March 26th, 2020
Paolo Fanuli – Cybersecurity Leader of the Week!
We are proud to recognize Paolo Fanuli, Head Center of Competence OT Cybersecurity at Knorr-Bremse, as our Leader of the Week!
Paolo Fanuli has more than 30 years of experience in the IT industry, of which more than 20 in cybersecurity. Since 2018, Paolo is making sure that cybersecurity is being designed into products of Knorr-Bremse.
The Rail Vehicle Systems Division of this long-established company equips mass transit vehicles and mainline trains with highly advanced products.
You can follow Paolo’s thoughts and vision in our exclusive interview:
You can also find this interview in the Observatory Central Europe – First Edition:
Congratulations from the Cybersecurity Observatory team.
Australia sues Facebook, alleges breach of user data
The Australian privacy regulator filed a lawsuit against Facebook, accusing the social media giant of sharing the personal details of more than 300,000 people with political consultant Cambridge Analytica without their knowledge.
In the Federal Court lawsuit, the Australian Information Commissioner accused Facebook of breaching privacy law by disclosing 311,127 users’ information for political profiling via a survey product, ‘This Is Your Digital Life’, on its website.
Full details here.
Microsoft: Type 1 Font Parsing Remote Code Execution Vulnerability
Two remote code execution vulnerabilities exist in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font – Adobe Type 1 PostScript format.
There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane.
Further details here.
Coronavirus outbreak – Joint Statement European Commission, ENISA, CERT-EU and Europol
The outbreak has spurred widespread anxiety and forced many people to work from home. Malign actors are actively exploiting these new challenging circumstances to target remote workers, businesses and individuals alike. Relevant EU entities are in close contact with one another to track these malicious activities, raise awareness in their respective communities and help protect confined citizens.
The European Commission, ENISA, CERT-EU and Europol, among others, will continue to monitor the situation and coordinate as appropriate to insure a safer cyberspace for the EU and the world.
Full joint statement here.
Sepio Systems, the Rogue Device Mitigation company, raises US$ 4m
About Sepio Systems
Sepio Systems is disrupting the cyber-security industry by uncovering hidden hardware attacks. Bad actors are gaining access by implanting rogue hardware – Sepio’s Rogue Device Mitigation (RDM) stops them.
Sepio Systems was founded by cyber security experts from private industry and government agencies.Their team has earned global
recognition in fighting attacks though malicious hardware devices.