110165503/https://industrialcyber.co/reports/enisa-report-reveals-surge-in-ddos-and-data-breaches-against-eu-public-administration/] A new report from ENISA (European Union Agency for Cybersecurity) warns that public administrations across the EU are facing a surge in cyberattacks, with hacktivists increasingly relying on distributed denial-of-service (DDoS) campaigns. Central governments were the most targeted, accounting for 69% of incidents. The majority of incidents targeted the websites of parliaments, ministries, and national authorities/agencies, largely skewed by DDoS attacks. As these institutions handle vast amounts of sensitive data and provide essential public services amid growing digitization, even a single incident can cause major disruption and erode public trust. The 42-page report identifies DDoS attacks, data breaches, ransomware, and social engineering as the most prevalent threats. ENISA’s latest sectoral analysis offers a comprehensive view of these risks, aiming to inform better risk assessments, strengthen mitigation strategies, and guide policymaking across the public sector. … ENISA expects several trends to shape the cyber threat landscape for the EU’s public administration sector in 2025. DDoS campaigns are likely to continue, particularly around major events such as elections and international summits, though they may not cause significant operational disruptions. State-linked activity is also expected to persist, with Russia- and China-aligned intrusion groups maintaining cyber espionage campaigns aimed at collecting strategic data from EU institutions. The use of artificial intelligence in social engineering is projected to grow, with generative language models, voice-cloning, and face-swap tools increasingly leveraged for phishing, vishing, and misinformation campaigns. These operations may move beyond simple extortion to focus on manipulating public opinion and eroding trust. Opportunistic ransomware attacks are also anticipated to continue, causing occasional but notable service disruptions across the public sector. … The report also identified state-nexus intrusion sets publicly documented as associated with Russia and China that were active in cyberespionage campaigns against the public administration in the EU, notably targeting governmental entities. …
China Hackers Exploit Citrix Gateway to Breach European Telecom
China Hackers Exploit Citrix Gateway to Breach European Telecom - KDE Social
cross-posted from: https://lemmy.kde.social/post/4886177 [https://lemmy.kde.social/post/4886177] > Archived/non pay-walled [https://archive.ph/gW2rP] > > Here is the original report by Darktrace: Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion [https://archive.ph/osS3P#selection-2100.0-2100.1] > > Cybersecurity programs typically focus on protecting core applications and digital assets. But what if the bad guys start targeting trusted defensive measures? > > This was the case as reported by Darktrace, a cybersecurity platform provider. Its report sheds light on a sophisticated cyber intrusion linked to Salt Typhoon. The threat actor group is believed to be operated by China’s Ministry of State Security, which conducts cyber espionage campaigns against other countries. > > The recent attack features a blend of zero-day exploitation and trusted software abuse. In this instance, Salt Typhoon infiltrated a European telecommunications provider through a gateway device. The attackers then executed a familiar—but evolving—arsenal of stealth techniques. > These included DLL sideloading and abusing trusted antivirus software—such as Norton, Bkav, and IObit—to mask malicious payloads under legitimate binaries. The campaign also deployed a custom backdoor known as SNAPPYBEE (aka Deed RAT) by using a dual command-and-control channel (HTTP and unidentified TCP) to sustain the covert access. > > Darktrace analysts attribute the incident to Salt Typhoon based on overlapping tactics, infrastructure, and malware patterns seen in prior operations by the group. The event underscores a growing trend: nation-state actors are increasingly weaponizing legitimate tools and supply-chain software to bypass traditional security controls and AI-powered detection. > > … > > Given the current geopolitical relationship between the US and China, attacks like this are sure to keep occurring. The two countries compete in world markets. Plus, mutual distrust exists across economic, technological, and military domains. > > This campaign also symbolizes broader China-linked cyber operations targeting telecom and communications infrastructure as part of its strategic intelligence-gathering efforts. > > “Organizations should expect stealthy activity that blends with normal operations when facing Salt Typhoon,” said Jason Soroko, a Senior Fellow at Sectigo, a provider of comprehensive certificate lifecycle management.” > > As this attack illustrates, there has been a shift toward stealth-driven espionage. Attackers now rely less on malware volume. Their focus has turned to exploiting the trust woven into enterprise systems. The time has arrived to apply the zero-trust paradigm to cybersecurity defenses.
China Hackers Exploit Citrix Gateway to Breach European Telecom
China Hackers Exploit Citrix Gateway to Breach European Telecom - KDE Social
Archived/non pay-walled [https://archive.ph/gW2rP] Here is the original report by Darktrace: Salty Much: Darktrace’s view on a recent Salt Typhoon intrusion [https://archive.ph/osS3P#selection-2100.0-2100.1] Cybersecurity programs typically focus on protecting core applications and digital assets. But what if the bad guys start targeting trusted defensive measures? This was the case as reported by Darktrace, a cybersecurity platform provider. Its report sheds light on a sophisticated cyber intrusion linked to Salt Typhoon. The threat actor group is believed to be operated by China’s Ministry of State Security, which conducts cyber espionage campaigns against other countries. The recent attack features a blend of zero-day exploitation and trusted software abuse. In this instance, Salt Typhoon infiltrated a European telecommunications provider through a gateway device. The attackers then executed a familiar—but evolving—arsenal of stealth techniques. These included DLL sideloading and abusing trusted antivirus software—such as Norton, Bkav, and IObit—to mask malicious payloads under legitimate binaries. The campaign also deployed a custom backdoor known as SNAPPYBEE (aka Deed RAT) by using a dual command-and-control channel (HTTP and unidentified TCP) to sustain the covert access. Darktrace analysts attribute the incident to Salt Typhoon based on overlapping tactics, infrastructure, and malware patterns seen in prior operations by the group. The event underscores a growing trend: nation-state actors are increasingly weaponizing legitimate tools and supply-chain software to bypass traditional security controls and AI-powered detection. … Given the current geopolitical relationship between the US and China, attacks like this are sure to keep occurring. The two countries compete in world markets. Plus, mutual distrust exists across economic, technological, and military domains. This campaign also symbolizes broader China-linked cyber operations targeting telecom and communications infrastructure as part of its strategic intelligence-gathering efforts. “Organizations should expect stealthy activity that blends with normal operations when facing Salt Typhoon,” said Jason Soroko, a Senior Fellow at Sectigo, a provider of comprehensive certificate lifecycle management.” As this attack illustrates, there has been a shift toward stealth-driven espionage. Attackers now rely less on malware volume. Their focus has turned to exploiting the trust woven into enterprise systems. The time has arrived to apply the zero-trust paradigm to cybersecurity defenses.
Sorry for replying late, but I couldn’t bring up the site Lemmy KDE in recent days.
Thanks to everyone for the support, in this case particularly to @[email protected] for pointing me in the right direction :-)
Question: "The issuer certificate of a locally looked up certificate could not be found"
Question: "The issuer certificate of a locally looked up certificate could not be found" - KDE Social
I am not sure whether this is the right community for this question, so please let me know if it’s better to ask somewhere else: I am getting a message, saying, >The issuer certificate of a locally looked up certificate could not be found. How do I solve this? (I am running on Debian).
French court to try Chinese captain of suspected Russian ‘shadow fleet’ tanker
French court to try Chinese captain of suspected Russian ‘shadow fleet’ tanker - KDE Social
A French court is to try the Chinese captain of a tanker from Russia’s “shadow fleet” early next year after it was intercepted off France, prosecutors said Thursday, in a move seen as a message to Moscow over its efforts to skirt Western oil sanctions. The French navy on Saturday stopped the Boracay, a vessel claiming to be flagged in Benin and blacklisted by the European Union for being part of Russia’s sanction-busting “shadow fleet” of ageing oil tankers, according to the public prosecutor’s office in the northwestern city of Brest.