Tag: law

New TETRA Radio Encryption Flaws Expose Law Enforcement Communications

Aug 11, 2025 8:12 PM

Tags: attack, communications, cybersecurity, encryption, flaw, law, usa, vulnerability

Cybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio (TETRA) communications protocol, including in its proprietary end-to-end encryption (E2EE) mechanism that exposes the system to replay and brute-force attacks, and even decrypt encrypted traffic.Details of the vulnerabilities dubbed 2TETRA:2BURST were presented at the Black Hat USA First seen on…
Eight Countries Face EU Action Over NIS2 Deadline Failings

Aug 11, 2025 12:12 PM

Tags: law, nis-2

Eight European countries have yet to transpose NIS2 into law, exposing them to regulatory action First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/eight-countries-eu-action-nis2/
How Brandolini’s law informs our everyday infosec reality

Aug 11, 2025 9:12 AM

Tags: infosec, law

Brandolini’s law, also known as the “bullshit asymmetry principle”, is simple but devastating: >>The amount of energy needed to refute bullshit is an order of magnitude … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/11/brandolinis-law-cybersecurity-reality/
Columbia University data breach impacted 868,969 people

Aug 8, 2025 9:12 PM

Tags: breach, cyberattack, data, data-breach, law, office

Columbia University was hit by a cyberattack, exposing personal data of over 860,000 students, applicants, and employees. Columbia University suffered a cyberattack that exposed the personal data of students, applicants, and employees. According to the data breach notification sent to the Maine Attorney’s General Office, the incident impacted 868,969 people. The organization quickly notified law enforcement.…
EU law to protect journalists from spyware takes effect

Aug 8, 2025 7:11 PM

Tags: group, law, spyware

Critics from press freedom groups say member states have not taken steps to give the law any teeth. First seen on therecord.media Jump to article: therecord.media/eu-law-to-protect-journalists-from-spyware-takes-effect
US Confirms Takedown of BlackSuit Ransomware Behind 450+ Hacks

Aug 8, 2025 11:11 AM

Tags: cyber, cybercrime, infrastructure, international, law, network, ransom, ransomware

Federal law enforcement agencies have successfully dismantled the critical infrastructure of BlackSuit ransomware, a sophisticated cybercriminal operation that has compromised over 450 victims across the United States since 2022 and collected more than $370 million in ransom payments. Major International Operation Targets Cyber Criminal Network ICE’s Homeland Security Investigations (HSI) led the coordinated takedown in…
Germany’s top court holds that police can only use spyware to investigate serious crimes

Aug 7, 2025 10:11 PM

Tags: communications, crime, crimes, germany, law, spyware

The plaintiffs argued that a 2017 rules change enabling law enforcement to use spyware to eavesdrop on encrypted chats and messaging platforms could unfairly expose communications belonging to people who are not criminal suspects. First seen on therecord.media Jump to article: therecord.media/germany-spyware-limitations-court-rules
Encryption Made for Police and Military Radios May Be Easily Cracked

Aug 7, 2025 9:11 PM

Tags: encryption, law, military

Researchers found that an encryption algorithm likely used by law enforcement and special forces can have weaknesses that could allow an attacker to listen in. First seen on wired.com Jump to article: www.wired.com/story/encryption-made-for-police-and-military-radios-may-be-easily-cracked-researchers-find/
6 ways hackers hide their tracks

Aug 7, 2025 10:11 AM

Tags: access, ai, antivirus, api, attack, backdoor, breach, captcha, ceo, computer, control, credentials, crypto, cybersecurity, data, data-breach, defense, detection, email, endpoint, exploit, github, hacker, injection, intelligence, jobs, law, linux, LLM, login, malicious, malware, monitoring, network, open-source, openai, phishing, programming, RedTeam, resilience, reverse-engineering, risk, rust, service, social-engineering, software, supply-chain, threat, tool, virus, windows

Backdoors in legitimate software libraries: In April 2024, it was revealed that the XZ Utils library had been covertly backdoored as part of years-long supply-chain compromise effort. The widely used data compression library that ships as a part of major Linux distributions had malicious code inserted into it by a trusted maintainer.Over the last decade,…
Jury Holds Meta Accountable in ‘Landmark’ Privacy Decision

Aug 5, 2025 12:28 AM

Tags: communications, data, law, privacy, programming, software, tool

Verdict Says Meta Tracked Consumers’ Sensitive Data in Flo Health App. A federal jury found that Meta violated California privacy laws by eavesdropping and recording confidential communications without the consent of millions of consumers who used Flo Health’s fertility app embedded with Meta’ software development tools and tracking pixels. First seen on govinfosecurity.com Jump to…
Ransomware attacks: The evolving extortion threat to US financial institutions

Aug 4, 2025 2:28 PM

Tags: access, ai, antivirus, attack, backup, banking, breach, business, cloud, communications, compliance, control, credentials, crime, crimes, cyber, cybercrime, cybersecurity, dark-web, data, ddos, defense, detection, edr, email, encryption, endpoint, extortion, finance, firewall, governance, group, identity, incident response, infrastructure, insurance, intelligence, international, korea, law, leak, least-privilege, lessons-learned, linkedin, linux, lockbit, login, malicious, mfa, monitoring, network, north-korea, organized, phishing, ransom, ransomware, resilience, risk, rust, service, soc, social-engineering, software, startup, strategy, supply-chain, tactics, theft, threat, tool, training, update, usa, vmware, vulnerability, warfare, windows, zero-trust

Before sunrise on a chilly November morning, I got the kind of call no security leader ever wants. A mid-sized U.S. bank had been hit overnight hard. Customers couldn’t access their accounts, ATMs were non-functional and every screen in the company’s environment glowed with the same ominous message: their systems were encrypted, and data had…
Why Legal Woes Continue to Mount Over Health Data Trackers

Aug 1, 2025 10:31 PM

Tags: data, HIPAA, law, privacy, tool

The use on online tracking tools on the health-related websites and apps of HIPAA and non-HIPAA regulated entities continues to be a lightning rod due to a long list of ongoing data privacy, regulatory and legal concerns, said partner and attorney Elizabeth Hodge of the law firm Akerman. First seen on govinfosecurity.com Jump to article:…
Qilin Ransomware Sees Surge After Collapse of Dominant RansomHub RaaS

Aug 1, 2025 7:28 PM

Tags: cyber, group, international, law, ransomware, service

The ransomware landscape underwent significant disruption, marked by the abrupt cessation of operations from several prominent Ransomware-as-a-Service (RaaS) groups, including RansomHub, Babuk-Bjorka, FunkSec, BianLian, 8Base, Cactus, Hunters International, and LockBit. This wave of disappearances has fragmented the ecosystem, diminishing the dominance of major players and fostering a proliferation of smaller, independent actors. Global law enforcement…
How UK SMBs Can Handle Sensitive Information Without Breaking the Law (or the Bank)

Aug 1, 2025 3:28 PM

Tags: data, finance, law, startup

How UK SMBs Can Handle Sensitive Information Without Breaking the Law (or the Bank) Introduction Data is the lifeblood of modern businesses, but for small and medium-sized enterprises (SMBs), it can also be a legal, financial, and reputational minefield. Whether you’re a two-person law firm or a 50-employee tech startup, if you’re handling personal, financial,……
Ransomware gangs capitalize on law enforcement takedowns of competitors

Jul 31, 2025 6:28 PM

Tags: cybercrime, group, law, lockbit, ransomware

After authorities dismantled LockBit and RansomHub, other groups rushed in to snatch up their affiliates, according to a new report that highlights a cybercrime ecosystem in flux. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-groups-competition-check-point-report/756451/
Ransomware up 179%, credential theft up 800%: 2025’s cyber onslaught intensifies

Jul 31, 2025 4:28 PM

Tags: attack, breach, credentials, cve, cyber, data, defense, exploit, flaw, group, identity, intelligence, law, lockbit, malicious, nvd, ransomware, risk, service, software, strategy, technology, terrorism, theft, threat, update, vulnerability

Exploits multiply as defenders play catch-up: Vulnerability disclosure rose by 246%, and publicly available exploits increased by 179%, with over 20000 vulnerabilities disclosed in the first half of 202535% of which already have exploit code.A backlog of 42000 vulnerabilities awaiting NVD analysis and delays in CVE enrichment leave organizations blind to many critical flaws, the…
EU Cyber Resilience Act: What You Must Do Before 2027

Jul 31, 2025 2:28 PM

Tags: cyber, law, resilience

The European Union isn’t asking nicely anymore. With the Cyber Resilience Act, they’re laying down the law, literally, for how every company that makes or sells digital products in the… The post EU Cyber Resilience Act: What You Must Do Before 2027 appeared first on Strobes Security. First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2025/07/eu-cyber-resilience-act-what-you-must-do-before-2027/
Bangalore Techie Arrested for Alleged Role in $44 Million Cryptocurrency Theft

Jul 31, 2025 2:28 PM

Tags: crypto, cyber, fraud, identity, india, law, technology, theft

A Bangalore-based technology professional has been arrested in connection with a massive cryptocurrency theft worth approximately â‚¹379 crore ($44 million) from the popular Indian crypto exchange CoinDCX, according to law enforcement officials. The arrest represents one of the most significant cryptocurrency fraud cases in India’s rapidly evolving digital asset landscape. The suspect, whose identity has…
Researchers released a decryptor for the FunkSec ransomware

Jul 31, 2025 9:28 AM

Tags: law, ransomware

Researchers have released a decryptor for the ransomware FunkSec, allowing victims to recover their encrypted files for free. Researchers at Avast developed a decryptor for the FunkSec ransomware. Gen Digital researchers released a decryptor for the FunkSec ransomware after cooperating with law enforcement to neutralize the threat. >>Researchers at Avast developed a decryptor for the…
Ransomware gang tells Ingram Micro, ‘Pay up by August 1’

Jul 31, 2025 5:28 AM

Tags: access, attack, backup, breach, cyber, cyberattack, data, data-breach, encryption, exploit, extortion, government, group, international, Internet, law, leak, organized, ransom, ransomware, technology, tool, vpn, vulnerability

Ransomware attacks increase: In a report on ransomware released this week, researchers at Zscaler ThreatLabz said the number of organizations listed on all ransomware leak sites rose 70% in the 12 month period ending in April.A growing number of ransomware operators are abandoning encryption of data in favour of just data extortion, it noted. For…
2 Law Group Data Theft Hacks Affect 282,100 Patients

Jul 30, 2025 9:28 PM

Tags: breach, data, data-breach, group, hacker, healthcare, law, office, ransom, theft

Firm Admits Paying Ransom in Exchange of Hacker’s Promise to Delete Stolen Info. Two Florida-based law firms with offices in other states are notifying 282,100 people whose healthcare and other information was potentially compromised in separate data theft incidents. One of the firms admitted to paying a ransom to prevent its data from being leaked…
Decryptor released for FunkSec ransomware; Avast works with law enforcement to help victims

Jul 30, 2025 4:28 PM

Tags: cybersecurity, law, ransomware

Cybersecurity company Avast released a decryptor for the short-lived FunkSec ransomware and said it is assisting dozens of the gang’s targets with the process. First seen on therecord.media Jump to article: therecord.media/funksec-ransomware-decryptor-avast
Senator warns of new UK surveillance risks to US citizens following Apple ‘backdoor’ row

Jul 30, 2025 10:28 AM

Tags: apple, backdoor, encryption, law, risk

US lawmaker calls for the US to publish an assessment of the risks posed by UK surveillance laws to US citizens in the wake of disclosures that the UK has ordered Apple to introduce ‘backdoors’ in Apple encryption First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366628083/Senator-warns-of-new-UK-surveillance-risks-to-US-citizens-following-Apple-back-door-row
Free Decryptor Released for AI-Powered FunkSec Ransomware

Jul 30, 2025 10:28 AM

Tags: ai, cyber, law, malware, ransomware, tool

Researchers at Avast have unveiled a free decryptor tool for victims of the FunkSec ransomware, marking a significant step in combating this now-defunct malware strain. Developed in collaboration with law-enforcement agencies, the decryptor enables affected users to recover encrypted files without paying ransoms. With the ransomware operation deemed inactive, Avast has made the tool publicly…
VPN Use Surges as UK Online Safety Act Takes Effect

Jul 30, 2025 1:27 AM

Tags: law, network, service, vpn

New UK Law Requiring Age-Verification Measures on Porn Sites Causes VPN Use to Soar. Free virtual private network services are soaring to the top of the app charts in the United Kingdom after a new law went into effect Friday requiring platforms that contain adult content – including sites like X and Reddit – to…
Wyden asks White House to scrutinize UK surveillance laws

Jul 29, 2025 9:28 PM

Tags: apple, backdoor, cloud, government, law

The senator’s letter follows revelations in February that the U.K. government had asked Apple for what critics have called a backdoor to view all content Apple users have uploaded to the cloud even when it has been stored using end-to-end encryption. First seen on therecord.media Jump to article: therecord.media/wyden-asks-white-house-scrutinize-uk-surveillance-laws-apple
Austrian government faces likely legal challenge over state spyware

Jul 29, 2025 8:27 PM

Tags: government, group, law, spyware

Civil society groups are talking to opposition MPs about bringing a legal challenge to the Austrian constitutional court over ‘state trojan’ law First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366628109/Austrian-government-faces-likely-legal-challenge-over-state-spyware
Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims

Jul 29, 2025 4:28 PM

Tags: dark-web, extortion, infrastructure, law, ransomware, service

A newly emerged ransomware-as-a-service (RaaS) gang called Chaos is likely made up of former members of the BlackSuit crew, as the latter’s dark web infrastructure has been the subject of a law enforcement seizure.Chaos, which sprang forth in February 2025, is the latest entrant in the ransomware landscape to conduct big-game hunting and double extortion…
Age Verification Laws Send VPN Use Soaring”, and Threaten the Open Internet

Jul 29, 2025 1:28 PM

Tags: access, Internet, law, vpn

A law requiring UK internet users to verify their age to access adult content has led to a huge surge in VPN downloads”, and has experts worried about the future of free expression online. First seen on wired.com Jump to article: www.wired.com/story/vpn-use-spike-age-verification-laws-uk/
Rise of Chaos Ransomware Tied to BlackSuit Group’s Exit

Jul 29, 2025 12:27 AM

Tags: group, international, law, ransom, ransomware, russia

Operation Checkmate Disrupts One of the Large Russian-Speaking Ransomware Groups. An international law enforcement operation has disrupted BlackSuit, a ransomware group tied to hundreds of victims and ransom demands that exceeded half a billion dollars. The takedown occurred as security experts tracked the rise of a new group called Chaos, which may be a BlackSuit…