Data Privacy & Cybersecurity

Siemens RUGGEDCOM APE1808 Devices Vulnerabilities

CISA has issued an advisory regarding multiple vulnerabilities affecting Siemens RUGGEDCOM APE1808 devices. These vulnerabilities, related to HTTP request smuggling and authentication bypass, have been assigned high CVSS scores. Siemens recommends updating to the latest version to address these security risks.

CISA Advisory: Trane Tracer SC/SC+/Concierge Vulnerabilities

CISA issued an advisory regarding multiple vulnerabilities (CVE-2026-28252, CVE-2026-28253, CVE-2026-28254) affecting Trane Tracer SC, Tracer SC+, and Tracer Concierge systems. Exploitation could lead to sensitive information disclosure, arbitrary command execution, or denial-of-service.

Siemens Heliox EV Chargers Vulnerability Advisory

CISA has issued an advisory regarding a vulnerability in Siemens Heliox EV Chargers that could allow unauthorized access. Siemens has released updated versions and recommends immediate updates to mitigate the risk.

Siemens SIDIS Prime Vulnerabilities Advisory

CISA has issued an advisory regarding multiple vulnerabilities in Siemens SIDIS Prime versions prior to V4.0.800, affecting components like OpenSSL, SQLite, and Node.js packages. Siemens recommends updating to the latest version to address these high-severity issues.

NCSC Assessment: Impact of AI on Cyber Threats 2027

The UK's National Cyber Security Centre (NCSC) has released an assessment detailing how Artificial Intelligence (AI) is expected to significantly increase cyber threats by 2027. The report highlights that AI will make intrusion operations more effective and efficient, potentially leading to a digital divide in system vulnerability.

NCSC Paper on Assessing 'Forgivable' vs 'Unforgivable' Vulnerabilities

The UK's National Cyber Security Centre (NCSC) has published a paper proposing a method to assess software vulnerabilities as 'forgivable' or 'unforgivable'. The research aims to help vendors eradicate common vulnerability classes by making top-level mitigations easier to implement.

UK Legal Sector Cyber Threat Report

The UK's National Cyber Security Centre (NCSC) has released a cyber threat report for the legal sector, detailing common threats and providing guidance for law firms of all sizes to enhance their resilience. The report highlights the extent to which the sector is being targeted, with an average of four nationally significant cyber attacks occurring weekly across the UK.

Active Cyber Defence Programme - Sixth Year Report

The UK's National Cyber Security Centre has published the sixth-year report on its Active Cyber Defence (ACD) programme. The report details findings on how the programme has protected the UK from cyber attacks since its launch in 2017.

NCSC Report: AI to Increase Cyber Attack Volume and Impact

The UK's National Cyber Security Centre (NCSC) has released a report assessing the near-term impact of Artificial Intelligence on the cyber threat. The assessment concludes that AI will almost certainly increase the volume and impact of cyber attacks over the next two years, though the effect will be uneven across different threat actors.

AEPD Resolution on GDPR Rights Procedure

The Spanish Data Protection Agency (AEPD) has issued a resolution regarding a GDPR rights procedure. The resolution addresses a complaint where a data subject exercised their right of access, and the data controller failed to provide a legally established response within the stipulated timeframe. The AEPD admitted the claim for processing.