Recent Posts

24/01/2025

Cyber (In)Securities – Issue 119

Information Security News Google Cloud Links Poor Credentials to Nearly Half of All Cloud-Based AttacksBy Matt Kapko, Cybersecurity DiveRead moreGoogle Cloud has reported that nearly half of all cloud-based cyberattacks can be traced back to weak or compromised credentials. Attackers frequently exploit poor password hygiene 

Recent Digests
-
by Cyan Staff
Welcome New Member – Krishna Pasumarthi from New Zealand!
24/01/2025

Welcome New Member – Krishna Pasumarthi from New Zealand!

Please welcome our newest member from New Zealand, Krishna Pasumarthi! Krish is a seasoned IT Risk & Security leader with over 20 years of experience specializing in cybersecurity strategy, third-party risk management, and security managed services. As the Managing Director of Cybrgen, he advises C-suite 

CyAN News
-
by Cyan Staff
Osavul Webinar on Foreign Interference and Manipulation (FIMI)
22/01/2025

Osavul Webinar on Foreign Interference and Manipulation (FIMI)

Disinformation ranked as 2024’s top economic threat, and Europe is now seeing its effects with the 2025 elections underway. From canceled results to public unrest, FIMI’s impact is undeniable.

But why weren’t we prepared?

  • What tactics make FIMI so effective?
  • How can we detect and counter it?
  • Is FIMI targeting more than just elections? 🌐

CyAN’s mission includes enhancing trust and stability in the e-society, which includes cooperation in the fight against disinformation and similar destabilizing online influences on democracy and the digital economy.

Osavul CBDO and co-founder Dmytro Bilash, an expert on information environment assessment, joined us on CyAN’s Secure-in-Mind video and podcast series for a conversation about disinformation, AI, and security in 2024.

We’d like to return the favor by sharing an invitation to join Osavul for a live webinar about FIMI, taking place on January 30, at 12:00 EST / 17:00 UTC/GMT / 18:00 CET. The webinar will be recorded.

The webinar will explore:

  • Real FIMI cases.
  • Strategies to protect against manipulation.

To register for access to both the live webinar and the recording, and to learn about FIMI from prominent experts, please visit https://www.osavul.cloud/webinars/fimi-in-action-analyzing-foreign-interference-in-europe

CyAN News
-
by Cyan Staff
22/01/2025

A Day in the Life of a Seasoned Security Analyst: Transforming Cybersecurity with 360Sequrity Solutions By Shantanu Bhattacharya

Let me take you on a journey through the eyes of Alex, a seasoned security analyst at SecureBank, a global financial institution. Alex’s team is responsible for protecting sensitive customer data from increasingly sophisticated cyberattacks. Every day is a battle, but this one is about 

The CyAN Blog
-
by Cyan Staff
CyAN – Community Partner for Ai Everything Global 2025
21/01/2025

CyAN – Community Partner for Ai Everything Global 2025

CyAN members enjoy 40% discount off Ai Everything Global 2025

CyAN News
-
by Cyan Staff
21/01/2025

Cyber (In)Securities – Issue 118

Welcome to Cyber (In)Securities – Issue 118, your comprehensive source for the latest cybersecurity news, in-depth analysis, and insights from the global cyber community. This issue highlights the latest developments, critical vulnerabilities, and expert analysis to keep you informed about the ever-changing landscape of cybersecurity.

We’re proud to feature contributions from CyAN members, updates on upcoming global events, and exclusive op-eds. Stay connected and engaged with these valuable resources.

Information Security News

  1. Forward-Thinking Industry Leaders Sponsor Most Inspiring Women in Cyber Awards 2025
    By Charley Nash, IT Security Guru
    Read more
    The 2025 Most Inspiring Women in Cyber Awards, backed by industry leaders, aims to recognise the achievements of women driving innovation and leadership in cybersecurity. With support from key sponsors, the event seeks to address the gender gap in the field and encourage diversity. Organisers hope the initiative will inspire more women to pursue cyber careers while shedding light on the vital role they play in strengthening the industry. As nominations open, the awards promise to spotlight emerging talents and celebrate experienced professionals making an impact in cybersecurity.
  2. DoNot Team Linked to New Tanzeem Android Malware Targeting Intelligence Collection
    By Ravie Lakshmanan, The Hacker News
    Read more
    The DoNot Team, a known advanced persistent threat group, has been linked to a new Android malware strain called “Tanzeem,” which focuses on intelligence gathering across South Asia. The malware is disguised as legitimate applications, enabling it to steal call logs, SMS messages, and GPS data without detection. Researchers warn that the group is refining its techniques, making it a persistent threat to government agencies and defence contractors. Security experts recommend implementing mobile threat defence solutions and educating users to recognise suspicious app behaviour.
  3. Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities
    By Eduard Kovacs, Security Week
    Read more
    Critical vulnerabilities have been identified in Mercedes-Benz infotainment systems that could allow attackers to remotely access vehicle functions, raising concerns over driver safety and data privacy. Exploiting these flaws could let cybercriminals manipulate navigation, infotainment settings, or even access sensitive user data stored within the system. Mercedes-Benz has responded by issuing software updates and urging customers to stay up to date with security patches. The incident highlights the growing need for automotive cybersecurity as vehicles become more connected.
  4. Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
    By Ravie Lakshmanan, The Hacker News
    Read more
    Security researchers have discovered that unsecured tunnelling protocols have left 4.2 million internet-connected devices—such as VPNs and routers—vulnerable to exploitation. Attackers could leverage these weaknesses to intercept traffic, inject malicious code, or gain unauthorised access to networks. Organisations using affected protocols are urged to implement stronger encryption, restrict public exposure, and adopt secure configuration practices to prevent exploitation. This finding underscores the importance of securing network infrastructure to mitigate evolving cyber threats.
  5. A Flaw in the W3 Total Cache Plugin Exposes Hundreds of Thousands of WordPress sites to Attacks
    By Pierluigi Paganini, Security Affairs
    Read more
    A newly discovered vulnerability in the widely used W3 Total Cache plugin for WordPress is putting hundreds of thousands of websites at risk. The flaw, if exploited, could allow attackers to execute arbitrary code, steal sensitive data, or disrupt website functionality. Security experts warn that this vulnerability is particularly concerning for businesses relying on WordPress for their online presence. Website owners are urged to update to the latest version, review their security settings, and monitor for any unusual activity to prevent potential exploitation.
  6. HPE Investigating Breach Claims After Hacker Offers to Sell Data
    By Eduard Kovacs, Security Week
    Read more
    Hewlett Packard Enterprise (HPE) is investigating claims of a data breach after a hacker advertised stolen company data for sale on a dark web forum. The alleged breach reportedly includes sensitive corporate information that could be leveraged for further cyberattacks. HPE has yet to confirm the authenticity of the claims but has launched an internal review and engaged cybersecurity experts. This incident underscores the increasing threat facing large enterprises and highlights the importance of proactive cybersecurity measures and timely threat intelligence to mitigate potential damage.
  7. OpenAI’s ChatGPT crawler can be tricked into DDoSing sites, answering your queries
    By Thomas Claburn, The Register
    Read more
    Security researchers have discovered that OpenAI’s ChatGPT web crawler can be manipulated to unintentionally launch distributed denial-of-service (DDoS) attacks against websites. By feeding the crawler malicious instructions, attackers can overload targeted servers and disrupt their operations. The incident highlights the potential unintended consequences of AI automation in cybersecurity. Experts advise businesses to monitor traffic patterns and deploy web application firewalls to mitigate the risk of abuse. OpenAI is reviewing the findings to improve the crawler’s resilience against such attacks.
  8. Facebook, X, YouTube to do more against online hate speech, EU says
    By Foo Yin Chee, itNews
    Read more
    The European Union is increasing pressure on tech giants Facebook, X (formerly Twitter), and YouTube to step up their efforts in combating online hate speech. Regulators are demanding stronger moderation policies, improved content detection technologies, and greater transparency in handling harmful content. Failure to comply could result in hefty fines under the EU’s Digital Services Act. Social media platforms are facing growing scrutiny over their role in spreading harmful content, and this move signals the EU’s commitment to holding them accountable for ensuring safer online spaces.
  9. Star Blizzard hackers abuse WhatsApp to target high-value diplomats
    By Bill Toulas, Bleeping Computer
    Read more
    A sophisticated cyber-espionage group known as Star Blizzard is leveraging WhatsApp to target high-profile diplomats and government officials. The attackers use social engineering tactics to distribute malware via WhatsApp messages, enabling them to spy on conversations and exfiltrate sensitive data. Security analysts warn that the group’s methods are becoming increasingly refined, making detection more challenging. Experts recommend officials adopt stricter communication policies and implement secure messaging alternatives to prevent falling victim to such targeted attacks.
  10. Nato flotilla assembles off Estonia to protect undersea cables in Baltic Sea
    By Julian Borger, The Guardian
    Read more
    In response to growing concerns over potential sabotage, NATO has deployed a flotilla off the coast of Estonia to protect critical undersea communication cables in the Baltic Sea. These cables are vital to global communications and economic stability, making them prime targets for state-sponsored attacks. The operation highlights NATO’s commitment to securing critical infrastructure amidst rising geopolitical tensions. Experts stress the need for long-term strategies to safeguard underwater assets from cyber and physical threats.
  11. FTC orders GM to stop collecting and selling driver’s data
    By Bill Toulas, Bleeping Computer
    Read more
    The Federal Trade Commission (FTC) has ordered General Motors to halt the collection and sale of driver data, citing privacy violations and lack of transparency. The automaker has been gathering vast amounts of sensitive data through connected vehicle features, raising concerns about user consent and data security. Regulators argue that such practices put consumer privacy at risk and call for stricter compliance measures. GM is expected to revise its data handling policies to ensure they align with regulatory requirements and consumer expectations
  12. Otelier data breach exposes info, hotel reservations of millions
    By Lawrence Abrams, Bleeping Computer
    Read more
    A massive data breach at hotel booking platform Otelier has exposed the personal details and reservation data of millions of customers worldwide. The breach includes sensitive information such as payment details, contact information, and booking histories, posing a significant risk of identity theft and fraud. Security experts warn affected users to monitor their financial statements and change any associated passwords. The incident underscores the ongoing threat posed by unsecured databases and the critical need for robust security practices in the hospitality sector.
  13. GDPR complaints filed against TikTok, Temu for sending user data to China
    By Bill Toulas, Bleeping Computer
    Read more
    Privacy watchdogs have filed GDPR complaints against TikTok and Temu, alleging that the platforms are illegally transferring user data to China. The complaints highlight concerns over data sovereignty and national security risks, as European regulators push for greater transparency in how personal data is handled. Both companies have faced scrutiny over their data practices, with regulatory action potentially leading to fines or operational restrictions. This case adds to the growing tension between global tech giants and data protection authorities in the EU.
  14. Woe Daddy: FTC raps hosting giant for security lapses
    By Shaun Nichols, SC Media
    Read more
    The FTC has reprimanded hosting giant GoDaddy for years of security lapses that left customer data exposed to cyber threats. The agency found that GoDaddy failed to implement adequate security measures, leading to repeated breaches and data theft incidents. Regulators are demanding improved security controls, transparency, and stricter compliance measures to protect customers. Industry experts view this action as a warning to other hosting providers, emphasising the importance of proactive security measures and regular audits to prevent similar incidents.
  15. EU asks X for internal documents about algorithms as it steps up investigation
    By Lisa O’Carroll, The Guardian
    Read more
    The European Union has intensified its investigation into X (formerly Twitter), requesting internal documents related to its content moderation algorithms. Regulators aim to assess whether X is in compliance with the Digital Services Act, which mandates greater transparency in handling misinformation and harmful content. The EU’s scrutiny signals an ongoing effort to hold social media platforms accountable for their role in shaping public discourse. X is expected to provide detailed documentation on its algorithmic processes or face potential regulatory action.
  16. W3 Total Cache plugin flaw exposes 1 million WordPress sites to attacks
    By Bill Toulas, Bleeping Computer
    Read more
    A critical vulnerability in the W3 Total Cache plugin is putting over 1 million WordPress sites at risk of cyberattacks. The flaw could allow threat actors to execute arbitrary code, steal sensitive data, and disrupt website functionality. Security experts warn that attackers are actively scanning for vulnerable sites, urging website administrators to apply the latest patch immediately. This incident highlights the importance of regular plugin updates and implementing robust security measures to protect websites from exploitation.
  17. Russian hackers target WhatsApp accounts of ministers worldwide
    By Dan Milmo, The Guardian
    Read more
    Russian state-sponsored hackers have launched a global campaign targeting the WhatsApp accounts of government ministers and high-ranking officials. Using sophisticated social engineering tactics, the attackers aim to compromise communications and gain access to sensitive government data. Security agencies are urging officials to enable stronger authentication methods and exercise caution when interacting with unknown contacts. The campaign underscores the growing threat posed by nation-state actors exploiting widely used communication platforms.

ANALYSIS

  1. The Digital Battlefield: US Tech Giants vs. the EU’s Privacy Stance
    By PrivID (Substack)
    Read more
    As the EU tightens its grip on data privacy regulations, US tech giants are facing increasing challenges in complying with stringent requirements. This analysis explores the clash between innovation and regulation, with tech companies arguing that restrictive policies stifle growth, while European regulators emphasise the importance of user privacy. The ongoing battle raises questions about the future of cross-border data transfers and the potential for regulatory fragmentation across jurisdictions. Businesses must navigate these challenges carefully to maintain compliance and user trust.
  2. Protecting Energy Infrastructure: CESER, Partners Publish Cybersecurity Guidance to Mitigate Cyber-Attacks
    By the Office of Cybersecurity, Energy Security, and Emergency Response (CESER)
    Read more
    The U.S. Department of Energy’s CESER office, in collaboration with industry partners, has released new cybersecurity guidelines aimed at protecting energy infrastructure from rising cyber threats. The guidance focuses on proactive threat detection, incident response planning, and enhancing resilience against attacks targeting power grids and critical energy systems. With the energy sector increasingly in the crosshairs of cyber adversaries, the document provides actionable steps to fortify defences and ensure the reliability of energy services. Industry stakeholders are urged to implement these best practices to safeguard national energy security.

CyAN Members: Op Eds and Articles

  1. A Day in the Life of a Seasoned Security Analyst: Transforming Cybersecurity with 360Sequrity Solutions
    By Shantanu Bhattacharya
    Read more
    In this insightful piece, CyAN member Shantanu Bhattacharya takes readers behind the scenes of a seasoned security analyst’s daily routine, offering a first-hand look at the challenges and triumphs of protecting digital assets. From tackling real-time threats to collaborating with cross-functional teams, Shantanu highlights how adaptability, continuous learning, and proactive threat detection are key to staying ahead in today’s dynamic cyber landscape. He emphasises the importance of balancing technical expertise with effective communication to bridge the gap between security teams and business objectives. The article serves as an inspiring guide for aspiring security professionals, showcasing how experience and resilience can transform cyber challenges into strategic opportunities.

EVENTS

AI Global Everything, Dubai, UAE: 4-6 February
Visit Event
GITEX AFRICA, Marrakesh, Morocco: 14-16 April
Visit Event
GITEX ASIA: Singapore (Marina Bay Sands) 23-25 April
Visit Event
GISEC: Dubai World Trade Center, Dubai, UAE: 6-8 May
Visit Event
The Cyber Outstanding Security Performance Awards (Cyber OSPAs), May 8, London, UK
Visit Event
MaTeCC: Rabat, Morocco, 7-9 June, 2025
(The third annual North Africa and beyond cybersecurity event, hosted by CyAN partner organisation École High-Tech.)
Visit Event

Check out the original post on our LinkedIn.

Recent Digests
-
by Cyan Staff
State of (Cyber)War Ep. 8.2 – Military Cryptology, Part II
20/01/2025

State of (Cyber)War Ep. 8.2 – Military Cryptology, Part II

Hugo Tarrida and John Salomon talk about the history of military encryption, from the Cold War until today, part of CyAN’s State of (Cyber)War podcast series.

The CyAN Blog
-
by Cyan Staff
20/01/2025

Cyber (In)Securities – Issue 117

Note: due to the volume of posts, and availability of resources, the web version of these digests will move to a simpler format until further notice. Information Security News Analysis Events (CyAN-Organized or -Supported): AI Global Everything will be held from 4th to 6th February 

Recent Digests
-
by Cyan Staff
How EDR/XDR Technologies Enhance Data Privacy and Their Implications for AI Governance
20/01/2025

How EDR/XDR Technologies Enhance Data Privacy and Their Implications for AI Governance

In today’s digital world, data privacy has become a paramount concern for organizations and individuals alike. As cyber threats grow increasingly sophisticated, organizations turn to robust security solutions like Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) to safeguard sensitive data. Beyond their immediate role in mitigating cyber risks, these technologies also have profound implications for broader privacy governance—especially in the context of artificial intelligence (AI), where privacy and ethical concerns dominate discussions.

This blog explores how EDR/XDR technologies support data and information privacy and delves into their implications for AI governance, particularly in the realm of privacy compliance and risk mitigation.

Understanding EDR and XDR: A Foundation for Privacy Protection

Before diving into their privacy benefits, it’s essential to understand the basics of EDR and XDR technologies.

What is EDR?

Endpoint Detection and Response (EDR) is a security technology designed to monitor, detect, and respond to threats at endpoints, such as laptops, desktops, and mobile devices. EDR tools collect and analyse endpoint data, providing real-time visibility into activity and enabling rapid incident response.

What is XDR?

Extended Detection and Response (XDR) takes EDR a step further by integrating data from multiple security layers—endpoints, networks, servers, email systems, and cloud workloads. It provides a unified view of threats across the organization, allowing for comprehensive detection, analysis, and response.

How EDR/XDR Technologies Enhance Data Privacy

EDR and XDR technologies are instrumental in safeguarding sensitive information and ensuring data privacy. Here’s how they achieve this:

1. Threat Detection and Prevention

     •  EDR’s Real-Time Monitoring: EDR continuously monitors endpoint activity, identifying malicious behaviour or unauthorised access attempts that could compromise sensitive data. For example, if malware attempts to exfiltrate personal information, EDR can detect and block it in real time.

     •  XDR’s Broader Coverage: By correlating data from various sources, XDR enhances visibility and identifies sophisticated attack vectors, such as coordinated phishing campaigns or insider threats targeting sensitive information.

2. Data Encryption and Access Controls

     •  Endpoint Encryption Enforcement: EDR enforces encryption protocols, ensuring that sensitive data remains protected even if devices are lost or stolen.

     •  Access Management via XDR: XDR systems can integrate with identity and access management tools to enforce strict access controls and prevent unauthorised data access.

3. Privacy Breach Mitigation

     •  Rapid Incident Response: EDR provides forensic tools to investigate breaches quickly, minimizing the window of exposure for sensitive data.

     •  Anomaly Detection: XDR uses advanced analytics, including machine learning, to detect unusual data flows that may indicate a privacy breach, such as unauthorised data exfiltration.

4. Compliance with Privacy Regulations

     •  Regulatory Alignment: Many privacy regulations, such as GDPR, HIPAA, and CCPA, mandate robust data protection measures. EDR/XDR technologies help organisations meet these requirements by securing endpoints and data across the network.

     •  Audit Trails and Reporting: XDR’s centralised logging capabilities provide detailed records of security events, aiding compliance audits and demonstrating adherence to privacy laws.

5. AI-Powered Threat Intelligence

     •  Modern EDR/XDR solutions leverage AI to analyse vast amounts of data, enabling proactive detection of privacy risks. This ensures that threats are identified before they can exploit vulnerabilities.

The Intersection of EDR/XDR Technologies and AI Governance

As AI becomes a cornerstone of modern technologies, it presents unique challenges to data privacy. From algorithmic transparency to data sovereignty, the governance of AI requires robust frameworks that align with privacy principles. EDR/XDR technologies, with their focus on data security, play a crucial role in shaping these frameworks.

1. Protecting AI Training Data

AI models require vast amounts of data for training, much of which is sensitive or personal in nature. EDR/XDR technologies can secure this data by:

     •  Preventing Unauthorised Access: XDR ensures that AI training datasets are accessed only by authorised entities.

     •  Detecting Data Manipulation: EDR tools can flag suspicious activities that could compromise the integrity of AI training data.

2. Ensuring Compliance in AI Systems

     •  AI systems must comply with privacy regulations, including data minimisation and transparency requirements. XDR’s centralised management capabilities enable organisations to monitor AI-related data flows and ensure compliance with these principles.

3. Enhancing Accountability in AI Operations

     •  With advanced logging and forensic capabilities, XDR supports accountability by tracking how AI systems access and process sensitive data. This visibility is essential for identifying and addressing potential privacy violations.

4. Mitigating AI-Specific Threats

AI systems themselves can be targets of attacks, such as model poisoning or adversarial attacks that manipulate outputs. EDR/XDR technologies help secure the endpoints and systems involved in AI operations, reducing the risk of privacy breaches caused by compromised AI models.

Implications for AI Governance and Privacy Regulation

The integration of EDR/XDR technologies into privacy strategies has far-reaching implications for AI governance:

1. Strengthened Data Governance

By ensuring the security and integrity of data, EDR/XDR technologies support robust data governance frameworks that align with AI’s ethical principles. They enable organizations to manage AI datasets transparently and securely, fostering trust among stakeholders.

2. Proactive Risk Management

AI systems are only as trustworthy as the data they rely on. EDR/XDR’s threat detection capabilities provide an additional layer of protection against risks such as data poisoning or unauthorized access to AI models, reinforcing ethical AI use.

3. Enabling Privacy-First AI Development

The principles of privacy by design and privacy by default are critical for AI governance. By integrating EDR/XDR technologies into their security infrastructure, organizations can embed privacy protections into AI development processes from the ground up.

4. Facilitating Regulatory Compliance

As regulations like the EU AI Act and updated GDPR provisions increasingly address AI-specific privacy concerns, EDR/XDR technologies offer tools to ensure compliance. For example, they can generate detailed logs and reports demonstrating adherence to transparency and accountability requirements.

Conclusion: A Privacy-Driven Future with EDR/XDR and AI Governance

In an era where data privacy and AI ethics converge, EDR and XDR technologies are indispensable for organisations aiming to navigate this complex landscape. By securing endpoints and integrating threat detection across systems, these tools not only protect sensitive data but also support the ethical and compliant use of AI. As AI governance evolves, the role of security technologies like EDR/XDR will only grow, providing a foundation for trust, transparency, and accountability in the digital age. Organisations that prioritise these technologies will be better positioned to address privacy concerns, foster innovation, and lead the charge toward a responsible AI future.

The CyAN Blog
-
by Fel Gayanilo
New Podcast: Military Cryptology, Part I
16/01/2025

New Podcast: Military Cryptology, Part I

Cryptography and Cryptanalysis – Military Applications From Antiquity to the End of World War II Join our motivated more-or-less informed amateurs Hugo Tarrida and John Salomon for the latest in our State of (Cyber)War series, part of CyAN’s Secure in Mind video and podcast network. 

The CyAN Blog
-
by Cyan Staff