"In May, the European Commission once again presented its proposal. Yet several states objected. That included Germany, but also Poland, Austria and the Netherlands. As a result, Denmark, which currently holds the rotating presidency of the European Council, immediately began drafting a new version, known as “Chat Control 2.0” and unveiled earlier this month, which removed the requirement for general monitoring of private chats; the searches would now remain formally voluntary for providers. All this happened under the auspices of Coreper, the Committee of Permanent Representatives — one of the most powerful, but least visible, institutions in the EU decision-making process. It is where most EU legislation is actually negotiated; if Coreper agrees on a legislative file, member states almost always rubber-stamp it.

The gamble worked. Yesterday, this revised version was quietly greenlit by Coreper, essentially paving the way for the text’s adoption by the Council, possibly as early as December. As digital rights campaigner and former MEP Patrick Breyer put it, this manoeuvre amounts to “a deceptive sleight of hand” aimed at bypassing meaningful democratic debate and oversight.

While the removal of mandatory on-device detection is an improvement on the first draft, the new text still contains two extremely problematic features. First, it encourages “voluntary” mass scanning by online platforms — a practice already allowed in “temporary” form, which would now become a lasting feature of EU law. Second, it effectively outlaws anonymous communication by introducing mandatory age-verification systems."

https://unherd.com/2025/11/europes-new-war-on-privacy/

#EU #Europe #ChatControl #Privacy #AgeVerification #PoliceState #MassScanning

New mass scanning activity may be the first step in another MOVEit attack.

Hackers are actively scanning the internet for exposed MOVEit systems—hundreds of unique IPs every day—suggesting the early stages of coordinated exploitation.

Threat intel firm GreyNoise warns this is the same pattern seen weeks before past mass attacks. Known MOVEit vulnerabilities, such as CVE-2023-34362 and CVE-2023-36934, are already being tested in the wild.

If your MOVEit Transfer instance is online and unmonitored, you may already be on an attacker’s target list.

Now’s the time to:
• Patch all known MOVEit vulnerabilities
• Limit public-facing access
• Monitor for scan activity and open ports
• Block IPs identified by threat intelligence feeds
• Harden file transfer environments and deploy honeypots if needed

Scanning isn’t random—it’s reconnaissance. Act now before scanning turns into breach.

Read the article for details: https://www.cuinfosecurity.com/scans-probing-for-moveit-systems-may-be-precursor-to-attacks-a-28832

#MOVEit #Cybersecurity #MassScanning #ThreatIntel #AttackSurface #LMGSecurity #Infosec #ITsecurity #databreach #CISO #DFIR #pentesting #pentest #penetrationtesting

Check out the latest #EDRigram to read about:

❌ @europarl_en rejecting #MassScanning in #CSAR
📢 16 NGOs pushing @EUCouncil to protect #HumanRights in #AIAct
✨ Exciting recommendations for the holidays
👁️ & more here: https://edri.org/our-work/edri-gram-6-december-2023