Tag: law
-
UkraineGermany operation targets Black Basta, Russian leader wanted
Police in Ukraine and Germany identified Black Basta suspects and issued an international wanted notice for the group’s alleged Russian leader. Ukrainian and German police raided homes linked to alleged Black Basta ransomware members, identifying two Ukrainian suspects. Law enforcement also issued an international wanted notice for the group’s alleged Russian ringleader. >>The Office of…
-
Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice
Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta.In addition, the group’s alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Ðефедов Олег Евгеньевич), has been added to the European Union’s Most Wanted and INTERPOL’s Red Notice lists, authorities First seen on…
-
Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice
Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta.In addition, the group’s alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Ðефедов Олег Евгеньевич), has been added to the European Union’s Most Wanted and INTERPOL’s Red Notice lists, authorities First seen on…
-
Ransomware by the Numbers: Count of Victims and Groups Surge
Despite Some Well-Known Groups Disappearing, Ransomware Competition Remains Fierce. Here’s unwelcome ransomware news: Groups’ victim listings and underground chatter suggest that the count of victims and number of criminal groups behind such attacks have both risen over the past 12 months, despite repeat disruptions by law enforcement, fierce competition and fewer victims paying. First seen…
-
Microsoft Legal Action Disrupts RedVDS Cybercrime Infrastructure Used for Online Fraud
Microsoft on Wednesday announced that it has taken a “coordinated legal action” in the U.S. and the U.K. to disrupt a cybercrime subscription service called RedVDS that has allegedly fueled millions in fraud losses.The effort, per the tech giant, is part of a broader law enforcement effort in collaboration with law enforcement authorities that has…
-
Microsoft, Law Enforcement Disrupt RedVDS Global Cybercrime Service
Microsoft and law enforcement agencies in Europe disrupted the operations of RedVDS, a global cybercrime service that sold cheap and disposable dedicated virtual servers to threat actors that used them to run BEC, phishing, and other fraud campaigns. The vendor now wants to shut down its payment networks and find the operators behind it. First…
-
Microsoft Disrupts Cybercrime Service RedVDS
RedVDS, a cybercrime-as-a-service operation that has stolen millions from victims, lost two domains to a law enforcement operation supported by Microsoft. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/microsoft-disrupts-cybercrime-service-redvds
-
Microsoft disrupts RedVDS cybercrime platform behind $40 million in scam losses
Microsoft and law enforcement partners took down a popular cybercriminal subscription service called RedVDS that was used to enable more than $40 million in fraud losses in the United States alone. First seen on therecord.media Jump to article: therecord.media/microsoft-redvds-cybercrime-scam
-
US cybersecurity weakened by congressional delays despite Plankey renomination
Tags: business, cisa, cyber, cybersecurity, government, infrastructure, law, network, risk, strategy, threatCISA 2015 reauthorization: Likely, but late and suboptimal: A major cybersecurity bill called the Cybersecurity Information Sharing Act of 2015 (CISA 2015), which expired on Sept. 30, was temporarily revived on Nov. 13 and given a two-month lease on life through Jan. 30, 2026. The law provides critical legal liability protections that enable cyber threat…
-
Dark Patterns, Children’s Data and Corporate Fiduciary Risk
How UX Decisions Are Becoming Regulatory Liabilities for CISOs Children’s data is entering a new regulatory era where dark patterns, defaults and monetization choices can signal breached fiduciary duty. As privacy, safety and consumer laws converge globally, CISOs must treat manipulative UX, consent flows and retention practices as core security and governance risks. First seen…
-
Cloudflare Says ‘Non C’è Modo’ (No Way) In Defiance of Italy Piracy Shield Law
Italian authorities have fined Internet security company Cloudflare $16.3 as a result of the content delivery network specialist’s refusal to block access to pirate sites on its 1.1.1.1 DNS service. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/cloudflare-says-non-ce-modo-no-way-in-defiance-of-italy-piracy-shield-law/
-
Notorious BreachForums hacking site hit by ‘doomsday’ leak of 324,000 criminal users
Tags: access, breach, crime, cyber, cybercrime, dark-web, data, data-breach, email, extortion, group, hacking, intelligence, law, leak, password, penetration-testing, ransomware, risk, service, threatHave I Been Pwned, the data breach happened last August, two months before the police takedown of the BreachForums data extortion site after threats by Scattered Lapsus$ Hunters to use it to release one billion records stolen from Salesforce customers.This tallies with the August 11 date on the database leaked last week; that was the…
-
Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult
No matter what new laws or regulations make the cut for 2026, it’s clear that compliance challenges will persist and federal legislation will be limited. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/navigating-privacy-and-cybersecurity-laws-in-2026-will-prove-difficult
-
Europol and Spanish Police arrest 34 in crackdown on Black Axe criminal network
Europol announced the arrest of 34 suspected Black Axe members in Spain during a joint operation with Spanish and European law enforcement. Europol announced the arrest of 34 suspects in Spain linked to the Black Axe criminal network, following a joint operation by Spanish police, Bavarian authorities, and Europol, with most arrests in Seville. >>The…
-
Researchers Uncover 28 Unique IPs and 85 Domains Hosting Carding Markets
Between July and December 2025, cybersecurity firm Team Cymru conducted an extensive analysis of carding infrastructure, revealing a sophisticated network comprising 28 unique IP addresses and 85 domains that actively host illicit carding markets and forums. The research employed technical fingerprinting methods crucial for financial institutions, law enforcement agencies, and fraud fusion centers working to…
-
EU’s Chat Control could put government monitoring inside robots
Cybersecurity debates around surveillance usually stay inside screens. A new academic study argues that this boundary no longer holds when communication laws extend into … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/12/eu-chat-control-robots-surveillance/
-
CCPA Compliance Checklist for 2026: What You Need to Know
Key Takeaways The California Consumer Privacy Act (CCPA) is California’s primary privacy law governing how businesses collect, use, disclose, and protect personal information about California residents. Since its introduction, the law has steadily evolved, expanding both the rights granted to individuals and the expectations placed on organizations that handle personal data. The CCPA law gives……
-
Zero-Knowledge Compliance: How Privacy-Preserving Verification Is Transforming Regulatory Technology
Traditional compliance often forces companies to expose sensitive information to prove they follow the rules. This approach increases the risk of breaches and raises severe privacy concerns. With rising regulatory pressure and stricter data sovereignty laws, more organizations are exploring zero-knowledge frameworks as a safer alternative. Zero-knowledge proofs (ZKPs) allow businesses to prove adherence without..…
-
‘Elon Musk is playing with fire:’ All the legal risks that apply to Grok’s deepfake disaster
There are legal tools in place to curb what’s happening on X, but the incident will be precedent-setting for how these laws and regulations are wielded for AI-generated images. First seen on cyberscoop.com Jump to article: cyberscoop.com/elon-musk-x-grok-deepfake-crisis-section-230/
-
US announces withdrawal from dozens of international treaties
Although the list does not include what are perceived to be the more consequential multilateral bodies shaping global cyber governance and state behaviour in cyberspace, some of the organizations play a role in shaping international law broadly. First seen on therecord.media Jump to article: therecord.media/us-announces-withdrawal-from-dozens-international-orgs
-
8 things CISOs can’t afford to get wrong in 2026
Tags: access, advisory, ai, attack, automation, awareness, breach, business, ciso, cloud, communications, compliance, control, cyber, cyberattack, cybersecurity, data, data-breach, defense, dora, encryption, finance, firmware, GDPR, healthcare, identity, incident response, india, infrastructure, injection, insurance, intelligence, iot, jobs, law, malicious, monitoring, network, privacy, ransom, regulation, resilience, risk, saas, scam, service, software, strategy, supply-chain, tactics, technology, theft, threat, tool, training, update, vulnerability, zero-trust“Identity and access controls for AI agents and AI platforms are one of the most important areas of concern for CISOs,” says Jason Stading, director at global technology research and advisory firm ISG. “Right now, permissions and access rights for AI are a black box in many areas. We will see a major push over…
-
The nation’s strictest privacy law just took effect, to data brokers’ chagrin
Californians can now submit demands requiring 500 brokers to delete their data. First seen on arstechnica.com Jump to article: arstechnica.com/tech-policy/2026/01/data-broker-hoarding-is-rampant-new-law-lets-consumers-fight-back/
-
Convicted Bitfinex bitcoin launderer freed from prison, thanks Trump law
Tags: lawIlya Lichtenstein was supposed to serve five years after being sentenced in late 2024. First seen on cyberscoop.com Jump to article: cyberscoop.com/bitfinex-hacker-ilya-lichtenstein-early-release-first-step-act/
-
How the Organizational Risk Culture Standard can supercharge your cybersecurity culture
Tags: automation, ceo, communications, compliance, control, cyber, cybersecurity, data, detection, email, finance, framework, group, guide, intelligence, law, metric, nist, phishing, ransomware, RedTeam, resilience, risk, tool, updateThe 10 dimensions, translated for cybersecurity: The ORCS framework defines ten dimensions. Treat them as a system. Each one is distinct; together they are complete. Leadership & governance. Leaders set the tone, model the behavior and anchor accountability. If leaders treat cyber as only an IT issue, everyone else will, too. When leaders make risk-informed…
-
Disney Fined $10M for Violating Children’s Privacy Laws on YouTube
Disney agrees to a $10M settlement with the DOJ and FTC over YouTube privacy violations. Learn how the COPPA ruling affects kids’ data and Disney’s new rules. First seen on hackread.com Jump to article: hackread.com/disney-fine-violating-children-privacy-laws-youtube/
-
ManageMyHealth Provides Update on Ongoing Cyberattack Investigation
Manage My Health (MMH) has released a detailed update on the ongoing investigation following a cyberattack that was first reported on 30 December 2025. The ManageMyHealth hack has affected a portion of the organization’s user base, prompting urgent responses from MMH, Health New Zealand, and law enforcement agencies. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/managemyhealth-hack-explained/
-
California’s DROP Platform Launches: What Enterprise B2B SaaS Companies Need to Know About Data Deletion Compliance
How California’s groundbreaking data deletion law signals a fundamental shift in enterprise identity lifecycle management”, and why your SSO infrastructure matters more than ever First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/californias-drop-platform-launches-what-enterprise-b2b-saas-companies-need-to-know-about-data-deletion-compliance/
-
California’s DROP Platform Launches: What Enterprise B2B SaaS Companies Need to Know About Data Deletion Compliance
How California’s groundbreaking data deletion law signals a fundamental shift in enterprise identity lifecycle management”, and why your SSO infrastructure matters more than ever First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/californias-drop-platform-launches-what-enterprise-b2b-saas-companies-need-to-know-about-data-deletion-compliance/
-
Resecurity Caught ShinyHunters in Honeypot
Resecurity caught ShinyHunters (SLH) using decoy accounts; the group attacked airlines, telecoms, and law enforcement in Sept 2025. In an interesting development, Resecurity has caught actors known as “ShinyHunters” or >>Scattered Lapsus$ Hunters
-
A Week That Set the Tone for 2026: Cyber Laws, Breaches, and Disinformation
This week, The Cyber Express takes a closer look at the events shaping the global cybersecurity landscape as we transition from 2025 to 2026. Throughout this week, we covered new cybersecurity laws, insider jobs involving ransomware, AI-driven disinformation, and data protection enforcement. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/the-cyber-express-weekly-roundup-jan-2026/