Tag: law
-
Judge rejects Meta attempt to overturn Flo privacy verdict
In refusing to overturn the decision or greenlight a new trial, U.S. District Judge James Donato shot down Meta’s claim that recordings of women’s data obtained from the period tracking app Flo were “secondhand” and are therefore not covered by the California wiretapping law which Meta is accused of violating. First seen on therecord.media Jump…
-
Microsoft and Cloudflare execute ‘rugpull’ on massive phishing empire
Tags: access, ai, attack, blockchain, breach, computer, credentials, crime, crimes, crypto, cybercrime, data, detection, exploit, extortion, finance, fraud, infrastructure, international, law, microsoft, phishing, programming, scam, service, strategy, threat, toolLegal victory with limitations: Microsoft’s investigation identified Joshua Ogundipe, based in Nigeria, as the operation’s leader and primary architect. The company filed a lawsuit against Ogundipe and four associates listed as John Does in late August, then obtained a court order from the US District Court for the Southern District of New York in early…
-
Turkey Personal Data Protection Law (KVKK)
What is Turkey’s Personal Data Protection Law (KVKK)? The Personal Data Protection Law (KVKK), or KiÅŸisel Verileri Koruma Kanunu in Turkish, is Turkey’s primary data privacy law. It came into force on April 7, 2016, and is largely based on the EU’s former Data Protection Directive 95/46/EC, with significant similarities to the GDPR. It is……
-
Washington My Health My Data Act (MHMDA)
What is the Washington My Health My Data Act? The Washington My Health My Data Act (MHMDA) is a comprehensive privacy law enacted in 2023. Its purpose is to safeguard a broad category of sensitive information defined as “consumer health data”, which is not fully covered by the federal Health Insurance Portability and Accountability Act……
-
Cybercrime group accessed Google Law Enforcement Request System (LERS)
Google found threat actors created a fake account in its Law Enforcement Request System (LERS) and shut it down. Google confirmed that threat actors gained access to its Law Enforcement Request System (LERS) platform by creating a fake account. The Google Law Enforcement Request System (LERS) is a secure online portal for verified government agencies…
-
Master regulatory compliance: Dominate change before it dominates you
Change is no longer the exception; it’s the baseline. As we move into 2025, regulatory compliance is morphing faster than many organizations anticipated. New laws, shifting political priorities, disruptive technologies such as AI and IoT, and rising expectations from stakeholders are all combining to reshape what compliance looks like. For compliance leaders, legal teams, and…The…
-
Master regulatory compliance: Dominate change before it dominates you
Change is no longer the exception; it’s the baseline. As we move into 2025, regulatory compliance is morphing faster than many organizations anticipated. New laws, shifting political priorities, disruptive technologies such as AI and IoT, and rising expectations from stakeholders are all combining to reshape what compliance looks like. For compliance leaders, legal teams, and…The…
-
CISOs grapple with the realities of applying AI to security functions
Tags: ai, automation, breach, business, ceo, ciso, compliance, cybersecurity, data, detection, email, endpoint, finance, governance, incident response, intelligence, law, malicious, malware, microsoft, risk, service, soc, threat, toolThe agentic edge: The financial services is often an early adopter of cutting-edge security technologies.Erin Rogers, SVP and director of cybersecurity risk and compliance at BOK Financial, tells CSO that AI-based upgrades are helping threat detection and response systems to autonomously analyze threats, make real-time decisions, and adapt responses, significantly improving early detection and mitigation.While…
-
CISOs grapple with the realities of applying AI to security functions
Tags: ai, automation, breach, business, ceo, ciso, compliance, cybersecurity, data, detection, email, endpoint, finance, governance, incident response, intelligence, law, malicious, malware, microsoft, risk, service, soc, threat, toolThe agentic edge: The financial services is often an early adopter of cutting-edge security technologies.Erin Rogers, SVP and director of cybersecurity risk and compliance at BOK Financial, tells CSO that AI-based upgrades are helping threat detection and response systems to autonomously analyze threats, make real-time decisions, and adapt responses, significantly improving early detection and mitigation.While…
-
Google confirms fraudulent account created in law enforcement portal
Google has confirmed that hackers created a fraudulent account in its Law Enforcement Request System (LERS) platform that law enforcement uses to submit official data requests to the company First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-confirms-fraudulent-account-created-in-law-enforcement-portal/
-
Google confirms hackers gained access to law enforcement portal
Google has confirmed that hackers created a fraudulent account in its Law Enforcement Request System (LERS) platform that law enforcement uses to submit official data requests to the company First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-confirms-hackers-gained-access-to-law-enforcement-portal/
-
Threat Group Scattered Lapsus$ Hunters Says It’s Shutting Down
The bad actors behind the Scattered Lapsus$ Hunters threat group say they are shutting down operations and retiring, but cybersecurity pros say law enforcement pressure is a key reason for the decision and that the hackers will likely form new cybercrime operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/threat-group-scattered-lapsus-hunters-says-its-shutting-down/
-
Threat Group Scattered Lapsus$ Hunters Says It’s Shutting Down
The bad actors behind the Scattered Lapsus$ Hunters threat group say they are shutting down operations and retiring, but cybersecurity pros say law enforcement pressure is a key reason for the decision and that the hackers will likely form new cybercrime operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/threat-group-scattered-lapsus-hunters-says-its-shutting-down/
-
Scattered Spider’s ‘retirement’ announcement: genuine exit or elaborate smokescreen?
Tags: ai, breach, crowdstrike, cybersecurity, data, data-breach, disinformation, google, group, hacking, infrastructure, international, law, mandiant, password, ransomware, tactics, threatLaw enforcement pressure: real but limited impact: The letter explicitly acknowledged the mounting international pressure that supposedly drove their decision.”We want to share a thought for the eight people that have been raided or arrested in relations to these campaigns, Scattered Spider and/or ShinyHunters groups since beginning on April 2024 and thereafter 2025, and especially…
-
Scattered Spider’s ‘retirement’ announcement: genuine exit or elaborate smokescreen?
Tags: ai, breach, crowdstrike, cybersecurity, data, data-breach, disinformation, google, group, hacking, infrastructure, international, law, mandiant, password, ransomware, tactics, threatLaw enforcement pressure: real but limited impact: The letter explicitly acknowledged the mounting international pressure that supposedly drove their decision.”We want to share a thought for the eight people that have been raided or arrested in relations to these campaigns, Scattered Spider and/or ShinyHunters groups since beginning on April 2024 and thereafter 2025, and especially…
-
CISA official calls on lawmakers to extend cyber info-sharing law
The official’s call for a renewal came less than three weeks before the 2015 Cybersecurity Information Sharing Act (CISA 2015), which provides incentives for private entities to voluntarily share digital threat intelligence with the federal government, is due to sunset. First seen on therecord.media Jump to article: therecord.media/cisa-official-calls-on-lawmakers-renew-cisa2015
-
CISA official calls on lawmakers to extend cyber info-sharing law
The official’s call for a renewal came less than three weeks before the 2015 Cybersecurity Information Sharing Act (CISA 2015), which provides incentives for private entities to voluntarily share digital threat intelligence with the federal government, is due to sunset. First seen on therecord.media Jump to article: therecord.media/cisa-official-calls-on-lawmakers-renew-cisa2015
-
LAPSUS$ Hunters 4.0 Announce Permanent Shutdown
In a startling development on September 8, the Telegram channel “scattered LAPSUS$ hunters 4.0” declared its intention to “go dark” after taunting law enforcement for repeated missteps. With an audacious message aimed squarely at the FBI and French authorities, the group claimed victory in evading capture and vowed that no future activity would follow their…
-
LAPSUS$ Hunters 4.0 Announce Permanent Shutdown
In a startling development on September 8, the Telegram channel “scattered LAPSUS$ hunters 4.0” declared its intention to “go dark” after taunting law enforcement for repeated missteps. With an audacious message aimed squarely at the FBI and French authorities, the group claimed victory in evading capture and vowed that no future activity would follow their…
-
12 digital forensics certifications to accelerate your cyber career
Tags: access, apt, attack, browser, chrome, cloud, computer, corporate, cyber, cybercrime, cybersecurity, data, defense, detection, email, endpoint, exploit, google, government, group, hacker, hacking, Hardware, incident response, international, jobs, law, malicious, malware, microsoft, mobile, network, phone, service, skills, soc, technology, threat, tool, training, windowsCellebrite Certified Mobile Examiner (CCME)Certified Computer Examiner (CCE)CyberSecurity Forensic Analyst (CSFA)EC-Council Computer Hacking Forensic Investigator (CHFI)EnCase Certified Examiner (EnCE)Exterro AccessData Certified Examiner (ACE)GIAC Advanced Smartphone Forensics Certification (GASF)GIAC Certified Forensics Analyst (GCFA)GIAC Certified Forensic Examiner (GCFE)GIAC Cloud Forensic Responder (GCFR)GIAC Network Forensic Analysis (GNFA)Magnet Certified Forensics Examiner (MCFE) Cellebrite Certified Mobile Examiner (CCME) Out of…
-
Chat Control: EU to decide on requirement for tech firms to scan encrypted messages
Law enforcement and police experts meet on Friday to decide on proposals to require technology companies to scan encrypted messages for possible child abuse images amid growing opposition from security experts First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366630597/Chat-Control-EU-to-decide-on-requirement-for-tech-firms-to-scan-encrypted-messages
-
When is the Right Time to Hire a CISO?
Knowing when to hire a CISO is a challenging proposition one which most organizations will eventually need to answer. The need to hire a CISO depends on a combination of factors, including but not limited to: Relevance of regulatory requirements Size of the organization Complexity of operations Sensitivity of data handled or processed Desired risk…
-
California, two other states to come down hard on GPC violators
Implement GPC signal recognition: Businesses need to update their websites and backend systems to “detect the presence of the GPC header or equivalent signals sent by browsers or browser extensions. The GPC signal is transmitted as part of the HTTP header or via JavaScript, and must be detected reliably on every relevant page where personal…
-
Three states team up in investigative sweep of companies flouting data opt-out laws
California, Colorado and Connecticut are contacting businesses that aren’t using legally mandated technology to provide consumers with universal opt-out rights. First seen on cyberscoop.com Jump to article: cyberscoop.com/states-investigative-sweep-global-privacy-control-data-privacy/
-
Chinese companies and bosses to face major fines over cybersecurity incidents
A proposed update to China’s national Cybersecurity Law would give Beijing firmer oversight over tech products while increasing penalties for companies and executives that don’t meet requirements. First seen on therecord.media Jump to article: therecord.media/china-cybersecurity-law-update-penalties-companies-executives
-
UK toughens Online Safety Act with ban on self-harm content
Tags: lawCharities welcome change, but critics warn the law is already too broad First seen on theregister.com Jump to article: www.theregister.com/2025/09/09/selfharm_online_safety_act/
-
UK toughens Online Safety Act with ban on self-harm content
Tags: lawCharities welcome change, but critics warn the law is already too broad First seen on theregister.com Jump to article: www.theregister.com/2025/09/09/selfharm_online_safety_act/
-
Understanding the EU Corporate Sustainability Due Diligence Directive (CSDDD): Why It Matters and How to Prepare
Key Takeaways For years, European companies have faced a patchwork of national laws pushing them to take responsibility for human rights and environmental issues tied to their business operations. France passed its Duty of Vigilance law in 2017. Germany followed with the EU Supply Chain Act in 2021. Each aimed to hold companies accountable not……