To promote research and education in cyber-defence, the EPFL and the Cyber-Defence (CYD) Campus have jointly launched the “CYD Fellowships – A Talent Program for Cyber-Defence Research.”
The 12th call for applications is now open, with a rolling call for Master Thesis Fellowship applications and Proof of Concept Fellowship applications, and with a deadline of 20 August 2025 (17:00 CEST) for Doctoral and Distinguished Postdoctoral Fellowship applications.
In this paper, the authors highlight the crucial trade-off between privacy and utility in data sharing and call for a shift from technology-centric solutions to purpose-driven policies. The paper formulates eight actionable recommendations to guide realistic, privacy-preserving data-sharing practices in Europe.
It’s fascinating to see the tightrope dance Microsoft is doing with open source. While most of its operating system is closed source, Microsoft actively participates in several open source projects and provides some of its programs under an open source license. Open sourcing is beneficial because it allows security researchers to examine the source code (…)
ENISA’s new vulnerability database is a significant development in the pursuit of European digital sovereignty. It reduces reliance on US-dominated resources and could lead to better alignment with EU regulations, such as the GDPR and the NIS2 Directive. However, key questions remain about coordination with existing global databases, disclosure policies, and the participation of non-EU (…)
‘I call it the ‘AI dilemma’: while AI may threaten many jobs, it also serves as an essential tool to mitigate its own impact by boosting re-skilling and upskilling initiatives. I appreciate this article because it demonstrates how agentic AI can be employed in lifelong learning systems to reduce skill gaps, which are in part (…)
Should we use the tools that can destroy us to help us? This high-school student developed a tool to flag potential extremists on Reddit and then engage with them to de-radicalize them. According to the student, he never actually employed the chat function on real persons, only on fake accounts. Reddit’s terms forbid using AI (…)
Supply chain attacks are improving through automation. Adding new libraries to a software project has always been a point of vulnerability, but now that tools like ‘Cursor’ can add libraries automatically, developers are paying less attention to what gets installed. Some tools add libraries that send API keys of LLMs to attackers and load other (…)
Interested in this training? Reach out to us to discuss Teaser Step into the future of digital identity with our immersive training, “SWIYU Integration – Privacy-Preserving Solutions for the Swiss eID.”Tailored for engineers, this course provides a comprehensive exploration of the Swiss eID system, offering an in-depth understanding of its authentication protocols, security measures, and (…)
Interested in this training? Reach out to us to discuss Teaser Unlock the potential of AI agents with our course, “AI Agents Unveiled: Myth, Reality, and Trust.” Designed specifically for decision makers, this 2.75-hour program provides a clear and comprehensive overview of AI agents, their functionalities, and their impact. You’ll gain insights into the operational (…)
I like this insight into how a cybersecurity company works to defend against adversaries trying to infiltrate them. According to this article, one of the most important attack vectors is job applicants who want to infiltrate the company. Which of course makes sense, now that other attacks become more difficult, going back to the good (…)
Large language models (LLMs) are trained on huge amounts of data, but companies rarely explain exactly what data they use. This makes it hard to trust these models, since bad data can lead to wrong answers. There’s also a legal problem: Is it allowed to use free online content (like books or articles) for training, (…)
This article reveals how North Korean agents are finding jobs in IT by exploiting remote working opportunities and AI-powered interviews. This combination of espionage and “legitimate” job hunting creates a worrying new security challenge, as companies cannot verify who they are actually hiring. This sophisticated operation illustrates the evolution of cybersecurity threats, which are no (…)
Regulations are only effective when properly enforced. Following the introduction of numerous digital regulations in recent years, it is now high time to focus on their effective implementation and enforcement. The Digital Markets Act (DMA) seeks to promote fair competition by protecting smaller businesses from potential abuses by dominant market players. However, its enforcement will (…)
November 19th, 2025, 09h30-17h30, Starling Hotel, 1025 Saint-Sulpice Introduction As we enter the agentic era, AI agents are increasingly integrated into various aspects of modern life, performing tasks that range from personal assistance and financial management to complex decision-making in industries. These AI agents, driven by powerful algorithms, are transforming how we interact with technology (…)
Wednesday, June 3rd, 5th or 10th, 2025, 09h-13h30 (tbc), BC 410, EPFL Introduction The transition towards digital solutions in Swiss democratic processes, such as e-collecting of signatures for initiatives and referenda, presents both opportunities and challenges. With increasing concerns about fraud, privacy, and data security, there is a pressing need to develop a trustworthy and (…)
Interested in this theme? Looking to participate or collaborate on an initiative? The increasing prevalence of AI-powered systems and autonomous agents requires a shift in how we approach software development. It is critical to explore technologies, policies, and collaborations that enhance trust in software applications, particularly in an era where AI agents play an active (…)
Interested in this theme? Looking to participate or collaborate on an initiative? In an increasingly digital society, trust in democratic processes, institutions, and identity systems is fundamental to maintaining social stability and governance. Digital democracy relies on resilient e-governance infrastructures such as secure and privacy-preserving digital identities, trusted online platforms for citizen participation and cybersecure (…)
I found this short paper by John Kelsey and Bruce Schneier an insightful take on common fallacies in security – and how, despite not actually increasing security per se, they can still have beneficial side-effects, such making users feel more secure. Nonetheless, the people responsible for the security of their systems should have a clear-eyed (…)
The latest edition of Trust Matters, IITB’s newsletter on all things digital trust, is out. Check it out here.
CV Summit Zurich is Europe’s premium blockchain, AI, and emerging tech business event which convenes leaders, facilitates high-level discourse and connection. It takes place in Switzerland, a leading blockchain landscape and home of ‘Crypto Valley’.
We all heard that big AI companies need petabytes of data for training their new models. And we all heard that they don’t really care where they get their data from. Besides potential copyright infringement, this crawling takes another toll on some Open Source projects: Continuously requesting data over and over is similar to a (…)
If the revelation that Trump administration officials accidentally added journalist Jeffrey Goldberg to a Signal group chat about sensitive military plans for airstrikes in Yemen wasn’t alarming enough, new reports now show that multiple Venmo accounts linked to former Trump officials were left publicly accessible, exposing sensitive connections and financial transactions. While the data leaked (…)
This is a curated list of proposed subjects for the upcoming year for our C4DT partners. You can find more suggestions here: Additional Subjects. The projects are split in two categories: hands-on workshops, which are a 1-day training on a given subject, and project suggestions, based on current research of our affiliated labs: Summary of (…)
This is an additional set of hands-on workshops and projects for the upcoming year for our C4DT partners. You can find the chosen selection here: Main Subjects. The projects are split in two categories: hands-on workshops, which are a 1-day training on a given subject, and project suggestions, based on current research of our affiliated (…)
