Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Europe. Show all posts
Russia
Aerospace Cyber Attacks Europe Poland Russia

Poland’s Space Agency Investigates Cyberattack, Works On Security Measures

 



Poland’s space agency, POLSA, has reported a cyberattack on its systems, prompting an ongoing investigation. In response to the breach, the agency quickly disconnected its network from the internet to prevent further damage. As of Monday, its official website was still offline.  


Government and Cybersecurity Teams Take Action

Poland’s Minister of Digital Affairs, Krzysztof Gawkowski, confirmed that cybersecurity experts detected unauthorized access to POLSA’s systems. Security specialists have since secured the affected infrastructure and are now working to determine who was behind the attack. However, officials have not yet shared whether the hackers were financially motivated cybercriminals or politically driven groups. The method used to infiltrate the agency’s network also remains undisclosed.  


Why Hackers Target Space Agencies

Organizations involved in space research and technology are often appealing targets for cybercriminals. Many of these agencies collaborate with defense and intelligence sectors, making them vulnerable to attacks that could expose confidential projects, satellite communications, and security-related data. A cyberattack on such an agency could disrupt critical operations, leak classified research, or even interfere with national security.  


Poland Faces a Surge in Cyberattacks

Poland has become one of the most frequently targeted countries in the European Union when it comes to cyber threats. Earlier this year, Gawkowski stated that the country experiences more cyber incidents than any other EU nation, with most attacks believed to be linked to Russian actors. Poland’s strong support for Ukraine, both in military assistance and humanitarian aid, has likely contributed to this rise in cyber threats.  

The number of cyberattacks against Poland has increased drastically in recent years. Reports indicate that attacks doubled in 2023 compared to previous years, with over 400,000 cybersecurity incidents recorded in just the first half of the year. In response, the Polish government introduced a cybersecurity initiative in June, allocating $760 million to strengthen the country’s digital defenses.  


Other Space Agencies Have Also Been Targeted

This is not the first time a space agency has fallen victim to cyberattacks. Japan’s space agency, JAXA, has faced multiple breaches in the past. In 2016, reports suggested that JAXA was among 200 Japanese organizations targeted by suspected Chinese military hackers. In 2023, unknown attackers infiltrated the agency’s network, raising concerns that sensitive communications with private companies, such as Toyota, may have been exposed.  

As space technology continues to advance, protecting space agencies from cyber threats has become more crucial than ever. These organizations handle valuable and often classified information, making them prime targets for espionage, sabotage, and financial cybercrime. If hackers manage to breach their systems, the consequences could be severe, ranging from stolen research data to disruptions in satellite operations and defense communications.  

POLSA’s ongoing investigation will likely uncover more details about the cyberattack in the coming weeks. For now, the incident highlights the increasing need for governments and space organizations to invest in stronger cybersecurity measures to protect critical infrastructure.

Read more »
Technology
AI Europe GDPR Meta Ray-Ban Glasses Technology

Meta Introduces AI Features For Ray-Ban Glasses in Europe

 

Meta has officially introduced certain AI functions for its Ray-Ban Meta augmented reality (AR) glasses in France, Italy, and Spain, marking a significant step in the company's spread of its innovative wearable technology across Europe. 

Starting earlier this week, customers in these nations were able to interact with Meta's AI assistant solely through their voice, allowing them to ask general enquiries and receive responses through the glasses. 

As part of Meta's larger initiative to make its AI assistant more widely available, this latest deployment covers French, Italian, and Spanish in addition to English. The announcement was made nearly a year after the Ray-Ban Meta spectacles were first released in September 2023.

In a blog post outlining the update, Meta stated, "We are thrilled to introduce Meta AI and its cutting-edge features to regions of the EU, and we look forward to expanding to more European countries soon.” However, not all of the features accessible in other regions will be included in the European rollout. 

While customers in the United States, Canada, and Australia benefit from multimodal AI capabilities on their Ray-Ban Meta glasses, such as the ability to gain information about objects in view of the glasses' camera, these functions will not be included in the European update at present.

For example, users in the United States can ask their glasses to identify landmarks in their surroundings, such as "Tell me more about this landmark," but these functionalities are not available in Europe due to ongoing regulatory issues. 

Meta has stated its commitment to dealing with Europe's complicated legal environment, specifically the EU's AI Act and the General Data Protection Regulation (GDPR). The company indicated that it is aiming to offer multimodal capabilities to more countries in the future, but there is no set date. 

While the rollout in France, Italy, and Spain marks a significant milestone, Meta's journey in the European market is far from done. As the firm navigates the regulatory landscape and expands its AI solutions, users in Europe can expect more updates and new features for their Ray-Ban Meta glasses in the coming months. 

As Meta continues to grow its devices and expand its AI capabilities, all eyes will be on how the firm adjusts to Europe's legal system and how this will impact the future of AR technology worldwide.
Read more »
Tech giants
Artifcial Intelligence Data collection Europe GDPR Google Privacy Tech giants

Is Google Spying on You? EU Investigates AI Data Privacy Concerns



Google is currently being investigated in Europe over privacy concerns raised about how the search giant has used personal data to train its generative AI tools. The subject of investigation is led by Ireland's Data Protection Commission, which ensures that the giant technical company adheres to strict data protection laws within the European Union. This paper will establish whether Google adhered to its legal process, such as obtaining a Data Protection Impact Assessment (DPIA), before using people's private information to develop its intelligent machine models.

Data Collection for AI Training Causes Concerns

Generative AI technologies similar to Google's brand Gemini have emerged into the headlines because these tend to create fake information and leak personal information. This raises the question of whether Google's AI training methods, necessarily involving tremendous amounts of data through which such training must pass, are GDPR-compliant-its measures to protect privacy and rights regarding individuals when such data is used for developing AI.

This issue at the heart of the probe is if Google should have carried out a DPIA, which is an acronym for Data Protection Impact Assessment-the view of any risks data processing activities may have on the rights to privacy of individuals. The reason for conducting a DPIA is to ensure that the rights of the individuals are protected simply because companies like Google process humongous personal data so as to create such AI models. The investigation, however, is specifically focused on how Google has been using its model called PaLM2 for running different forms of AI, such as chatbots and enhancements in the search mechanism.

Fines Over Privacy Breaches

But if the DPC finds that Google did not comply with the GDPR, then this could pose a very serious threat to the company because the fine may amount to more than 4% of the annual revenue generated globally. Such a company as Google can raise billions of dollars in revenue every year; hence such can result in a tremendous amount.

Other tech companies, including OpenAI and Meta, also received similar privacy-based questions relating to their data practices when developing AI.

Other general issues revolve around the processing of personal data in this fast-emerging sphere of artificial intelligence.

Google Response to Investigation

The firm has so far refused to answer questions over specific sources of data used to train its generative AI tools. A company spokesperson said Google remains dedicated to compliance with the GDPR and will continue cooperating with the DPC throughout the course of the investigation. The company maintains it has done nothing illegal. And just because a company is under investigation, that doesn't mean there's something wrong with it; the very act of inquiring itself forms part of a broader effort to ensure that companies using technology take account of how personal information is being used.

Data Protection in the AI Era

DPC questioning of Google is part of a broader effort by the EU regulators to ensure generative AI technologies adhere to the bloc's high data-privacy standards. As concerns over how personal information is used, more companies are injecting AI into their operations. The GDPR has been among the most important tools for ensuring citizens' protection against misuse of data, especially during cases involving sensitive or personal data.

In the last few years, other tech companies have been prosecuted with regard to their data-related activities in AI development. Recently, the developers of ChatGPT, OpenAI, and Elon Musk's X (formerly Twitter), faced investigations and complaints under the law of GDPR. This indicates the growing pressure technological advancement and the seriousness in the protection of privacy are under.

The Future of AI and Data Privacy

In developing AI technologies, firms developing relevant technology need to strike a balance between innovation and privacy. The more innovation has brought numerous benefits into the world-search capabilities and more efficient processes-the more it has opened risks to light by leaving personal data not so carefully dealt with in most cases.

Moving forward, the regulators, including the DPC, would be tracking the manner in which the companies like Google are dealing with the data. It is sure to make rules much more well-defined on what is permissible usage of personal information for developing the AI that would better protect individuals' rights and freedoms in this digital age.

Ultimately, the consequences of this study may eventually shape how AI technologies are designed and implemented in the European Union; it will certainly inform tech businesses around the world.


Read more »
Trend Micro
Africa APT41 Cyber Security Cybersecurity Earth Baku Europe malware Middle East sophisticated attacks Threat actor Trend Micro

China-Backed Earth Baku Broadens Cyber Assaults to Europe, Middle East, and Africa

 

The China-backed threat actor Earth Baku has diversified its targeting footprint beyond the Indo-Pacific region to include Europe, the Middle East, and Africa starting in late 2022. Newly targeted countries include Italy, Germany, the U.A.E., and Qatar, with suspected attacks also detected in Georgia and Romania. Governments, media and communications, telecoms, technology, healthcare, and education sectors are among those singled out as part of the intrusion set.

Trend Micro researchers Ted Lee and Theo Chen, in an analysis published last week, noted that Earth Baku has updated its tools, tactics, and procedures (TTPs) in more recent campaigns. The group utilizes public-facing applications such as IIS servers as entry points for attacks, subsequently deploying sophisticated malware toolsets on the victim's environment. The findings build upon recent reports from Zscaler and Google-owned Mandiant, which also detailed the threat actor's use of malware families like DodgeBox (aka DUSTPAN) and MoonWalk (aka DUSTTRAP). Trend Micro has assigned them the monikers StealthReacher and SneakCross.

Earth Baku, a threat actor associated with APT41, has been known for its use of StealthVector as far back as October 2020. Their attack chains involve the exploitation of public-facing applications to drop the Godzilla web shell, which is then used to deliver follow-on payloads. StealthReacher has been classified as an enhanced version of the StealthVector backdoor loader, responsible for launching SneakCross, a modular implant and a likely successor to ScrambleCross that leverages Google services for its command-and-control (C2) communication.

The attacks are further characterized by the use of other post-exploitation tools such as iox, Rakshasa, and a Virtual Private Network (VPN) service known as Tailscale. Sensitive data exfiltration to the MEGA cloud storage service is accomplished by means of a command-line utility dubbed MEGAcmd. "The group has employed new loaders such as StealthVector and StealthReacher to stealthily launch backdoor components, and added SneakCross as their latest modular backdoor," the researchers stated.

"The persistence of Earth Baku is notable," said the researchers. "Their tactics show a sophisticated understanding of public-facing applications, allowing them to infiltrate various sectors with precision." They further explained that the group's post-exploitation tools are customized to fit specific operational needs, with iox and Rakshasa playing significant roles in maintaining prolonged access and stealth. Tailscale, the VPN service, ensures the attackers can manage their operations without detection, while MEGAcmd allows for efficient data exfiltration.

The continued evolution of Earth Baku's methods, including the introduction of new malware like SneakCross, highlights the growing complexity and threat posed by this actor. The group’s ability to adapt and refine their TTPs makes them a formidable adversary in the cyber landscape.
Read more »
Privacy
Drugs Europe Healthcare intellectual property Pharmaceutical Firms Privacy

Poland Pushes for Shorter Drug Data Protection in EU

 


At a recent EU meeting in Luxembourg, Poland supported a European Commission proposal to shorten the time new drugs are protected by data exclusivity rules. Health Minister Izabela Leszczyna said Poland prefers one year of market protection over longer periods of data protection.

In April 2023, the European Commission suggested reducing the data exclusivity period for drugs from eight to six years. Minister Leszczyna agreed, saying this would help people access new treatments more quickly without adding extra paperwork. She also proposed one year of market protection for new uses of existing drugs instead of extending data protection.

Balancing Incentives and Access

Minister Leszczyna emphasised that Poland supports measures to ensure all EU countries have access to modern treatments. She suggested that incentives should focus on market protection and not last longer than a year. For drugs treating rare diseases, extending protection could be considered, but for other drugs, different solutions should be found.

Challenges in Generic Drug Production 

Krzysztof Kopeć, President of the Polish Association of Pharmaceutical Industry Employers, highlighted issues with drug shortages, especially for generic drugs. He explained that producing drugs in Europe is becoming less profitable, leading to shortages. Although the European Commission wants to boost drug production in Europe, current regulations do not support this, and production costs are higher in Europe than in Asia.

Concerns from Innovative Drug Companies

Innovative drug companies argue that changing existing intellectual property rules is not the answer to drug access problems. They believe the current rules should continue to support innovation and ensure EU patients can access new treatments. Michał Byliniak, General Director of INFARMA, stressed the need for EU reforms to improve drug supply security, availability, and affordability while also supporting new drug development.

INFARMA is discussing potential risks of shorter protection periods with the Ministry of Health and other stakeholders. They warn that reducing protection could limit access to advanced treatments. INFARMA supports keeping current data protection levels and creating incentives to promote innovation, address unmet medical needs, and encourage research in the EU.

Poland's support for a shorter data exclusivity period shows its commitment to balancing access to new treatments, innovation, and economic realities in the EU drug industry. As discussions continue, the goal remains to create rules that ensure safe, effective, and affordable medicines are available to everyone in Europe.



Read more »
US
Cyber Security Europe financial organizations Hackers malicious scripts Minesweeper game Python clone US

Hackers Use Trojanized Minesweeper Clone to Phish Financial Organizations

 

Hackers are exploiting code from a Python clone of Microsoft's classic Minesweeper game to conceal malicious scripts in attacks targeting financial institutions in Europe and the US.

Ukraine's CSIRT-NBU and CERT-UA have identified the threat actor 'UAC-0188' as responsible for these attacks. They are using the legitimate game code to hide Python scripts that download and install the SuperOps RMM (Remote Monitoring and Management) software. SuperOps RMM, though legitimate, provides remote actors with direct access to compromised systems.

CERT-UA's investigation into the initial discovery has uncovered at least five breaches in financial and insurance sectors across Europe and the United States linked to these same files.

The attack initiates with an email from "support@patient-docs-mail.com," posing as a medical center with the subject "Personal Web Archive of Medical Documents." The email prompts recipients to download a 33MB .SCR file from a Dropbox link. This file includes harmless code from a Python clone of Minesweeper, alongside malicious Python code designed to download additional scripts from a remote source, "anotepad.com."

Incorporating Minesweeper code within the executable helps disguise the 28MB base64-encoded string containing the malicious code, making it seem benign to security software. The Minesweeper code features a function named "create_license_ver," repurposed to decode and execute the hidden malicious code, using legitimate software components to mask and facilitate the attack.

The base64 string decodes to a ZIP file containing an MSI installer for SuperOps RMM, which is extracted and executed using a static password. While SuperOps RMM is a legitimate tool, in this scenario, it grants attackers unauthorized access to the victim's computer.

CERT-UA advises organizations not using SuperOps RMM to treat its presence or related network activity, such as connections to "superops.com" or "superops.ai" domains, as indicators of a compromise.

The agency has also provided additional indicators of compromise (IoCs) associated with this attack at the end of their report.
Read more »
Tech Companies
Change Cyber Security Data Data Safety Digital Act Europe Tech Companies

Europe's Digital Markets Act Compels Tech Corporations to Adapt

 

Europeans now have the liberty to select their preferred online services, such as browsers, search engines, and iPhone apps, along with determining the usage of their personal online data. 

These changes stem from the implementation of the Digital Markets Act (DMA), a set of laws introduced by the European Union targeting major technology firms including Amazon, Apple, Microsoft, Google (under Alphabet), Meta (formerly Facebook), and ByteDance (owner of TikTok).

This legislation marks Europe's ongoing efforts to regulate large tech companies, requiring them to adapt their business practices. Notably, Apple has agreed to allow users to download smartphone apps from sources other than its App Store. The DMA applies to 22 services ranging from operating systems to messaging apps and social media platforms, affecting prominent offerings like Google Maps, YouTube, Amazon's Marketplace, Apple's Safari browser, Meta's Facebook, Instagram, WhatsApp, Microsoft Windows, and LinkedIn.

Companies found in violation of the DMA could face hefty fines, up to 20% of their global annual revenue, and even potential breakup for severe breaches. The impact of these rules is not limited to Europe, as other countries, including Japan, Britain, Mexico, South Korea, Australia, Brazil, and India, are considering similar legislation to curb tech giants' dominance in online markets.

One significant change resulting from the DMA is Apple's decision to allow European iPhone users to download apps from sources beyond its App Store, a move the company had previously resisted. However, Apple will introduce a 55-cent fee for each iOS app downloaded from external stores, raising concerns among critics about the viability of alternative app platforms.

Furthermore, the DMA grants users greater freedom to choose their preferred online services and restricts companies from favouring their own offerings in search results. 

For instance, Google search results will now include listings from competing services like Expedia for searches related to hotels. Additionally, users can opt out of targeted advertising based on their online data, while messaging systems are required to be interoperable, forcing Meta to propose solutions for seamless communication between its platforms, Facebook Messenger and WhatsApp.
Read more »
Security
attackers Cyber Attacks Data Data Safety data security Europe Hackers Safety Security

Europe's Shipping Industry Grapples with Widespread Cyberattack

 

A significant cyberattack has impacted shipping companies across Europe, commencing on Thursday afternoon. The attack, believed to be a Distributed Denial of Service (DDoS) incident, has led to the widespread unavailability of numerous websites. IT teams are currently hard at work, actively addressing and resolving the situation.

Johanna Boijer-Svahnström, the Senior Vice President of Viking Line, discussed the extensive cyberattack that occurred on Thursday. In a statement to HBL, she emphasized that the cyber assault had a notable impact on major shipping companies operating throughout Europe.

"It appears to be a DDOS cyber attack targeting shipping companies across Europe. Our webpages are currently inaccessible, and our IT department is actively working to resolve the issue," Johanna conveyed to HBL.

The Cyber Express reached out to the company to verify the security incident and gather additional information following the cyberattack. Regrettably, at the time of preparing this report, no confirmation has been received from Viking Line.

According to media reports, the Viking Line cyberattack appears to have been a DDoS attack stemming from an overload on the company's website. This cyber assault had a widespread impact, affecting nearly all major shipping companies in the region.

About Viking Line

Viking Line, established in 1959, is a prominent shipping company specializing in cruise, cargo, and passenger services primarily within the Baltic Sea region. The company maintains a fleet of more than 50 vessels offering services in all three categories, with a current workforce of over 2,000 employees.

A recent report citing research conducted by the law firm HFW suggests that the shipping industry is considered an "easy target" for cybercriminals. The same report indicates a notable increase in ransomware attacks, with ransom demands rising by an astounding 350% over the past year.

"Our findings reveal that despite improvements in maritime cybersecurity, the industry remains vulnerable. Shipping organizations are facing a surge in cyberattacks, along with a substantial increase in ransom payment demands. As technology continues to play a larger role across all aspects of shipping, encompassing ship networks, offshore installations, and onshore control centers, the potential for cybersecurity breaches also escalates," reported Heavylift PFI, quoting Tom Walters, a partner at Hollman Fenwick Willan, a global law firm.

Incidents like the Viking Line Cyberattack underscore the critical importance of robust cybersecurity measures within the shipping industry. It serves as a reminder that a proactive approach to cybersecurity across various sectors is imperative to prevent escalating challenges.
Read more »
Subscribe to: Posts (Atom)