Tag: law
-
How an Interdiction Mindset Can Help Win War on Cyberattacks
The US military and law enforcement learned to outthink insurgents. It’s time for cybersecurity to learn to outsmart and outmaneuver threat actors with the same framework. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/how-interdiction-mindset-cyberattacks
-
Threat-informed defense for operational technology: Moving from information to action
Tags: access, ai, attack, automation, blueteam, cloud, control, crime, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, exploit, finance, fortinet, framework, group, incident response, infrastructure, intelligence, law, malicious, malware, mitre, network, phishing, PurpleTeam, ransomware, RedTeam, resilience, risk, service, soar, strategy, tactics, technology, threat, tool, usaThe rise of cybercrime-as-a-service Today’s macro threat landscape is a flourishing ecosystem of cybercrime facilitated by crime-as-a-service (CaaS) models. Cybercriminal networks now operate like legitimate businesses, with specialized units dedicated to activities such as money laundering, malware development, and spear phishing. This ecosystem lowers the barrier to entry for cybercrime, enabling low-skilled adversaries to launch…
-
Police shuts down KidFlix child sexual exploitation platform
Kidflix, one of the largest platforms used to host, share, and stream child sexual abuse material (CSAM) on the dark web, was shut down on March 11 following a joint action coordinated by German law enforcement. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-shuts-down-kidflix-child-sexual-exploitation-platform/
-
Gootloader Malware Resurfaces in Google Ads for Legal Docs
Attackers target a familiar industry, law professionals, by hiding the infostealer in ads delivered via Google-based malvertising. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/gootloader-malware-google-ads-legal-docs
-
North Korean IT worker scam spreading to Europe after US law enforcement crackdown
North Korea’s IT worker scam has expanded widely into Europe after years of focusing on U.S. companies, according to new research. First seen on therecord.media Jump to article: therecord.media/north-korean-it-worker-scam-spreads-to-europe
-
European Commission takes aim at endend encryption and proposes Europol become an EU FBI
The Commission said it would create roadmaps regarding both the “lawful and effective access to data for law enforcement” and on encryption. First seen on therecord.media Jump to article: therecord.media/european-commission-takes-aim-encryption-europol-fbi-proposal
-
UK sets out new cyber reporting requirements for critical infrastructure
The belated reworking of the country’s cybersecurity regulations comes three years after the previous government had prematurely described those laws as “updated” while failing to actually introduce the legislation. First seen on therecord.media Jump to article: therecord.media/uk-sets-out-cyber-reporting-requirements-critical-infrastructure
-
Russia tightens cybersecurity measures as financial fraud hits record high
Vladimir Putin signed a law on Monday that prohibits state institutions, banks and others from using foreign messaging apps when communicating with customers. First seen on therecord.media Jump to article: therecord.media/russia-tightens-cyber-measures-as-fraud-hits-record-high
-
UK Police Are Ill-Equipped to Tackle AI Crimes
New Turing Institute Report Urges Government to Create AI Crime Task Force. British law enforcement agencies are ill-equipped to tackle artificial intelligence-enabled cybercrime, a report by The Alan Turing Institute says, pointing to an enormous gap between police technical capabilities and the growing sophistication of threat actors. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/uk-police-are-ill-equipped-to-tackle-ai-crimes-a-27888
-
Reassessing UK law enforcement data adequacy
Computer Weekly takes stock of proposed changes to the UK’s law enforcement data protection rules and how it could affect data adequacy with the European Union First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366621775/Reassessing-UK-law-enforcement-data-adequacy
-
UK law enforcement data adequacy at risk
The UK government says reforms to police data protection rules will help to simplify law enforcement data processing, but critics argue the changes will lower protection to the point where the UK risks losing its European data adequacy First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366621774/UK-law-enforcement-data-adequacy-at-risk
-
Russian Hackers Leverage Bulletproof Hosting to Shift Network Infrastructure
Russian-aligned cyber threat groups, UAC-0050 and UAC-0006, have significantly escalated their operations in 2025, targeting entities worldwide with a focus on Ukraine. These groups employ bulletproof hosting services to mask their network infrastructure, enabling sophisticated campaigns involving financial theft, espionage, and psychological operations. UAC-0050, linked to Russian law enforcement agencies, has transitioned to deploying NetSupport…
-
Understanding Privacy Changes: eBay’s AI Policy and The Future of Data Privacy
In this episode, host Tom Eston discusses recent privacy changes on eBay related to AI training and the implications for user data. He highlights the hidden opt-out feature for AI data usage and questions the transparency of such policies, especially in regions without strict privacy laws like the United States. The host also explores how……
-
12 Cybercriminals Arrested After Ghost Communication Platform Shutdown
Law enforcement agencies have successfully dismantled a clandestine communication platform known as >>Ghost,
-
Legal impact on cybersecurity in 2025: new developments and challenges in the EU
Tags: 5G, authentication, compliance, corporate, cybersecurity, dora, finance, framework, fraud, identity, law, network, regulation, resilience, risk, service, strategy, technology, theftDORA Regulation: digital operational resilience in the financial sector: Regulation 2022/2554 (DORA) focuses on increasing the “Digital Operational Resilience” of financial institutions. Approved on 14 December 2022, DORA seeks to strengthen the security and robustness of financial sector entities’ information systems, with the aim of reducing technological risks and cyberthreats.As mentioned, DORA is applicable to…
-
Understanding RDAP: The Future of Domain Registration Data Access
Tags: access, api, attack, authentication, china, compliance, control, cyber, cybercrime, cybersecurity, data, detection, exploit, framework, fraud, GDPR, incident response, infrastructure, intelligence, Internet, law, malicious, malware, phishing, privacy, regulation, service, threat, tool, vulnerability -
INTERPOL Arrests 306 Suspects, Seizes 1,842 Devices in Cross-Border Cybercrime Bust
Law enforcement authorities in seven African countries have arrested 306 suspects and confiscated 1,842 devices as part of an international operation codenamed Red Card that took place between November 2024 and February 2025.The coordinated effort “aims to disrupt and dismantle cross-border criminal networks which cause significant harm to individuals and businesses,” INTERPOL said, adding it…
-
Thai officers intercept Starlink transmitters allegedly headed for Myanmar scam centers
Thai law enforcement on Saturday reportedly confiscated 38 Starlink satellite internet transmitters allegedly intended to be used in scam compounds in Myanmar. First seen on therecord.media Jump to article: therecord.media/thai-officers-intercept-starlink-transmitters-myanmar-cyber-scam-compounds
-
Hackers steal sensitive data from Pennsylvania county during ransomware attack
The government of Union County in central Pennsylvania said a recent ransomware attack exposed information related to law enforcement and other government business. First seen on therecord.media Jump to article: therecord.media/union-county-pennsylvania-ransomware-attack
-
Over 300 arrested in international crackdown on cyber scams
Law enforcement agencies in seven African countries arrested over 300 suspected cybercriminals involved in mobile banking, investment and messaging app scams, according to a statement on Monday by Interpol. First seen on therecord.media Jump to article: therecord.media/300-arrested-africa-crackdown-cyber-scams
-
Police arrests 300 suspects linked to African cybercrime rings
African law enforcement authorities have arrested 306 suspects as part of ‘Operation Red Card,’ an INTERPOL-led international crackdown targeting cross-border cybercriminal networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-arrests-300-suspects-linked-to-african-cybercrime-rings/
-
Google, OpenAI target state laws in AI action plan
The federal government is developing plans for AI policy in the U.S. Stakeholders want a federal policy preempting state laws as a top strategic priority. First seen on techtarget.com Jump to article: www.techtarget.com/searchenterpriseai/news/366621060/Google-OpenAI-target-state-laws-in-AI-action-plan
-
CISOs are taking on ever more responsibilities and functional roles has it gone too far?
Tags: ai, business, cio, ciso, cloud, compliance, computing, control, corporate, cyber, cybersecurity, data, defense, framework, fraud, governance, healthcare, infosec, intelligence, international, Internet, jobs, law, mitigation, nist, privacy, regulation, resilience, risk, risk-management, service, skills, software, supply-chain, technology, threatth century alongside technology and internet-enabled threats, morphing to meet the demands of the moment. But the position hasn’t just matured; in many cases it has expanded, taking on additional domains.”The CISO role has expanded significantly over the years as companies realize that information security has a unique picture of what is going on across…
-
Unmasking ALTDOS, DESORDEN, GHOSTR, and Omid16B: The Saga of a Cybercriminal
In a four-year pursuit that spanned multiple aliases and continents, law enforcement has finally apprehended a notorious cybercriminal. First seen on securityonline.info Jump to article: securityonline.info/unmasking-altdos-desorden-ghostr-and-omid16b-the-saga-of-a-cybercriminal/
-
Nation-State ‘Paragon’ Spyware Infections Target Civil Society
Law enforcement entities in democratic states have been deploying top-of-the-line messaging app spyware against journalists and aid workers. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/nation-state-paragon-spyware-infections
-
Fifth Circuit Strikes Down >>Geofence<< Warrants Conflict With Fourth Circuit
Geofence warrants are a relatively new tool that allows law enforcement to obtain location data from devices within a specified geographic area during a specific time frame. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/fifth-circuit-strikes-down-geofence-warrants-conflict-with-fourth-circuit/
-
12 Hours or Else: Hong Kong’s Cybersecurity Explained
Tags: banking, cybersecurity, defense, framework, healthcare, infrastructure, law, risk, risk-assessmentHong Kong has officially enacted a new cybersecurity law aimed at securing critical infrastructure, a move that brings its regulatory framework closer to mainland China’s. The Protection of Critical Infrastructures (Computer Systems) Bill, passed on March 19, 2025, requires key industries”, such as banking, energy, healthcare, and telecommunications”, to strengthen their cybersecurity defenses, conduct regular…
-
AI Regs: Compliance Risks and Hidden Liabilities for CISOs
Attorney Jonathan Armstrong on AI Security, Legal Risks Related to EU AI Act. AI regulation is evolving fast, and many businesses may already be violating key provisions without realizing it. Jonathan Armstrong, partner at Punter Southall Law, warns that companies may be using high-risk AI applications without security teams even knowing. First seen on govinfosecurity.com…