22^nd Global Standards Collaboration meeting convenes world’s leading standards bodies in Montreux, Switzerland

Sophia Antipolis, 28 March 2019

The 22nd meeting of the Global Standards Collaboration (GSC), a high-level gathering of the world’s leading information and communication technologies (ICT) standards organizations, took place from 26-27 March 2019, hosted by IEC (International Electrotechnical Commission) and ISO (International Organization for Standardization) in Montreux, Switzerland.  GSC members shared their priorities and focused on Smart Sustainable Cities and AI (Artificial Intelligence). 

Read More...

ETSI launches a new group on information exchange between maritime surveillance authorities

Sophia Antipolis, 3 May 2019

ETSI has recently launched a new Industry Specification Group on a European Common Information Sharing Environment Service and Data Model (ISG CDM). The ETSI group will define technical standards to allow data exchange among different maritime legacy systems in a cooperative network. Enhancing information exchange between maritime surveillance authorities is one of the key strategic objectives of the European Union under the Integrated Maritime Policy with increased coordination between different policy areas (transport, environmental protection, fisheries control, border control, general law enforcement, customs and defence).

Read More...

ETSI releases 3 new ontology specifications for Smart Cities, Industry 4.0 and Smart Agriculture

Sophia Antipolis, 24 June 2019

Following the first three SAREF (Smart Applications REFerence ontology) specifications for energy, environment and buildings, the ETSI SmartM2M Technical Committee has just released three new specifications for smart cities, industry and manufacturing, and smart agriculture and food chain domains.

Read More...

ETSI publishes a white paper on Network Transformation - Building on key technologies for 5G

SDN NFV World Congress, The Hague, 14 October 2019

ETSI is proud to announce the availability of a new white paper, entitled Network Transformation: Orchestration, Network and Service Management Framework, written by several of its Industry Specification Groups’ (ISG) Chairs. These groups have released specifications on key building block technologies for next-generation networks, feeding the 3GPP 5G specifications.

Read More...

ETSI publishes new work programme, keeping up the pace of ongoing activities

Sophia Antipolis, 22 June 2020

ETSI is pleased to release its 2020-2021 work programme.

In ETSI we are constantly exploring new ways to make the development of standards faster and more efficient. Our FORGE platform, for example, gives developers free access to open-source code produced by our members. And as we have already seen this year, the need for effective virtual collaboration between individuals and teams has never been keener.

Read More...

ETSI releases migration strategies and recommendations for Quantum-Safe schemes

Sophia Antipolis, 11 August 2020

The ETSI Quantum-Safe Cryptography (QSC) working group is pleased to announce the release of Technical Report TR 103 619 defining migration strategies and recommendations for Quantum-Safe schemes, and enhancing cryptography awareness across all business sectors.

Read More...

ETSI releases Technical Report on Citizen Requirements for Smart Cities

Sophia Antipolis, 9 November 2020

The ETSI Human Factors Technical Committee has released ETSI TR 103 455, a Technical Report that assesses the different citizen-related issues that smart city-related standardization in the ICT domain needs to address. These include fundamental aspects such as accessibility, usability, interoperability, personal data protection and security, and how services to citizens are to be designed to maximize benefits to the community. The study gives an overview of existing ETSI and other SDOs standards in that field, including ETSI community indicators. It aligns well with the UN Sustainable Development Goal 11 "Make cities inclusive, safe, resilient and sustainable".

Read More...

ETSI blockchain group releases first Reports, targeting industry and governmental bodies

Sophia Antipolis, 15 February 2021

The ETSI Industry Specification Group on Permissioned Distributed Ledger (ISG PDL) has recently released a number of Reports to support industry and government institutions needs for what is commonly known as blockchain. These Reports cover data record compliance to regulation, application scenarios and smart contracts.  

Read More...

ETSI simplifies ICT end-users’ lives with a guide available in 19 European languages

Sophia Antipolis, 21 July 2022

ETSI is pleased to announce the new version of the ETSI Guide EG 203 499, developed by experts from the Human Factors Technical Committee. The guide aims to further simplify end-user access to ICT devices, services and applications by providing recommended terms for basic and commonly used ICT-related objects and activities, notably the terms that end users are commonly exposed to.

Read More...

ETSI’s Activities in Artificial Intelligence: Read our New White Paper

Sophia Antipolis, 21 December 2022

ETSI has a long history of developing standards in the field of artificial intelligence (AI) and systems that use and support AI. Today ETSI is pleased to release a new White Paper developed by a variety of members and experts. They include companies from telecom and network communication sectors, from large and small and medium enterprises, based either in Europe, Asia or America.

This White Paper entitled ETSI Activities in the field of Artificial Intelligence supports all stakeholders and summarizes ongoing effort in ETSI and planned future activities. It also includes an analysis on how ETSI deliverables may support current policy initiatives in the field of artificial intelligence.  A section of the document outlines ETSI activities of relevance to address Societal Challenges in AI while another addresses the involvement of the European Research Community.

Read More...

Sophia Antipolis, 19 October 2023

ETSI’s well-known Security Conference came to a close today with nearly 250 onsite attendees from 29 countries. This year’s event focused on security research and global security standards in action, considering broader aspects such as attracting the next generation of cybersecurity standardization professionals and supporting SMEs.

Read More...

Sophia Antipolis, 8 March 2024 

On 5 March, the European Standardization Organizations (ESOs), CEN, CENELEC and ETSI, joined forces with ENISA, the European Union Agency for Cybersecurity, to organize their 8th Cybersecurity Standardization Conference.

Read More...

Starts: Thu, 28 Nov 2024 18:30:00 -0500
11/28/2024 05:30:00PM
Location: Montreal, Canada

New essay, "How Slavery Affected African American Families," by Heather Andrea Williams, associate professor of history at the University of North Carolina at Chapel Hill, added to Freedom's Story: Teaching African American Literature and History, TeacherServe from the National Humanities Center.

The Minister of Finance has approved amendments to Ontario Securities Commission (OSC) Rule 91-507 Trade Repositories and Derivatives Data Reporting and consequential amendments to OSC Rule 13-502 Fees (collectively, the Amendments) pursuant to

1. Ontario Securities Commission Rule 91-507 Trade Repositories and Derivatives Data Reporting is amended by this Instrument.

The Securities Advisory Committee (“SAC”) is a committee of industry experts established by the Commission to advise it and its staff on a variety of matters including policy initiatives and capital markets trends.

This document is only available as a PDF.

This document is only available in PDF format.

TORONTO – The Capital Markets Tribunal is seeking applications for membership to the Securities Proceedings Advisory Committee (SPAC).

TORONTO – Participating Canadian securities regulators today published the results of their 10th consecutive annual review of disclosures relating to women on boards and in executive officer positions, as well as the underlying data that was used to prepare the report.

TORONTO – The Canadian Securities Administrators (CSA) today published

TORONTO - The Canadian Securities Administrators (CSA) today published its biennial

Finding sources for funding research can be a demanding task, and one that's not always successful. A new trend that's emerging out of the necessity to fund projects that have no traditional means of support is "crowdfunding." A panel at SpotOnLondon weighs the resulting apprehensions and benefits.

Marie Boran is a PhD candidate at the INSIGHT Centre for Data Analytics, the National

قدمة تستعرض هذه المذكرة المشهد السياسي المعاصر في السودان،وكيفية تأثيرهعلى جدوى الاستثماراتفي القطاع الزراعيالتي تشتد الحاجة إليها لتحقيق التحول الزراعي في البلاد. ت ركزالمذكرة بشكل خاص على سلاسل القيمة في قطاعي الثروة الحيوانية والبستنة فيولاية الخرطوم،وإدارة الموارد الطبيعية في ولايتي النيل الأزرق وجنوب كردفان. أهملت الحكومات المتعاقبة إلى حد كبير قطاع الزراعة على الرغم من أنه أكبر قطاع توظيف في السودان ويساهم بنحو 56في المئة من إجمالي الصادرات (بنك السودان المركزي، 2020).

Boston private eye Spenser and his sidekick, Hawk, follow a con man's schemes on cable news shows and within police precincts in the wake of an elaborate double cross that has victimized a smitten woman as well as a cache of investors, cops and paramilitary contractors.

Montréal –The Canadian Securities Administrators (CSA) warns the public about investment schemes involving fraudulent websites that solicit investments in foreign exchange (often referred to as “forex”), binary options and/or crypto assets.

Montreal - The Canadian Securities Administrators (CSA) is warning the public to be vigilant for unsolicited communications that come from scammers posing as CSA staff or staff of CSA members.

Toronto – The Canadian Securities Administrators (CSA) is warning the public that Nova Tech Ltd (NovaTech), which operates the website www.novatechfx.com, is not registered with a securities regulator in any province or territory in Canada.

TORONTO – The Canadian Securities Administrators (CSA), the Canadian Investment Regulatory Organization (CIRO), and the Ombudsman for Banking Services and Investments (OBSI) remind investors that they all offer investors services related to claims or complaints free of charge.

The objective of this analysis is to gain more insight into the coping behavior of households in Mali when facing covariate shocks and stressors of different kinds Source: IFPRI Africa Regional Office (AFR)

The objective of this analysis is to gain more insight into the coping behavior of households in Mali when facing covariate shocks and stressors of different kinds Source: IFPRI Africa Regional Office (AFR)

IFPRI is pleased to participate in the 29th UN Climate Change Conference of the Parties (COP29) being held in Baku, Azerbaijan from November 11 to November 22, 2024. COP29 is a pivotal opportunity to accelerate action to tackle the climate crisis. With... Source: IFPRI Malawi: Malawi Strategy Support Program

The Stories of Edgar Allan Poe is a brilliant collection of some of his best-known stories: The Tell Tale Heart (a murder's haunting guilt), The Cask of Amontillado (a story of brilliant revenge), and The Fall of the House of Usher (an ancient house full of very dark secretes). Also included in this collection are The Mask of the Red Death (horrors of 'the Plague'), and the most famous of all his poems: The Raven (a lover's decline into madness). Best read in a dimly-lit room with the curtains drawn, Poe's brilliant works come to life in darkly thrilling ways in this Manga Classic adaptation.

Wolverine seeks out Shang-Chi to train him in the skills necessary to defeat the savage Sabertooth! A class at Midtown High leads Shang-Chi into a team-up with Spidey against Midnight and his ninja army, and the wall-crawler asks for Shang-Chi's guidance on learning a little Spider-Fu! For years Shang-Chi has stepped in for Avengers missions, but when no one can match your speed or skill, sometimes it's best to work alone. When the Hand resurfaces he will show them why he is the greatest martial artist. But will the legendary Shang-Chi find himself in over his head in his newest adventure against Lady Deathstrike?

This document is only available in PDF format.

Recently I had the pleasure of engaging several events focusing on the intersection of food, nutrition, and health in China. First, I participated in the 3rd Belt & Road Initiative Global Health International Congress, held in Xi’an, which brought together stakeholders with a vision to strengthen exchanges and cooperation in health research for the Belt […]

Growing consensus in the scientific community indicates that higher temperatures and changing precipitation levels resulting from climate change will depress crop yields in many countries over the coming decades. This is particularly true in low-income countries, where adaptive capacity is low. Many African countries are particularly vulnerable to climate change because their economies largely depend on climate-sensitive agricultural production.

Agricultural production remains the main source of livelihood for rural communities in Sub-Saharan Africa, providing employment to more than 60 percent of the population and contributing about 30 percent of gross domestic product. With likely long-term changes in rainfall patterns and shifting temperature zones, climate change is expected to significantly affect agricultural production, which could be detrimental to the region’s food security and economic growth.

The potential adverse effects of climate change on Ethiopia’s agricultural sector are a major concern, particularly given the country’s dependence on agricultural production. Securing Ethiopia’s economic and social well-being in the face of climate change requires that policymakers and stakeholders work together to integrate climate change adaptation into the country’s development process.

In this episode of the IoT Insider podcast, Bernard Montel provides a brief history of the evolution of the Cloud and the challenges of securing it.

Tenable®, the exposure management company, announced today that Shelly Raban, senior cloud security researcher for Tenable, will give a presentation at fwd:cloudsec Europe 2024, taking place on 17 September, 2024 in Brussels, Belgium.

During the session titled, “Who Watches the Watchmen? Stealing Credentials from Policy-as-Code Engines (and Beyond),” Raban will explore techniques adversaries use to exploit modern policy-as-code and Infrastructure-as-code (IaC) domain-specific languages (DSLs), compromise cloud identities and exfiltrate sensitive data. Raban will conclude her presentation by sharing various detection strategies that cyber defenders can implement to detect malicious activity. 

The session will be hosted in the Main Room from 2:50 - 3:10 pm CEST. 

More information on the event is available on the fwd:cloudsec Europe website. 

More information about Tenable Cloud Security is available at: https://www.tenable.com/products/tenable-cloud-security 

About Tenable

Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for more than 44,000 customers around the globe. Learn more at tenable.com. 

###

Media Contact:

Tenable

tenablepr@tenable.com

A security researcher posted private chat messages between members of the Conti ransomware group, providing valuable insight into which vulnerabilities are leveraged by the group and affiliates in their cyber attacks. The Conti ransomware group has earned a reported $180 million in profits by leasing their Ransomware-as-a-Service (RaaS) model to cripple cyber-infrastructure in vulnerable organizations. Tenable has published a variety of content to assist customers with identifying the vulnerabilities leveraged by the Conti ransomware group and its affiliates.

Conti and their affiliates have had a particularly devastating impact on healthcare services, including at least 16 U.S. health and emergency networks. Conti attacked Ireland’s Health Service Executive (HSE), demanding a $20 million dollar ransom, which the HSE refused to pay, opting instead to shut down IT services for mitigation efforts.

Tenable’s 2021 Threat Landscape Retrospective report revealed that 24.7% of healthcare data breaches were the result of ransomware attacks, and ransomware itself was responsible for 38% of all breaches last year. The leaked data revealed that Conti and its affiliates have been exploiting a number of vulnerabilities. There are also reports that Conti and its affiliates have targeted vulnerabilities in the Fortinet FortiOS found in Fortinet’s SSL VPN devices to gain initial access to target environments. 

Organizations are often breached from legacy vulnerabilities present in the IT infrastructure of small companies they have recently acquired. The analysis of the ContiLeaks data identifies the vulnerabilities that are being actively exploited, enabling security managers to prioritize mitigation. 

The Security Response Team (SRT) of Tenable Research has analyzed the ContiLeaks data to ensure customers are fully informed of their vulnerability to Conti RaaS attacks. The SRT also provides breakdowns for the latest vulnerabilities in the Tenable Blog. Tenable Research has released over 165,000 plugins and leads the industry on CVE coverage. Tenable's SRT team continuously works to help organizations prioritize and create remediation plans for the new threats, which often leave very little time for reflection.

This report contains the following chapters:

Executive Summary Chapter - Contains information from the ContiLeaks Dashboard that uses the CVE and Plugin Family filters to display counts of the vulnerabilities and assets that have been affected by ContiLeaks.

Linux Chapter - Contains charts and tables that group together ContiLeaks related CVEs for all Linux Operating Systems and includes an IP Detail for the hosts identified.

Windows Chapter - Contains charts and tables that group together ContiLeaks related CVEs for all Windows Operating Systems and includes an IP Detail for the hosts identified.

Other Chapter - Contains charts and tables that group together ContiLeaks related CVEs for all "Other" Operating Systems and includes an IP Detail for the hosts identified.

Web application security is a key concern for any organization that develops or uses web applications. The software security community created the Open Web Application Security Project (OWASP) to help educate developers and security professionals on the latest web application security risks. Tenable has published reports for each OWASP version that has been released (2010,2013,2017, API 2019, and 2021). The individual reports provide organizations the ability to monitor web applications by identifying the top 10 most critical web application security risks as described in OWASP's Top 10 Application Security Risks document for the OWASP version being utilized.

The OWASP Top 10 Application Security Risks document outlines several different aspects of web-based security concerns, such as Cross-Site Scripting attacks (XSS), security misconfigurations, and sensitive data exposure. The focus of the OWASP Top 10 is to reduce risk across the most vulnerable business assets across the internet. Following these guidelines empowers organizations to reduce risk of organizational and consumer data theft.

Administrators need to ensure that their organization is not vulnerable to any of the attacks identified in the OWASP Top 10 Application Security Risks document for the relevant OWASP version being currently being used. Compliance related issues, such as known vulnerable components and insufficient logging, must be remediated to eliminate gaps in an organization's security that are not directly tied to exploitable attacks.

This report covers all aspects of the OWASP Top 10 version being utilized and provides administrators the tools and information needed to aid their efforts. The report contains 10 chapters, each aligned with one of the ten most critical web application risks (A1-A10). The information provides guidance to organizations on the actions necessary to mitigate business risk through strong security practices. The report requirements are Tenable Web App Scanning.

Report Templates:

The OWASP Top 10 categories are updated every 3 to 4 years and highlight the most critical web application security vulnerabilities. The following report templates are available and contain sections for each of the listed OWASP Top 10 categories.

• OWASP Categories 2010 - For 2010, the OWASP Top 10 focuses on Injection, Cross-Site Scripting (XSS), and Broken Authentication in the top three positions.
• OWASP Categories 2013 - For 2013, the OWASP Top 10 focuses on Injection, Broken Authentication and Session Management in the top three positions.
• OWASP Categories 2017 - For 2017, the OWASP Top 10 focuses on Injection, Broken Authentication, and Sensitive Data Exposure in the top three positions.
• OWASP Categories API 2019 - For 2019, the OWASP Top 10 focuses on Broken Object Level Authorization, Broken User Authentication, and Excessive Data Exposure in the top three positions.
• OWASP Categories 2021 - For 2021, the OWASP Top 10 focuses on Broken Access Control, Cryptographic Failures, and Injection in the top three positions.