Data Breach – Tracking Bugs: European Vulnerability Database Goes Live
“Europe’s new vulnerability-tracking service is now fully live, just weeks after the American-run Common Vulnerabilities and Exposures program had a brush with closure despite its status as a global cybersecurity standard.”
Securityweek – Microsoft Accounts Go Passwordless by Default
“As passkeys become the new standard, expect increased pressure from cyberattackers on any accounts still protected by passwords or other phishable sign-in methods,” the company says.
Cyberscoop – Quantum computer threat spurring quiet overhaul of internet security
“Whether it’s nationalized cryptography out of South Korea [or] new standards from [the National Institute of Standards and Technology], this is a time to think about not just, ‘how am I doing my post-quantum migration?’
The Hacker News – Apple Drops iCloud’s Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands
“Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data.”
Bankinfo Security – Security Researchers Warn of New Risks in DeepSeek AI App
“Security researchers found more vulnerabilities in DeepSeek, renewing concerns about the potential user privacy and national security issues associated with using the Chinese artificial intelligence app.”
TU/e – Netwerk TU/e uit de lucht gehaald, maandag geen onderwijs
“De TU/e heeft vandaag (zondag 12 januari) het netwerk offline gehaald, vanwege een cyberaanval. Daardoor zijn of worden netwerkgebonden systemen van de TU/e voorlopig voor gebruikers onbereikbaar en zijn er geen onderwijsactiviteiten mogelijk, in ieder geval tot en met maandag. “
Forbes – Why Cryptographic Agility Needs To Be A Top Cybersecurity Priority
“Organizations should implement a crypto-agility approach to develop a migration plan for deploying quantum-resistant certificates. “
Forbes – What Boards Of Directors Should Know About Their Organization’s AI Usage
“Organizations might feel pressure to jump on the AI bandwagon given the technology’s growing popularity, but infusing AI into a company’s business model needs to be intentional and in support of the company’s overarching business goals.” “Does the organization have a policy in place that addresses the acceptable use of AI? What are potential risk […]
ISACA – Can Hardening Reduce Cyberrisk?
“An often overlooked means to significantly reduce risk has been hardening systems, technologies, and network infrastructure. “
Cybersecurity Dive – Memory-unsafe code runs rampant in critical open-source projects
“CISA and the FBI are part of an international effort to eliminate memory-unsafe languages which were found in more than half of critical open-source projects.”