Tag: law

SonicWall blames state-sponsored hackers for September security breach

Nov 6, 2025 12:19 AM

Tags: access, backup, breach, credentials, cybersecurity, firewall, hacker, law

Cybersecurity firm SonicWall attributed the September security breach exposing firewall configuration files to state-sponsored hackers. In September, SonicWall urged customers to reset credentials after firewall backup files tied to MySonicWall accounts were exposed. The company announced it had blocked attackers’ access and was working with cybersecurity experts and law enforcement agencies to determine the scope…
Centraleyes AI Framework (CAIF)

Nov 5, 2025 10:20 AM

Tags: ai, compliance, control, framework, governance, law, tool

What is the CAIF? The Centraleyes AI Framework (CAIF) is a comprehensive compliance and governance tool designed to help organizations meet the diverse and rapidly evolving regulatory requirements surrounding artificial intelligence. It consolidates questions and controls from multiple AI laws and regulatory regimes across the globe including the EU AI Act (Minimal and Limited… First…
Centraleyes AI Framework (CAIF)

Nov 5, 2025 10:20 AM

Tags: ai, compliance, control, framework, governance, law, tool

What is the CAIF? The Centraleyes AI Framework (CAIF) is a comprehensive compliance and governance tool designed to help organizations meet the diverse and rapidly evolving regulatory requirements surrounding artificial intelligence. It consolidates questions and controls from multiple AI laws and regulatory regimes across the globe including the EU AI Act (Minimal and Limited… First…
European Authorities Dismantle Euro600 Million Crypto Fraud Network in Global Sweep

Nov 5, 2025 8:19 AM

Tags: crypto, fraud, germany, law, network

Nine people have been arrested in connection with a coordinated law enforcement operation that targeted a cryptocurrency money laundering network that defrauded victims of Euro600 million (~$688 million).According to a statement released by Eurojust today, the action took place between October 27 and 29 across Cyprus, Spain, and Germany, with the suspects arrested on charges…
How crooks use IT to enable cargo theft

Nov 5, 2025 5:19 AM

Tags: access, ai, api, attack, authentication, awareness, breach, business, control, crime, cyber, cybersecurity, data, detection, email, endpoint, finance, fraud, government, group, incident response, infosec, infrastructure, insurance, Internet, jobs, law, login, mfa, network, password, phishing, privacy, risk, skills, smishing, social-engineering, supply-chain, technology, theft, threat, tool, training, vulnerability

Value of stolen shipments has doubled: It’s hard to determine the size of this IT-related cargo theft problem. The US National Insurance Crime Bureau estimates cargo theft losses from all sources increased 27% last year compared to 2023, to $35 billion.Versik CargoNet, a company that tracks physical supply chain crime for law enforcement agencies, insurance…
How crooks use IT to enable cargo theft

Nov 5, 2025 5:19 AM

Tags: access, ai, api, attack, authentication, awareness, breach, business, control, crime, cyber, cybersecurity, data, detection, email, endpoint, finance, fraud, government, group, incident response, infosec, infrastructure, insurance, Internet, jobs, law, login, mfa, network, password, phishing, privacy, risk, skills, smishing, social-engineering, supply-chain, technology, theft, threat, tool, training, vulnerability

Value of stolen shipments has doubled: It’s hard to determine the size of this IT-related cargo theft problem. The US National Insurance Crime Bureau estimates cargo theft losses from all sources increased 27% last year compared to 2023, to $35 billion.Versik CargoNet, a company that tracks physical supply chain crime for law enforcement agencies, insurance…
FBI Warns of Criminals Posing as ICE, Urges Agents to ID Themselves

Nov 4, 2025 9:20 PM

Tags: exploit, law

In a bulletin to law enforcement agencies, the FBI said criminal impersonators are exploiting ICE’s image and urged nationwide coordination to distinguish real operations from fakes. First seen on wired.com Jump to article: www.wired.com/story/fbi-warns-of-criminals-posing-as-ice-urges-agents-to-id-themselves/
Phone location data of top EU officials for sale, report finds

Nov 4, 2025 7:19 PM

Tags: data, law, phone, spy

Journalists in Europe found it was “easy” to spy on top European Union officials using commercially obtained location data sold by data brokers, despite the continent having some of the strongest data protection laws in the world. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/04/phone-location-data-of-top-eu-officials-for-sale-report-finds/
Europol and Eurojust Dismantle Euro600 Million Crypto Fraud Network in Global Sweep

Nov 4, 2025 6:22 PM

Tags: crypto, fraud, germany, law, network

Nine people have been arrested in connection with a coordinated law enforcement operation that targeted a cryptocurrency money laundering network that defrauded victims of Euro600 million (~$688 million).According to a statement released by Eurojust today, the action took place between October 27 and 29 across Cyprus, Spain, and Germany, with the suspects arrested on charges…
China Updates Cybersecurity Law to Address AI and Infrastructure Risks

Nov 4, 2025 4:19 PM

Tags: ai, china, cybersecurity, infrastructure, law, risk, update

China has announced amendments to its First seen on thecyberexpress.com Jump to article: thecyberexpress.com/china-updates-csl/
Police arrests suspects linked to Euro600 million crypto fraud ring

Nov 4, 2025 4:19 PM

Tags: crypto, fraud, law, network

European law enforcement authorities have arrested nine suspected money launderers who set up a cryptocurrency fraud network that stole over Euro600 million ($689 million) from victims across multiple countries. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/european-police-dismantles-600-million-crypto-investment-fraud-ring/
Police arrests suspects linked to Euro600 million crypto fraud ring

Nov 4, 2025 4:19 PM

Tags: crypto, fraud, law, network

European law enforcement authorities have arrested nine suspected money launderers who set up a cryptocurrency fraud network that stole over Euro600 million ($689 million) from victims across multiple countries. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/european-police-dismantles-600-million-crypto-investment-fraud-ring/
Cybersecurity experts charged with running BlackCat ransomware operation

Nov 4, 2025 3:19 PM

Tags: attack, breach, computer, crypto, cybersecurity, extortion, finance, group, healthcare, incident response, law, network, office, psychology, ransom, ransomware, risk, service, threat

The victims and the demands: The indictment cited at least five victim organizations: a Florida medical-device company, a Maryland pharmaceutical manufacturer, a California doctor’s office, a California engineering firm, and a Virginia-based drone company. On May 13, 2023, the conspirators allegedly attacked the Florida firm, demanding $10 million and receiving roughly $1.27 million in cryptocurrency.…
Cybersecurity experts charged with running BlackCat ransomware operation

Nov 4, 2025 3:19 PM

Tags: attack, breach, computer, crypto, cybersecurity, extortion, finance, group, healthcare, incident response, law, network, office, psychology, ransom, ransomware, risk, service, threat

The victims and the demands: The indictment cited at least five victim organizations: a Florida medical-device company, a Maryland pharmaceutical manufacturer, a California doctor’s office, a California engineering firm, and a Virginia-based drone company. On May 13, 2023, the conspirators allegedly attacked the Florida firm, demanding $10 million and receiving roughly $1.27 million in cryptocurrency.…
NSFOCUS in SAS 2025: Unveiling Secrets Behind Large-Scale DDoS Attacks on AI Platform and Social Media

Nov 4, 2025 8:19 AM

Tags: ai, apt, attack, cyber, cybersecurity, data-breach, ddos, hacking, law, network, risk

SANTA CLARA, Calif., November 4, 2025 The 18th Global Security Analyst Summit (SAS) concluded successfully in Khao Lak, Thailand. Focused on the complexity of APT attacks, the summit exposed the latest attack activities from Hacking Team and disclosed multiple major security risk incidents. It gathered top global cybersecurity experts, academic elites, and law enforcement representatives to…The…
NSFOCUS in SAS 2025: Unveiling Secrets Behind Large-Scale DDoS Attacks on AI Platform and Social Media

Nov 4, 2025 8:19 AM

Tags: ai, apt, attack, cyber, cybersecurity, data-breach, ddos, hacking, law, network, risk

SANTA CLARA, Calif., November 4, 2025 The 18th Global Security Analyst Summit (SAS) concluded successfully in Khao Lak, Thailand. Focused on the complexity of APT attacks, the summit exposed the latest attack activities from Hacking Team and disclosed multiple major security risk incidents. It gathered top global cybersecurity experts, academic elites, and law enforcement representatives to…The…
Lawmakers say stolen police logins are exposing Flock surveillance cameras to hackers

Nov 4, 2025 12:19 AM

Tags: authentication, breach, cctv, hacker, law, login, mfa

Flock said around 3% of its law enforcement customers do not use multi-factor authentication, potentially exposing dozens of law enforcement agency accounts open to compromise and improper access. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/03/lawmakers-say-stolen-police-logins-are-exposing-flock-surveillance-cameras-to-hackers/
Lawmakers say stolen police logins are exposing Flock surveillance cameras to hackers

Nov 4, 2025 12:19 AM

Tags: authentication, breach, cctv, hacker, law, login, mfa

Flock said around 3% of its law enforcement customers do not use multi-factor authentication, potentially exposing dozens of law enforcement agency accounts open to compromise and improper access. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/03/lawmakers-say-stolen-police-logins-are-exposing-flock-surveillance-cameras-to-hackers/
Standing to Sue The Elephant in the Room

Nov 3, 2025 12:19 PM

Tags: data, data-breach, insurance, law, privacy, theft

When Elephant Insurance was hacked and millions of driver’s license numbers were exposed, the Fourth Circuit confronted a crucial privacy law dilemma: Is data theft alone enough to sue, or must harm be public and provable? This case exposes how U.S. courts still undervalue privacy in the digital age, and why the elephant in the…
Standing to Sue The Elephant in the Room

Nov 3, 2025 12:19 PM

Tags: data, data-breach, insurance, law, privacy, theft

When Elephant Insurance was hacked and millions of driver’s license numbers were exposed, the Fourth Circuit confronted a crucial privacy law dilemma: Is data theft alone enough to sue, or must harm be public and provable? This case exposes how U.S. courts still undervalue privacy in the digital age, and why the elephant in the…
Standing to Sue The Elephant in the Room

Nov 3, 2025 12:19 PM

Tags: data, data-breach, insurance, law, privacy, theft

When Elephant Insurance was hacked and millions of driver’s license numbers were exposed, the Fourth Circuit confronted a crucial privacy law dilemma: Is data theft alone enough to sue, or must harm be public and provable? This case exposes how U.S. courts still undervalue privacy in the digital age, and why the elephant in the…
TDL 008 – Defending the Frontline: Ransomware, AI, and Real-World Lessons

Nov 3, 2025 5:19 AM

Tags: access, ai, attack, authentication, awareness, backup, breach, business, ceo, ciso, computer, country, crime, cyber, cybersecurity, data, deep-fake, email, exploit, extortion, finance, firewall, framework, fraud, government, group, guide, healthcare, ibm, incident, incident response, infrastructure, insurance, intelligence, law, mfa, microsoft, penetration-testing, phone, powershell, ransom, ransomware, risk, russia, scam, service, social-engineering, strategy, tactics, technology, theft, threat, tool, training, vpn, vulnerability, zero-day

Summary In this episode of “The Defender’s Log,” host David Redekop interviews Alexander Rau, a cybersecurity partner at KPMG, about the evolving incident response (IR) landscape. Rau notes that the past summer was exceptionally busy for IR, driven largely by zero-day firewall vulnerabilities. He highlights that threat actors are innovating, even using AI chatbots for…
TDL 008 – Defending the Frontline: Ransomware, AI, and Real-World Lessons

Nov 3, 2025 5:19 AM

Tags: access, ai, attack, authentication, awareness, backup, breach, business, ceo, ciso, computer, country, crime, cyber, cybersecurity, data, deep-fake, email, exploit, extortion, finance, firewall, framework, fraud, government, group, guide, healthcare, ibm, incident, incident response, infrastructure, insurance, intelligence, law, mfa, microsoft, penetration-testing, phone, powershell, ransom, ransomware, risk, russia, scam, service, social-engineering, strategy, tactics, technology, theft, threat, tool, training, vpn, vulnerability, zero-day

Summary In this episode of “The Defender’s Log,” host David Redekop interviews Alexander Rau, a cybersecurity partner at KPMG, about the evolving incident response (IR) landscape. Rau notes that the past summer was exceptionally busy for IR, driven largely by zero-day firewall vulnerabilities. He highlights that threat actors are innovating, even using AI chatbots for…
Cybersecurity Snapshot: Top Guidance for Improving AI Risk Management, Governance and Readiness

Oct 31, 2025 7:19 PM

Tags: access, ai, api, attack, awareness, breach, business, ceo, cloud, compliance, computer, control, corporate, crime, cryptography, cyber, cybersecurity, data, data-breach, encryption, exploit, finance, framework, germany, google, governance, guide, hacking, ibm, identity, india, infrastructure, intelligence, jobs, law, leak, metric, microsoft, network, penetration-testing, privacy, risk, risk-management, scam, security-incident, skills, strategy, technology, threat, tool, training, vulnerability, vulnerability-management

Many organizations are playing catch-up in key AI security policy areas, such as usage governance, risk oversight, data protection, and staff training. In this Cybersecurity Snapshot special edition, we round up recent guidance on preparing for, managing and governing AI cyber risks. Key takeaways Most organizations’ AI adoption is dangerously outpacing their security strategies and…
Cybersecurity Snapshot: Top Guidance for Improving AI Risk Management, Governance and Readiness

Oct 31, 2025 7:19 PM

Tags: access, ai, api, attack, awareness, breach, business, ceo, cloud, compliance, computer, control, corporate, crime, cryptography, cyber, cybersecurity, data, data-breach, encryption, exploit, finance, framework, germany, google, governance, guide, hacking, ibm, identity, india, infrastructure, intelligence, jobs, law, leak, metric, microsoft, network, penetration-testing, privacy, risk, risk-management, scam, security-incident, skills, strategy, technology, threat, tool, training, vulnerability, vulnerability-management

Many organizations are playing catch-up in key AI security policy areas, such as usage governance, risk oversight, data protection, and staff training. In this Cybersecurity Snapshot special edition, we round up recent guidance on preparing for, managing and governing AI cyber risks. Key takeaways Most organizations’ AI adoption is dangerously outpacing their security strategies and…
Sling TV settles with California for allegedly violating state consumer privacy law

Oct 31, 2025 4:19 PM

Tags: law, privacy, service

Streaming service Sling TV will pay a $530,000 civil penalty to the state of California and make changes to how customers can opt-out of the sale of their data. First seen on therecord.media Jump to article: therecord.media/sling-tv-california-data-protection-settlement
US Stands Out in Refusal to Sign UN Cybercrime Treaty

Oct 31, 2025 4:19 PM

Tags: cybercrime, law

The agreement aims to help law enforcement prosecute cross-border cybercrime, but the final treaty could allow unchecked surveillance and human-rights abuses, critics say; and, it includes no protection for pen-testers. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/us-refuses-sign-un-cybercrime-treaty
Denmark reportedly withdraws Chat Control proposal following controversy

Oct 30, 2025 8:19 PM

Tags: control, law

Earlier in its European Council presidency, Denmark had brought back a draft law which would have required scanning of electronic messages, sparking an intense backlash. First seen on therecord.media Jump to article: therecord.media/demark-reportedly-withdraws-chat-control-proposal
Denmark reportedly withdraws Chat Control proposal following controversy

Oct 30, 2025 8:19 PM

Tags: control, law

Earlier in its European Council presidency, Denmark had brought back a draft law which would have required scanning of electronic messages, sparking an intense backlash. First seen on therecord.media Jump to article: therecord.media/demark-reportedly-withdraws-chat-control-proposal
Tips for CISOs switching between industries

Oct 30, 2025 4:19 PM

Tags: breach, ceo, ciso, corporate, country, cyber, cybersecurity, data, data-breach, defense, finance, healthcare, identity, jobs, law, mobile, office, risk, service, skills

Understand and demonstrate achieved results: Making the jump into a new industry isn’t about matching past job titles but about proving you can create impact in a new context. DiMarco says the key is to demonstrate relevance early.”When I pitch a candidate, I explain what they did, how they did it, and what their impact…