Amazon is joining the list of big tech companies to introduce a dedicated independent cloud for Europe, with news that it’s working on the “AWS European Sovereign Cloud” for governments and highly-regulated industries across Europe. AWS’s cloud rival Google partnered with Deutsche Telekom’s IT services and consulting subsidiary T-Systems more than two years ago to offer a sovereign cloud for German organizations, while Microsoft launched its “cloud for sovereignty” last year. And Oracle followed suit earlier this year.
The Transportation Security Administration (TSA) renewed cybersecurity directives for passenger and freight railroad carriers that were set to expire on Tuesday. The rules — split into three separate directives — mandate that operators test parts of their cybersecurity incident response plans every year, submit annual updated cybersecurity assessment plans to TSA and report on the effectiveness of the efforts. Carriers are mandated to develop network segmentation policies and controls that separate operational technology (OT) systems from general IT systems in case of compromise.
Google is starting to roll out its new “About this image” tool, which aims to provide essential background information and context about images in Google Search. The feature was first announced at Google’s I/O developer conference in May, and now it’s rolling out to English users globally. You can access the feature from the three-dot menu that appears in Search and Google Images results. The search giant is also announcing updates to its Fact Check Explorer initiative and AI-powered Search Generative Experience.
A critical security update is now available for the latest high-profile Citrix NetScaler vulnerability. But so is an exploit. And in some cases, the latter may be simpler to use than the former. It’s been a busy week so far for Citrix customers. On Sept. 23, following reports of active exploitation in the wild, the company released an urgent update for CVE-2023-4966, a sensitive information disclosure vulnerability in its NetScaler application delivery controller (ADC) and Gateway products. The vulnerability was assigned a “High” 7.5 out of 10 CVSS rating by NIST, but a “Critical” 9.4 by Citrix itself.
Japanese watchmaker Seiko has confirmed it suffered a Black Cat ransomware attack earlier this year, warning that the incident has led to a data breach, exposing sensitive customer, partner, and personnel information. Seiko says its investigation confirmed that a total of 60,000 ‘items of personal data’ held by its ‘Group’ (SGC), ‘Watch’ (SWC), and ‘Instruments’ (SII) departments were compromised by the attackers. On August 10, 2023, the company warned that someone had gained unauthorized access to at least one of its servers on July 28, 2023.