Guidance

Read more about the article Opinion 10/2024 on the draft decision of the competent supervisory authority of Sweden regarding the approval of the requirements for accreditation of a certification body pursuant to Article 43.3 (GDPR)

Opinion 10/2024 on the draft decision of the competent supervisory authority of Sweden regarding the approval of the requirements for accreditation of a certification body pursuant to Article 43.3 (GDPR)

  • Post author:
  • Post category:

Search Search on the EDPB web site:

Continue ReadingOpinion 10/2024 on the draft decision of the competent supervisory authority of Sweden regarding the approval of the requirements for accreditation of a certification body pursuant to Article 43.3 (GDPR)
Read more about the article APRA clarifies expectations on cyber security and adequacy of backups

APRA clarifies expectations on cyber security and adequacy of backups

  • Post author:
  • Post category:

The Australian Prudential Regulation Authority (APRA) has written to all APRA-regulated entities emphasising the critical role of data backups in cyber resilience. This communication is part of APRA's ongoing commitment to supervising cyber resilience across industry, as outlined in its Interim Policy and Supervision Priorities update. The letter details the common issues observed in backup

Continue ReadingAPRA clarifies expectations on cyber security and adequacy of backups
Read more about the article ESAs publish templates and tools for voluntary dry run exercise to support the DORA implementation

ESAs publish templates and tools for voluntary dry run exercise to support the DORA implementation

  • Post author:
  • Post category:

The European Supervisory Authorities (EBA, EIOPA and ESMA – the ESAs) today published templates, technical documents and tools for the dry run exercise on the reporting of registers of information in the context of Digital Operation Resilience Act (DORA) announced in April 2024.  The materials published today include: templates for the registers of information with example

Continue ReadingESAs publish templates and tools for voluntary dry run exercise to support the DORA implementation
Read more about the article ICS Advisory: Fuji Electric Monitouch V-SFT

ICS Advisory: Fuji Electric Monitouch V-SFT

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Monitouch V-SFT Vulnerabilities: Out-of-Bounds Write, Stack-Based Buffer Overflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Fuji Electric's Monitouch V-SFT, a

Continue ReadingICS Advisory: Fuji Electric Monitouch V-SFT
Read more about the article ICS Advisory: LenelS2 NetBox

ICS Advisory: LenelS2 NetBox

  • Post author:
  • Post category:

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: LenelS2 Equipment: NetBox Vulnerabilities: Use of Hard-coded Password, OS Command Injection, Argument Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication and execute malicious commands with elevated permissions 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS

Continue ReadingICS Advisory: LenelS2 NetBox