Tag: law
-
North Korea’s Modular Malware Strategy Hides Attribution, Defies Takedowns
North Korea’s cyber program is shifting from monolithic “families” to a modular, portfolio-style malware ecosystem designed to survive exposure, frustrate attribution, and keep operations running under constant pressure. Years of sanctions, coordinated law-enforcement pressure, and rapid public disclosure of campaigns have forced Pyongyang to treat every tool as disposable. Once-static implants are now built with…
-
West Virginia Gives CISO Greater Authority to Lead Statewide Cybersecurity Program
What happened West Virginia approved legislation that gives the state’s chief information security officer greater authority to lead and standardize cybersecurity efforts across state government. Gov. Patrick Morrisey signed the measure on Thursday. The law directs the state’s Cybersecurity Office, led by Leroy Amos within the Office of Technology, to develop statewide cybersecurity policies and…The…
-
ShinyHunters Claims Rebooted BreachForums Now More Secure
Group Resurrects Hacker Site Despite Multiple Law Enforcement Disruptions Drama continues to come fast and furious in BreachForums land, as the ShinyHunters group announced that it’s rebooted the long-running and oft-disrupted forum yet again, just weeks after it got hacked and its databases dumped, leading the previous admin to allegedly exit scam and steal $4,000.…
-
HIPAA I Do Not Think That Word Means What You Say It Means
HIPAA is often used as a shorthand for “no,” but the law is a nuanced permissions framework, not a blanket prohibition. Explore why “HIPAA-compliant” software often enforces a caricature of the actual 45 C.F.R. pt. 164. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/hipaa-i-do-not-think-that-word-means-what-you-say-it-means/
-
State AG Sues Change Healthcare in 2024 Ransomware Attack
Iowa Seeking Civil Monetary Fines, Damages for Alleged Violations. Iowa’s state attorney general is seeking financial damages, civil penalties and improvements to UnitedHealth Group’s data security practices for alleged violations of state and federal laws and other claims involving the 2024 ransomware attack on its Change Healthcare unit. First seen on govinfosecurity.com Jump to article:…
-
French Senate passes bill that would ban children under 15 from social media
If the French effort becomes law, it would make France the first European country to follow Australia’s lead by banning social media for young teenagers. First seen on therecord.media Jump to article: therecord.media/french-senate-passes-bill-child-ban-social-media
-
Employee Data Breaches Surge to Seven-Year High
Analysis from law firm Nockolds suggests non-cyber incidents are driving up employee data breaches First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/employee-data-breaches-surge/
-
Iranian hackers breach FBI director’s personal email, and post his CV and photos online
It’s not every day that you read that the head of America’s top law enforcement agency has been hacked, but then – these aren’t ordinary times. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/iranian-hackers-breach-fbi-directors-personal-email-post-cv-and-photos-online
-
Global Cybercrime Investigations Gain Ground
Stan Duijf of Dutch National Police on Collaborative Law Enforcement. Global law enforcement agencies are shifting tactics to disrupt ransomware earlier in the attack chain. Stan Duijf of the Dutch National Police describes how collaboration, threat intelligence and cryptocurrency seizures are making cybercrime more costly and less effective for criminals. First seen on govinfosecurity.com Jump…
-
Europe Girds for Looming IoT Security Regulations
European Commission Publishes Draft Guidance for Cyber Resilience Act. Key implementation deadlines loom for one of Europe’s most consequential cybersecurity laws and draft guidance from the European Union may help manufacturers comply – up to a point. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/europe-girds-for-looming-iot-security-regulations-a-31249
-
European Parliament rejects extension of CSAM scanning rules for tech platforms
The 311 members of Parliament who voted against an extension did so despite strong support from law enforcement, children’s rights groups, German Chancellor Friedrich Merz, several European commissioners and a half dozen big tech companies to allow the scans to continue. First seen on therecord.media Jump to article: therecord.media/eu-parliament-rejects-csam-scanning-extension
-
Cryptohack Roundup: Hacker Mints $24M From Resolv
Also: SEC Drops BitClout Founder Case, BlockFills Files for Chapter 11. This week, a hacker minted $24M from Resolv, SEC dropped its case against BitClout founder, BlockFills filed for Chapter 11, Bitrefill linked hack to Lazarus, OpenClaw phishing scam hit devs, global law enforcement crackdown on scams and Balancer Labs to wind down after $128M…
-
Russia detains alleged admin of LeakBase cybercrime forum weeks after global crackdown
Russian authorities have detained a suspected administrator of LeakBase, a major online marketplace for stolen data, weeks after U.S. and European law enforcement agencies carried out a global crackdown on the platform. First seen on therecord.media Jump to article: therecord.media/leakbase-russia-admin-arrest-cyber
-
Russian authorities arrest alleged LeakBase admin behind stolen data marketplace
Russian authorities arrested the alleged LeakBase admin for running a marketplace selling stolen data since 2021. Russian law enforcement has arrested the suspected administrator of LeakBase, a cybercrime forum used to trade stolen personal data. The suspect, from Taganrog, is accused of running the platform since 2021. During a search of his home, authorities seized…
-
LeakBase Forum Admin Arrested by Russian Authorities in Global Cybercrime Operation
Russian law enforcement agencies have successfully apprehended the suspected administrator of LeakBase, a prominent international cybercrime forum. The arrest, executed by officers from the Russian Ministry of Internal Affairs (MVD) alongside regional security services in Rostov, marks a significant disruption to the global underground trade of stolen data. The suspect, a resident of Taganrog, is…
-
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday.According to TASS and MVD Media, a news website linked to the Russian Interior Ministry, the suspect is a resident of the city of Taganrog. The suspect is said to have been detained for creating and…
-
Sen. Wyden Warns of Another Section 702 Abuse
Sen. Ron Wyden is warning us of an abuse of Section 702: Wyden took to the Senate floor to deliver a lengthy speech, ostensibly about the since approved (with support of many Democrats) nomination of Joshua Rudd to lead the NSA. Wyden was protesting that nomination, but in the context of Rudd being unwilling to…
-
Treasury asks whether terrorism risk insurance program should bolster cyber coverage
A Federal Register notice seeks public comment on how cyber is covered within a 2002 law and program. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-asks-whether-terrorism-risk-insurance-program-should-bolster-cyber-coverage/
-
Treasury asks whether terrorism risk insurance program should bolster cyber coverage
A Federal Register notice seeks public comment on how cyber is covered within a 2002 law and program. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-asks-whether-terrorism-risk-insurance-program-should-bolster-cyber-coverage/
-
Treasury asks whether terrorism risk insurance program should bolster cyber coverage
A Federal Register notice seeks public comment on how cyber is covered within a 2002 law and program. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-asks-whether-terrorism-risk-insurance-program-should-bolster-cyber-coverage/
-
Tycoon2FA Operators Resume Cloud Account Phishing Following Infrastructure
Tycoon2FA operators have resumed large-scale cloud account phishing just days after law enforcement and industry partners disrupted the platform’s core infrastructure, underscoring the resilience of phishing-as-a-service (PhaaS) ecosystems and the limits of infrastructure-only takedowns. Authorities in Latvia, Lithuania, Portugal, Poland, Spain, and the UK worked with private-sector partners to seize 330 domains used to power…
-
Founder of CoinDCX Arrested Amid Serious Fraud and Cheating Charges
The Indian cryptocurrency sector is currently facing a significant legal and cybersecurity controversy following the recent arrest of prominent CoinDCX executives. Local law enforcement from Mumbra police in Thane apprehended co-founders Sumit Gupta and Neeraj Khandelwal in Bengaluru. Both executives were produced before a court and remanded into police custody, facing charges of criminal breach…
-
Hong Kong police can demand phone and computer passwords under amended national security law
Refusing to comply could lead to year in jail and hefty fine, while providing false information carries up to three years in prisonHong Kong police can now demand that people suspected of breaching the city’s national security law provide mobile phone or computer passwords in a further crackdown on dissent.The amendments to the law also…
-
International police Operation Alice take down 373,000 dark web sites exploiting children
Operation Alice: Police dismantle a massive dark web network with 373,000 fake sites luring users seeking child sexual abuse material. An international law enforcement operation, code named Operation Alice, shut down one of the largest dark web scams, uncovering over 373,000 fake sites tricking users seeking child sexual abuse content. The operation, first investigated in…
-
A Domains Portfolio Belonging to RAMP (Russian Anonymous Marketplace) Forum Members A Compilation
Dear blog readers, In this post I’ll provide actionable intelligence based on the research and analysis which I posted in my previous “Dissecting the RAMP (Russian Anonymous Marketplace) Ransomware Forum – An Analysis” blog post and will provide actionable intelligence on various domain portfolios manage and operated by members of the RAMP (Russian Anonymous Marketplace)…
-
A Compilation of BitCoin Wallet Addresses from the RAMP (Russian Anonymous Marketplace) Forum Members A Compilation
Dear blog readers, In this post I’ll provide actionable intelligence on all the BitCoin wallet addresses from the RAMP (Russian Anonymous Marketplace) forum members with the idea to assist the security community fellow researchers and U.S Law Enforcement on its way to properly track down and prosecute the individuals behind these campaigns. Here’s the compilation:…
-
BSidesSLC 2025 Faces In The Fog Seth Law On Unconventional User Enumeration
Tags: lawAuthor, Creator & Presenter: Seth Law, Founder of Redpoint Security Our thanks to BSidesSLC for publishing their Creators, Authors and Presenter’s outstanding BSidesSLC 2025 content on the Organizations’ YouTube Channel. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/bsidesslc-2025-faces-in-the-fog-seth-law-on-unconventional-user-enumeration/
-
TDL 018 – How To Think, Not What To Think – Mitch Prior
Tags: access, ai, apple, attack, backup, blockchain, business, cctv, china, ciso, cloud, computer, conference, control, credentials, cvss, cyber, cybersecurity, data, defense, detection, exploit, finance, firmware, google, infrastructure, intelligence, Internet, iot, jobs, law, mail, malware, military, network, phone, privacy, resilience, risk, router, software, strategy, switch, technology, threat, tool, vulnerability, wifi, zero-trustThe Human Algorithm in a Zero-Trust World In the latest episode of The Defender’s Log, host David Redekop sits down with cybersecurity expert Mitch Prior to discuss the intersection of high-tech security and human intuition. From their first meeting in 2018″, the early days of Zero Trust”, the duo explores why the “why” behind technical…
-
Police take down 373,000 fake CSAM sites in Operation Alice
An international law enforcement action called Operation Alice has shut down over 373,000 dark web sites that offered fake CSAM packages. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-take-down-373-000-fake-csam-sites-in-operation-alice/