Featured Story
Adoption of the NIS2 Royal Decree
The Royal Decree implementing the Law of 26 April 2024 establishing a framework for the cybersecurity of networks and information systems of general interest for public security (the « NIS2 Law ») has been published in the Belgian Official journal: Moniteur belge / Belgisch Staatsblad.
As cybersecurity experts, we are pleased to see the formal implementation of the NIS2 Directive in Belgium. For SMBs, this is both a challenge and an opportunity to align with EU-wide standards, boost cyber resilience, and benefit from a centralized governance model led by the CCB.
Other Stories
Fake Facebook account and competition in the name of Partenamut
Partenamut reports on a Facebook page that copies its identity and organises a competition to deceive the public.
These scams replicate real campaigns to mislead users. Always verify such competitions on official platforms, avoid suspicious links, and use multi-factor authentication where possible.
CISOs Reveal Firms Prioritize Savings Over Long-Term Security
A third of security leaders believe companies sacrifice security for savings, according to Bugcrowd’s latest CISO report. 87% are hiring, but many report being understaffed and underprepared for breach risks.
Skimping on security budgets leads to long-term risk. CISOs should champion forward-looking investments and strong governance to handle rising threats—especially as AI changes the security landscape.
Fresh MOVEit Bug Under Attack Mere Hours After Disclosure
Progress Software’s MOVEit Transfer flaw (CVE-2024-5806) is being actively exploited just hours after disclosure. The vulnerability allows attackers to bypass authentication and access internal systems.
This vulnerability has a CVSS score of 9.1 and is actively exploited. Patch immediately and apply all mitigation steps to block RDP access and secure the perimeter.
Polyfill.io Supply Chain Attack Smacks Down 100K+ Websites
The polyfill.io domain used by over 100,000 websites has been compromised and is now serving malicious JavaScript payloads. The issue began after the domain was sold to a Chinese organization.
This is a classic example of a supply chain risk. Remove all references to polyfill.io and consider self-hosting scripts to prevent malicious injection.
Contact the Approach Cyber SOC team for tailored support and training programs.
