Tag: law
-
SMS Pools and what the US Secret Service Really Found Around New York
Tags: apple, authentication, business, china, conference, control, country, credit-card, crime, crypto, data, email, exploit, finance, fraud, google, group, Hardware, infrastructure, iphone, jobs, korea, law, linux, mfa, mobile, phishing, phone, scam, service, smishing, software, theft, usa, windowsLast week the United Nations General Assembly kicked off in New York City. On the first day, a strange US Secret Service press conference revealed that they had seized 300 SIM Servers with 100,000 SIM cards. Various media outlets jumped on the idea that this was some state-sponsored sleeper cell waiting to destroy telecommunication services…
-
Meet LockBit 5.0: Faster ESXi drive encryption, better at evading detection
the Windows binary uses heavy obfuscation and packing: it loads its payload through DLL reflection while implementing anti-analysis techniques like Event Tracing for Windows (ETW) patching and terminating security services;the Linux variant maintains similar functionality with command-line options for targeting specific directories and file types;the ESXi variant specifically targets VMware virtualization environments, and is designed…
-
Cyber threat-sharing law set to shut down, along with US government
Act passed in 2015 is due to lapse unless a continuing resolution passes – and that’s unlikely First seen on theregister.com Jump to article: www.theregister.com/2025/09/26/government_shutdown_cisa_law/
-
Cybersecurity Snapshot: CISA Highlights Vulnerability Management Importance in Breach Analysis, as Orgs Are Urged To Patch Cisco Zero-Days
Tags: 2fa, access, advisory, api, attack, authentication, breach, business, cisa, cisco, cloud, control, credentials, crime, cve, cyber, cybersecurity, data, defense, endpoint, exploit, fido, finance, firewall, framework, github, grc, guide, identity, incident response, infrastructure, Internet, ISO-27001, kev, law, lessons-learned, malicious, malware, mfa, mitigation, monitoring, network, open-source, phishing, privacy, ransomware, risk, saas, scam, security-incident, service, soc, software, supply-chain, tactics, threat, update, vpn, vulnerability, vulnerability-management, worm, zero-dayCISA’s takeaways of an agency hack include a call for timely vulnerability patching. Plus, Cisco zero-day bugs are under attack, patch now. Meanwhile, the CSA issued a framework for SaaS security. And get the latest on the npm breach, the ransomware attack that disrupted air travel and more! Here are six things you need to…
-
TruSources to show off its on-device identity-checking tech at TechCrunch Disrupt 2025
Age-verification laws are a privacy and security nightmare. This startup performs age checks on-device, without users having to upload their IDs to the internet. First seen on techcrunch.com Jump to article: techcrunch.com/2025/09/26/trusources-to-show-off-its-on-device-identity-checking-tech-at-techcrunch-disrupt-2025/
-
Microsoft hides key data flow information in plain sight
Microsoft’s own documentation confirms that data hosted in its hyperscale cloud architecture routinely traverses the globe, but the tech giant is actively obfuscating this vital information from its UK law enforcement customers First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632040/Microsoft-hides-key-data-flow-information-in-plain-sight
-
Microsoft hides key data flow information in plain sight
Microsoft’s own documentation confirms that data hosted in its hyperscale cloud architecture routinely traverses the globe, but the tech giant is actively obfuscating this vital information from its UK law enforcement customers First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632040/Microsoft-hides-key-data-flow-information-in-plain-sight
-
Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach
In early 2025, LummaStealer was in widespread use by cybercriminals targeting victims throughout the world in multiple industry verticals, including telecom, healthcare, banking, and marketing. A sweeping law enforcement operation in May brought this all to an abrupt halt. After a quiet period, we are now seeing new variants of LummaStealer emerge. In light of…
-
USENIX 2025: PEPR ’25 Privacy Paradigms For Law Enforcement Response
Creators, Authors and Presenters: Lukas Bundonis, Netflix; Ben Ballard, MITRE Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/usenix-2025-pepr-25-privacy-paradigms-for-law-enforcement-response/
-
CISO Spotlight: AJ Debole on the Business-Tech Divide, Breach Readiness, and AI Risks
Tags: ai, breach, business, ciso, corporate, cyber, defense, government, healthcare, law, oracle, ransomware, riskAJ Debole is Field CISO at Oracle, but her journey began far from the corporate boardroom. After starting out in law and government, she moved into healthcare and cyber defense, where she led teams through ransomware crises. In this spotlight, she explores the next wave of challenges aligning security with business incentives, taming AI […]…
-
Operation HAECHI VI seized $439M from global cybercrime rings
Interpol announced that Operation HAECHI VI seized $439M from global cybercrime rings, with 40 countries joining the five-month crackdown. Interpol announced that an international law enforcement operation, codenamed Operation HAECHI VI, resulted in the seizure of $439M in cash and crypto from cybercrime rings between April and August 2025. Authorities from 40 countries joint to…
-
Thales Named a Leader in the Data Security Posture Management Market
Tags: access, ai, attack, breach, cloud, compliance, container, control, cybersecurity, data, data-breach, defense, detection, encryption, finance, GDPR, google, Hardware, identity, intelligence, law, microsoft, monitoring, network, office, privacy, regulation, resilience, risk, soc, software, strategy, technology, threat, toolThales Named a Leader in the Data Security Posture Management Market madhav Thu, 09/25/2025 – 06:15 Most breaches begin with the same blind spot: organizations don’t know precisely what data they hold, or how exposed it is. Value and risk sit side by side. Data Security Todd Moore – Global VP of Data Security Products…
-
Google’s $425 Million Fine a Win for Privacy, But Will it Stick?
Google must pay $425M for violating California privacy laws by tracking 98M users despite opt-outs. A major win for data privacy, though appeals loom. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/googles-425-million-fine-a-win-for-privacy-but-will-it-stick/
-
Google’s $425 Million Fine a Win for Privacy, But Will it Stick?
Google must pay $425M for violating California privacy laws by tracking 98M users despite opt-outs. A major win for data privacy, though appeals loom. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/googles-425-million-fine-a-win-for-privacy-but-will-it-stick/
-
Eurojust Arrests 5 in Euro100M Cryptocurrency Investment Fraud Spanning 23 Countries
Law enforcement authorities in Europe have arrested five suspects in connection with an “elaborate” online investment fraud scheme that stole more than Euro100 million ($118 million) from over 100 victims in France, Germany, Italy, and Spain.According to Eurojust, the coordinated action saw searches in five places across Spain and Portugal, as well as in Italy,…
-
Police dismantles crypto fraud ring linked to Euro100 million in losses
Law enforcement authorities in Europe have arrested five suspects linked to a cryptocurrency investment fraud ring that stole over Euro100 million ($118 million) from more than 100 victims. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-dismantles-crypto-fraud-ring-linked-to-100-million-in-losses/
-
Cybercriminals are going after law firms’ sensitive client data
Regardless of their size, all law firms hold valuable data, including client communications, financial records, and confidential legal strategies. That data has never been … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/23/law-firms-cyberthreats/
-
Cybercriminals are going after law firms’ sensitive client data
Regardless of their size, all law firms hold valuable data, including client communications, financial records, and confidential legal strategies. That data has never been … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/23/law-firms-cyberthreats/
-
Microsoft DCU’s Takedown of RaccoonO365
When I saw the name of the Microsoft Digital Crime Unit’s latest target, “RaccoonO365” I probably reacted to it differently than most. With the help of a friend in Lagos, we’ve been watching the money launderers and things have reached a point that they now refer to what we previously called “Business Email Compromise” or…
-
Top 10 Best Cybersecurity Compliance Management Software in 2025
Cybersecurity compliance has become a mission-critical part of modern business operations. With the rise of data privacy laws, global regulations, and increasing cyber threats, organizations need reliable compliance management software to stay secure and audit-ready. The best compliance platforms streamline frameworks like SOC 2, ISO 27001, HIPAA, PCI DSS, GDPR, and more while automating workflows,…
-
EU agency ENISA says ransomware attack behind airport disruptions
The EU cybersecurity agency ENISA confirmed that airport check-in disruptions were caused by a cyberattack, and law enforcement is investigating. A cyber attack on Collins Aerospace disrupted check-in and boarding systems at major European airports, heavily impacting Heathrow, Brussels, and Berlin. The outage caused numerous flight delays and cancellations, forcing manual operations. Collins Aerospace is…
-
Cyber threat information law hurtles toward expiration, with poor prospects for renewal
Short-term and long-term extensions alike for the 2015 Cybersecurity Information Sharing Act have fallen by the wayside despite industry and Trump administration advocacy. First seen on cyberscoop.com Jump to article: cyberscoop.com/cyber-threat-information-law-hurtles-toward-expiration-with-poor-prospects-for-renewal/
-
Cyber threat information law hurtles toward expiration, with poor prospects for renewal
Short-term and long-term extensions alike for the 2015 Cybersecurity Information Sharing Act have fallen by the wayside despite industry and Trump administration advocacy. First seen on cyberscoop.com Jump to article: cyberscoop.com/cyber-threat-information-law-hurtles-toward-expiration-with-poor-prospects-for-renewal/
-
Canada Police Shuts Down TradeOgre After $56M Crypto Theft
Montréal, Quebec, September 18, 2025 In an unprecedented operation, the Royal Canadian Mounted Police (RCMP) Federal Policing Eastern Region has executed the largest cryptocurrency seizure in Canadian history, recovering over 56 million dollars from the now-defunct TradeOgre exchange platform. This marks the first time Canadian law enforcement has dismantled an entire cryptocurrency trading […] The…
-
Agentic AI der neue Horror für Sicherheitsentscheider?
Tags: ai, antivirus, api, breach, ciso, compliance, cyberattack, cybersecurity, cyersecurity, detection, governance, law, mail, malware, monitoring, risk, service, supply-chain, tool, vulnerabilityKI ist mittlerweile in den meisten Unternehmen gesetzt. Im Trend liegen aktuell vor allem Systeme mit autonomen Fähigkeiten bei denen die potenziellen Sicherheitsrisiken besonders ausgeprägt sind.KI-Agenten werden im Unternehmensumfeld immer beliebter und zunehmend in Workflows und Prozesse integriert. Etwa in den Bereichen Softwareentwicklung, Kundenservice und -Support, Prozessautomatisierung oder Employee Experience. Für CISOs und ihre Teams…
-
ESET uncovers GamaredonTurla collaboration in Ukraine cyberattacks
ESET found evidence that Russia-linked groups Gamaredon and Turla collaborated in cyberattacks on Ukraine between February and April 2025. ESET reported Russia-linked groups Gamaredon and Turla collaborated in cyberattacks against entities in Ukraine. The Russia-linked APT group Gamaredon (a.k.a. Shuckworm, Armageddon, Primitive Bear, ACTINIUM, Callisto) is known for targeting government, law enforcement, and defense organizations in Ukraine since 2013. The Turla APT group (aka Snake, Uroburos, Waterbug, Venomous…
-
Scattered Spider Hackers Charged in Connection With Transport for London Attack
Victims collectively paid more than $115 million in ransomware payments, law enforcement said. The post Scattered Spider Hackers Charged in Connection With Transport for London Attack appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-scattered-spider-arrests/
-
New Texas Law Targets AI, Health Record Storage
New Texas health information legislation that began to go into effect on Sept. 1 includes several noteworthy provisions including requirements related to health record data storage and artificial intelligence, said regulatory attorney Rachel Rose. Rose explains the significance of the new state law. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/new-texas-law-targets-ai-health-record-storage-i-5495
-
FBI warns of cybercriminals using fake FBI crime reporting portals
The FBI warned today that cybercriminals are impersonating its Internet Crime Complaint Center (IC3) website in what the law enforcement agency described as “possible malicious activity.” First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-warns-of-fake-fbi-crime-complaint-portals-used-for-cybercrime/
-
UK police arrested two teen Scattered Spider members linked to the 2024 attack on Transport for London
U.K. police arrested two teens from the Scattered Spider group for their role in the August 2024 cyberattack on Transport for London. U.K. law enforcement authorities arrested two teenagers who are members of the notorious Scattered Spider hacking group in connection with their role in the cyber attack that hit Transport for London (TfL). Transport for London (TfL)…