Tag: law
-
Russia expected to pass experimental law that tracks foreigners in Moscow via smartphones
4-year trial is second major initiative this year that clamps down on ‘illegal immigrants’ First seen on theregister.com Jump to article: www.theregister.com/2025/05/22/russia_expected_to_pass_experimental/
-
Experts Chart Path to Creating Safer Online Spaces for Women
Gaps in laws, technology, and corporate accountability continue to put women’s safety and privacy online at risk. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/experts-path-creating-safer-online-spaces
-
Law enforcement dismantled the infrastructure behind Lumma Stealer MaaS
Microsoft found 394,000 Windows systems talking to Lumma stealer controllers, a victim pool that included global manufacturers. A US court order, with Europol and Japan’s JC3 dismantled the Lumma Stealer malware operation, seizing 2,300 domains used for command-and-control and blocking dark web markets offering the infostealer. A US court order, with Europol and Japan’s JC3,…
-
FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections
A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma (aka LummaC or LummaC2), seizing 2,300 domains that acted as the command-and-control (C2) backbone to commandeer infected Windows systems.”Malware like LummaC2 is deployed to steal…
-
Global Law Enforcers and Microsoft Seize 2300+ Lumma Stealer Domains
Law enforcers worldwide have teamed up with Microsoft to disrupt the infrastructure behind Lumma Stealer First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/law-enforcers-microsoft-2300-lumma/
-
Microsoft Dismantles Lumma Stealer Network, Seizes 2,000+ Domains
Microsoft disrupts Lumma Stealer network, seizing 2,000 domains linked to 394,000 infections in global cybercrime crackdown with law enforcement partners. First seen on hackread.com Jump to article: hackread.com/microsoft-dismantle-lumma-stealer-domain-seized/
-
Police Operation and Microsoft Take Down Lumma Infostealer
User Panels and Command and Control Domains Seized. Law enforcement and Microsoft struck a blow against malware used to steal login credentials and financial data, seizing the central command structure and thousands of online domains used to control the Lumma Stealer. Lumma first appeared on Russian-language speaking cybercriminal forums in 2022. First seen on govinfosecurity.com…
-
Lumma infostealer’s infrastructure seized during US, EU, Microsoft operation
A sting involving law enforcement and private sector companies disrupted the Lumma infostealer, malware sold around the globe to cybercriminals and credited for millions of infections. First seen on therecord.media Jump to article: therecord.media/lumma-infostealer-malware-takedown-microsoft-fbi
-
Wyden: ATT, T-Mobile, and Verizon weren’t notifying senators of surveillance requests
Sen. Ron Wyden said in a letter that one U.S. phone carrier turned over Senate data to law enforcement without notifying the target. First seen on techcrunch.com Jump to article: techcrunch.com/2025/05/21/wyden-att-t-mobile-and-verizon-werent-notifying-senators-of-surveillance-requests/
-
Russia to enforce location tracking app on all foreigners in Moscow
The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/government/russia-to-enforce-location-tracking-app-on-all-foreigners-in-moscow/
-
Lumma Stealer toppled by globally coordinated takedown
Global law enforcement authorities and Microsoft seized or disrupted the prolific infostealer’s central command infrastructure, malicious domains and marketplaces where the malware was sold. First seen on cyberscoop.com Jump to article: cyberscoop.com/lumma-stealer-infostealer-takedown/
-
GitHub package limit put law firm in security bind
The most dangerous time for enterprise security? One month after an acquisitionNearly 10% of employee genAI prompts include sensitive dataThe SolarWinds $4.4 billion acquisition gives CISOs what they least want: Uncertainty> First seen on csoonline.com Jump to article: www.csoonline.com/article/3991286/github-package-limit-put-law-firm-in-security-bind.html
-
Threat intelligence platform buyer’s guide: Top vendors, selection advice
Tags: ai, attack, automation, breach, cloud, computing, credentials, crowdstrike, cyber, cybersecurity, dark-web, data, data-breach, deep-fake, detection, dns, edr, email, endpoint, exploit, finance, firewall, fraud, gartner, google, group, guide, identity, incident response, infrastructure, intelligence, kubernetes, law, malicious, malware, microsoft, mitigation, monitoring, network, open-source, phishing, privacy, risk, service, siem, soar, soc, sophos, sql, supply-chain, technology, threat, tool, vpn, vulnerability, zero-dayThe Cybersecurity and Infrastructure Security Agency (CISA) found that since 2023 the majority of exploits were zero days, meaning exploiting heretofore unknown methods. And according to the latest Verizon Data Breach Investigations report (DBIR), the percentage of AI-assisted malicious emails doubled to 10% of the totals they observed over the past two years, making staying…
-
Dutch government passes law to criminalize cyber-espionage
The Netherlands has updated its digital security laws to criminalize cyber-espionage and increase penalties for computer-related offenses. First seen on therecord.media Jump to article: therecord.media/netherlands-law-criminalizes-cyber-espionage
-
4 ways to safeguard CISO communications from legal liabilities
Tags: ciso, communications, corporate, cyber, data, defense, governance, government, incident, jobs, law, privacy, regulation, risk, vulnerabilityPay attention to the medium: CISOs also need to pay attention to what they say based on the medium in which they are communicating. Pay attention to “how we communicate, who we’re communicating with, what platforms we’re communicating on, and whether it’s oral or written,” Angela Mauceri, corporate director and assistant general counsel for cyber…
-
Japanese Parliament Passes Active Cyber Defense Law
New Cyber Law Enables Agencies to Neutralize Attackers’ Servers Located Abroad. The Japanese Parliament passed the long-delayed active cyber defense bill on Friday, paving the way for government agencies to monitor external telecommunications and preemptively respond to signs of cyberattacks, including neutralizing attackers’ servers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/japanese-parliament-passes-active-cyber-defense-law-a-28430
-
Trump Signs Controversial Law Targeting Nonconsensual Sexual Content
Tags: lawThe Take It Down Act requires platforms to remove instances of “intimate visual depiction” within two days. Free speech advocates warn it could be weaponized to fuel censorship. First seen on wired.com Jump to article: www.wired.com/story/take-it-down-act-law-passes/
-
Hearing shows broad support for extension of cyber info-sharing law
With bipartisan support and backing from the private sector, the 2015 law appears to be on a glide path to reauthorization. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-cyber-information-sharing-hearing-congress-industry-privacy/748361/
-
Japan passed a law allowing preemptive offensive cyber actions
Japan passed a law allowing preemptive offensive cyber actions, shifting from its pacifist stance to bolster defenses like major Western powers. Japan has enacted the Active Cyberdefense Law, allowing preemptive offensive cyber operations to counter threats before damage occurs. This marks a shift from Japan’s pacifist stance under Article 9, aiming to elevate its cyber…
-
Brussels Court Slams Tracking-Based Ads, Upholds GDPR Privacy Standards
The Brussels Court of Appeal ruled on May 14, 2025, that the consent model used in tracking-based advertising by major tech companies such as Google, Microsoft, Amazon, and X (formerly Twitter) does not comply with EU privacy laws, including the General Data Protection Regulation (GDPR). First seen on thecyberexpress.com Jump to article: thecyberexpress.com/brussels-court-tracking-ads-gdpr/
-
Anthropic’s law firm throws Claude under the bus over citation errors in court filing
AI footnote fail triggers legal palmface in music copyright spat First seen on theregister.com Jump to article: www.theregister.com/2025/05/15/anthopics_law_firm_blames_claude_hallucinations/
-
Cyber threat info sharing law reauthorization sought by industry leaders
First seen on scworld.com Jump to article: www.scworld.com/brief/cyber-threat-info-sharing-law-reauthorization-sought-by-industry-leaders
-
Industry Pushes for Renewal of Cyber Information-Sharing Law
First seen on scworld.com Jump to article: www.scworld.com/brief/industry-pushes-for-renewal-of-cyber-information-sharing-law
-
Hearing shows broad support for cyber info-sharing law extension
With bipartisan support and backing from the private sector, the 2015 law appears to be on a glide path to reauthorization. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-cyber-information-sharing-hearing-congress-industry-privacy/748361/
-
Consensus forms on reauthorizing 2015 cyber info-sharing law now, upgrading it later
Both witnesses and lawmakers at a House hearing said the law must not lapse in September. First seen on cyberscoop.com Jump to article: cyberscoop.com/consensus-forms-on-reauthorizing-2015-cyber-info-sharing-law-now-upgrading-it-later/
-
Hackers Exploit Google Services to Send Malicious Law Enforcement Requests
Tags: cyber, cybersecurity, exploit, google, hacker, infrastructure, law, malicious, phishing, serviceCybersecurity researchers have uncovered a sophisticated phishing campaign where malicious actors exploit Google services to dispatch fraudulent law enforcement requests. This audacious scheme leverages the trust associated with Google’s infrastructure, specifically Google Forms and Google Drive, to craft and distribute highly convincing requests that appear to originate from legitimate law enforcement entities. The primary objective…
-
Data on sale: Trump administration withdraws data broker oversight proposal
Tags: breach, compliance, data, data-breach, exploit, finance, framework, group, identity, infrastructure, law, military, privacy, regulation, theft, vulnerabilityPrivacy concerns escalate : Without these protections, data brokers can continue collecting and selling Americans’ sensitive personal information with minimal oversight. This data often includes Social Security numbers, financial records, location histories, and purchase patterns, leaving consumers vulnerable to identity theft and fraud. “Demographic groups already underserved by mainstream financial services”, low-income earners, elderly individuals, and racial…
-
Why we must reform the Computer Misuse Act: A cyber pro speaks out
Britain’s outdated hacking laws are leaving the UK’s cyber practitioners hamstrung and afraid. Security professional Simon Whittaker reveals how he nearly ran afoul of the Computer Misuse Act, and why he’s speaking out for reform First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366623789/Why-we-must-reform-the-Computer-Misuse-Act-A-cyber-pro-speaks-out
-
Congress faces pressure to renew cyber information-sharing law
The law’s expiration in September could jeopardize a wide range of information-sharing partnerships that have helped catch and thwart cyberattacks in the U.S. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-reauthorization-congress-industry-letter/748053/