U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

EU member states are urged to restrict without delay 5G equipment from risky suppliers

The European Commission urges member states to limit “without delay” equipment from Chinese suppliers from their 5G networks, specifically Huawei and ZTE. The European Commission told member states to impose restrictions on high-risk suppliers for 5G networks without delay, with a specific focus on the dependency on high-risk suppliers, specifically Chinese firms Huawei and ZTE. […]

5G networks European Commission

The European Commission urges member states to limit “without delay” equipment from Chinese suppliers from their 5G networks, specifically Huawei and ZTE.

The European Commission told member states to impose restrictions on high-risk suppliers for 5G networks without delay, with a specific focus on the dependency on high-risk suppliers, specifically Chinese firms Huawei and ZTE.

According to a second report on Member States’ progress in implementing the EU Toolbox on 5G Cybersecurity, member states are recommended to ensure that the restrictions cover critical and highly sensitive assets identified in the EU Coordinated risk assessment, including the Radio Access Network.

The report was prepared by Member States’ authorities (NIS Cooperation Group), with the support of the Commission and the EU Agency for Cybersecurity (ENISA). 

“Ten Member States have used these powers to impose obligations on MNOs to restrict or exclude suppliers considered as high-risk from their 5G networks.” reads the report published by the EU. “Several Member States have taken measures to restrict the use of, or exclude, high-risk suppliers or components. In three Member States, decisions on high-risk suppliers or equipment are taken based on applications from MNOs to deploy 5G equipment. One Member State has taken a public decision to exclude Huawei and ZTE from its 5G network.”

The report provides an overview of the implementation of the EU Toolbox‘s strategic and technical measures. The strategic measures aimed at mitigating risks associated with long-term dependency on specific suppliers. The technical measures focus on bolstering the security of 5G networks and equipment, analyzing the problems from different perspectives, including technologies, processes, human involvement, and physical elements.

The call to restrict the suppliers is subordinate to the assessments made by member states’ national authorities.

The report highlights the risks to collective security associated with delays in limiting the provision of network equipment from high-risk suppliers.

Out of the twenty-four Member States that possess or are in the process of developing legislative powers, seventeen have already implemented or are planning to adopt an ex-ante approach. This approach allows the states to restrict the deployment of 5G equipment from risky providers. Additionally, nineteen Member States have already confirmed their ability to enforce the removal of existing equipment provided by high-risk suppliers.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, European Commission)