Tag: law
-
Italy’s AI Law Comes Into Force
On October 10, 2025, Italy will become the first EU member state to bring a national artificial intelligence law into force, moving ahead of the bloc’s landmark EU AI Act. Law No. 132 of 2025, published in the Gazzetta Ufficiale in late September, positions Italy at the center of Europe’s evolving AI governance landscape. The……
-
Dutch court rules Meta violated European law by pushing users to profiled feeds
Tags: lawThe decision comes in response to a lawsuit filed by the Dutch nonprofit Bits of Freedom, which argued that by controlling users’ feeds Meta has been improperly skewing what news consumers receive. First seen on therecord.media Jump to article: therecord.media/dutch-court-meta-violated-european-law-social-feeds
-
Expired US Cyber Law Puts Data Sharing and Threat Response at Risk
Experts argued that the lapse of the Cybersecurity Information Sharing Act could have far-reaching consequences in US national cyber defenses First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/expired-cisa-2015-us-intelligence/
-
US government shutdown stalls cyber intel sharing
A key US law covering cyber security intelligence sharing has expired without an extension or replacement amid a total shutdown of the federal government, putting global security collaboration at risk. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632244/US-government-shutdown-stalls-cyber-intel-sharing
-
Watchdog: Cyber threat information-sharing program’s future uncertain with expected expiration of 2015 law
A DHS inspector general report found that CISA doesn’t have plans for what to do with AIS if the Cybersecurity Information Sharing Act lapses. First seen on cyberscoop.com Jump to article: cyberscoop.com/watchdog-cyber-threat-information-sharing-programs-future-uncertain-with-expected-expiration-of-2015-law/
-
Cyber information-sharing law and state grants set to go dark as Congress stalls over funding
Congress is unlikely to move this week to renew two key cybersecurity efforts that were expected to hitch a ride on legislation to keep the government running. First seen on therecord.media Jump to article: therecord.media/cisa-2015-state-cyber-grants-lapse-congress-government-shutdown
-
FTC alleges messaging app violated child privacy law, duped users into subscriptions
A civil complaint filed by the federal government alleges that the Sendit app illegally collected data from users under 13 and tricked people into paying for subscriptions. First seen on therecord.media Jump to article: therecord.media/ftc-alleges-sendit-app-violated-children-privacy-rule
-
U.K. Police Just Seized £5.5 Billion in Bitcoin, The World’s Largest Crypto Bust
A Chinese national has been convicted for her role in a fraudulent cryptocurrency scheme after law enforcement authorities in the U.K. confiscated £5.5 billion (about $7.39 billion) during a raid of her home in London.The cryptocurrency seizure, amounting to 61,000 Bitcoin, is believed to be the single largest such effort in the world, the Metropolitan…
-
U.K. Police Just Seized £5.5 Billion in Bitcoin, The World’s Largest Crypto Bust
A Chinese national has been convicted for her role in a fraudulent cryptocurrency scheme after law enforcement authorities in the U.K. confiscated £5.5 billion (about $7.39 billion) during a raid of her home in London.The cryptocurrency seizure, amounting to 61,000 Bitcoin, is believed to be the single largest such effort in the world, the Metropolitan…
-
Law enforcement is using AI to synthesize evidence. Is the justice system ready for it?
Busy law enforcement agencies are trying out AI platforms that process large amounts of evidence to help officers build cases. Experts say there are potential dangers for everyone involved. First seen on therecord.media Jump to article: therecord.media/law-enforcement-ai-platforms-synthesize-evidence-criminal-cases
-
Chinese hackers breached critical infrastructure globally using enterprise network gear
Tags: access, backdoor, breach, business, china, communications, control, cve, defense, exploit, framework, germany, government, group, hacker, infrastructure, Internet, korea, law, malware, military, monitoring, network, open-source, penetration-testing, programming, service, threat, tool, update, vpn, vulnerability72-hour vulnerability exploitation window: RedNovember demonstrated the ability to weaponize newly disclosed vulnerabilities faster than most organizations could deploy patches, researchers found. When researchers published proof-of-concept code for Check Point VPN vulnerability CVE-2024-24919 on May 30, 2024, RedNovember was attacking vulnerable systems by June 3.That campaign hit at least 60 organizations across Brazil, Germany, Japan,…
-
Expired protections, exposed networks: The stakes of CISA’s sunset
Congress needs to reauthorize the information-sharing law and build a modernized framework for collaborative cyber defense. First seen on cyberscoop.com Jump to article: cyberscoop.com/cybersecurity-information-sharing-act-expiration-date/
-
Expired protections, exposed networks: The stakes of CISA’s sunset
Congress needs to reauthorize the information-sharing law and build a modernized framework for collaborative cyber defense. First seen on cyberscoop.com Jump to article: cyberscoop.com/cybersecurity-information-sharing-act-expiration-date/
-
SMS Pools and what the US Secret Service Really Found Around New York
Tags: apple, authentication, business, china, conference, control, country, credit-card, crime, crypto, data, email, exploit, finance, fraud, google, group, Hardware, infrastructure, iphone, jobs, korea, law, linux, mfa, mobile, phishing, phone, scam, service, smishing, software, theft, usa, windowsLast week the United Nations General Assembly kicked off in New York City. On the first day, a strange US Secret Service press conference revealed that they had seized 300 SIM Servers with 100,000 SIM cards. Various media outlets jumped on the idea that this was some state-sponsored sleeper cell waiting to destroy telecommunication services…
-
Meet LockBit 5.0: Faster ESXi drive encryption, better at evading detection
the Windows binary uses heavy obfuscation and packing: it loads its payload through DLL reflection while implementing anti-analysis techniques like Event Tracing for Windows (ETW) patching and terminating security services;the Linux variant maintains similar functionality with command-line options for targeting specific directories and file types;the ESXi variant specifically targets VMware virtualization environments, and is designed…
-
Cyber threat-sharing law set to shut down, along with US government
Act passed in 2015 is due to lapse unless a continuing resolution passes – and that’s unlikely First seen on theregister.com Jump to article: www.theregister.com/2025/09/26/government_shutdown_cisa_law/
-
Cybersecurity Snapshot: CISA Highlights Vulnerability Management Importance in Breach Analysis, as Orgs Are Urged To Patch Cisco Zero-Days
Tags: 2fa, access, advisory, api, attack, authentication, breach, business, cisa, cisco, cloud, control, credentials, crime, cve, cyber, cybersecurity, data, defense, endpoint, exploit, fido, finance, firewall, framework, github, grc, guide, identity, incident response, infrastructure, Internet, ISO-27001, kev, law, lessons-learned, malicious, malware, mfa, mitigation, monitoring, network, open-source, phishing, privacy, ransomware, risk, saas, scam, security-incident, service, soc, software, supply-chain, tactics, threat, update, vpn, vulnerability, vulnerability-management, worm, zero-dayCISA’s takeaways of an agency hack include a call for timely vulnerability patching. Plus, Cisco zero-day bugs are under attack, patch now. Meanwhile, the CSA issued a framework for SaaS security. And get the latest on the npm breach, the ransomware attack that disrupted air travel and more! Here are six things you need to…
-
TruSources to show off its on-device identity-checking tech at TechCrunch Disrupt 2025
Age-verification laws are a privacy and security nightmare. This startup performs age checks on-device, without users having to upload their IDs to the internet. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/26/trusources-to-show-off-its-on-device-identity-checking-tech-at-techcrunch-disrupt-2025/
-
Microsoft hides key data flow information in plain sight
Microsoft’s own documentation confirms that data hosted in its hyperscale cloud architecture routinely traverses the globe, but the tech giant is actively obfuscating this vital information from its UK law enforcement customers First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632040/Microsoft-hides-key-data-flow-information-in-plain-sight
-
Microsoft hides key data flow information in plain sight
Microsoft’s own documentation confirms that data hosted in its hyperscale cloud architecture routinely traverses the globe, but the tech giant is actively obfuscating this vital information from its UK law enforcement customers First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632040/Microsoft-hides-key-data-flow-information-in-plain-sight
-
Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach
In early 2025, LummaStealer was in widespread use by cybercriminals targeting victims throughout the world in multiple industry verticals, including telecom, healthcare, banking, and marketing. A sweeping law enforcement operation in May brought this all to an abrupt halt. After a quiet period, we are now seeing new variants of LummaStealer emerge. In light of…
-
USENIX 2025: PEPR ’25 Privacy Paradigms For Law Enforcement Response
Creators, Authors and Presenters: Lukas Bundonis, Netflix; Ben Ballard, MITRE Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/usenix-2025-pepr-25-privacy-paradigms-for-law-enforcement-response/
-
CISO Spotlight: AJ Debole on the Business-Tech Divide, Breach Readiness, and AI Risks
Tags: ai, breach, business, ciso, corporate, cyber, defense, government, healthcare, law, oracle, ransomware, riskAJ Debole is Field CISO at Oracle, but her journey began far from the corporate boardroom. After starting out in law and government, she moved into healthcare and cyber defense, where she led teams through ransomware crises. In this spotlight, she explores the next wave of challenges aligning security with business incentives, taming AI […]…
-
Operation HAECHI VI seized $439M from global cybercrime rings
Interpol announced that Operation HAECHI VI seized $439M from global cybercrime rings, with 40 countries joining the five-month crackdown. Interpol announced that an international law enforcement operation, codenamed Operation HAECHI VI, resulted in the seizure of $439M in cash and crypto from cybercrime rings between April and August 2025. Authorities from 40 countries joint to…
-
Thales Named a Leader in the Data Security Posture Management Market
Tags: access, ai, attack, breach, cloud, compliance, container, control, cybersecurity, data, data-breach, defense, detection, encryption, finance, GDPR, google, Hardware, identity, intelligence, law, microsoft, monitoring, network, office, privacy, regulation, resilience, risk, soc, software, strategy, technology, threat, toolThales Named a Leader in the Data Security Posture Management Market madhav Thu, 09/25/2025 – 06:15 Most breaches begin with the same blind spot: organizations don’t know precisely what data they hold, or how exposed it is. Value and risk sit side by side. Data Security Todd Moore – Global VP of Data Security Products…
-
Google’s $425 Million Fine a Win for Privacy, But Will it Stick?
Google must pay $425M for violating California privacy laws by tracking 98M users despite opt-outs. A major win for data privacy, though appeals loom. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/googles-425-million-fine-a-win-for-privacy-but-will-it-stick/
-
Google’s $425 Million Fine a Win for Privacy, But Will it Stick?
Google must pay $425M for violating California privacy laws by tracking 98M users despite opt-outs. A major win for data privacy, though appeals loom. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/googles-425-million-fine-a-win-for-privacy-but-will-it-stick/
-
Eurojust Arrests 5 in Euro100M Cryptocurrency Investment Fraud Spanning 23 Countries
Law enforcement authorities in Europe have arrested five suspects in connection with an “elaborate” online investment fraud scheme that stole more than Euro100 million ($118 million) from over 100 victims in France, Germany, Italy, and Spain.According to Eurojust, the coordinated action saw searches in five places across Spain and Portugal, as well as in Italy,…
-
Police dismantles crypto fraud ring linked to Euro100 million in losses
Law enforcement authorities in Europe have arrested five suspects linked to a cryptocurrency investment fraud ring that stole over Euro100 million ($118 million) from more than 100 victims. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-dismantles-crypto-fraud-ring-linked-to-100-million-in-losses/
-
Cybercriminals are going after law firms’ sensitive client data
Regardless of their size, all law firms hold valuable data, including client communications, financial records, and confidential legal strategies. That data has never been … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/23/law-firms-cyberthreats/