Collecting Cyber-News from over 60 sources

Tag: law

The 2026 Digital Omnibus

Apr 9, 2026 12:52 AM

Tags: ai, business, compliance, data, framework, law, update

For the better part of a decade, doing business under EU digital law has been challenging, with DDPR, ePrivacy updates, the NUS2 Directive, the AI and Data Acts, and others coming in rapid succession. For organizations already investing heavily in compliance frameworks like CMMC, the prospect of layering on yet another set of requirements has”¦…
Japan relaxes privacy laws to make itself the ‘easiest country to develop AI’

Apr 8, 2026 11:52 PM

Tags: ai, country, data, law, privacy

Opting out of personal data use won’t be an option because Minister says that’s a ‘very big obstacle’ to AI adoption First seen on theregister.com Jump to article: www.theregister.com/2026/04/08/japan_privacy_law_changes_ai/
France Limits Chinese-Made Solar Energy Components

Apr 8, 2026 9:52 PM

Tags: china, cybersecurity, government, law

Paris Backs Protectionism and Cybersecurity Requirements to Keep Out Chinese Firms. France is saying non to Chinese photovoltaic components through a mix of protectionism and cybersecurity requirements as it readies a government-backed program of new solar energy projects. Chinese cybersecurity laws require firms to share key information and generally cooperate with Beijing. First seen on…
How botnet-driven DDoS attacks evolved in 2H 2025

Apr 8, 2026 8:52 PM

Tags: ai, attack, botnet, dark-web, ddos, defense, dns, finance, government, group, infrastructure, intelligence, international, Internet, iot, jobs, law, LLM, mitigation, network, resilience, risk, service, strategy, tactics, threat, tool, usa, vulnerability

Massive attack capacity: Demonstration attacks peaked at 30Tbps and 4 gigapackets per second, primarily launched by Internet of Things (IoT) botnets such as Aisuru and TurboMirai variants.AI integration: The use of AI, including dark-web large language models (LLMs), moved from emerging trend to operational reality, making sophisticated attacks accessible to a wider range of threat actors.Persistent threat…
Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins

Apr 7, 2026 6:51 PM

Tags: dns, international, law, login, microsoft, router

An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/authorities-disrupt-dns-hijacks-used-to-steal-microsoft-365-logins/
Authorities disrupt router DNS hijacks used to steal Microsoft 365 logins

Apr 7, 2026 6:51 PM

Tags: dns, international, law, login, microsoft, router

An international operation from law enforcement authorities in partnership with private companies has disrupted FrostArmada, an APT28 campaign hijacking local traffic from MikroTik and TP-Link routers to steal Microsoft account credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/authorities-disrupt-dns-hijacks-used-to-steal-microsoft-365-logins/
The rise of proactive cyber: Why defense is no longer enough

Apr 7, 2026 12:51 PM

Tags: attack, breach, ciso, control, country, cyber, cybersecurity, defense, framework, google, government, hacking, infrastructure, intelligence, korea, law, microsoft, network, north-korea, risk, threat, tool

What ‘proactive cyber’ means: Despite the more aggressive language, this shift toward private-sector involvement doesn’t envision vigilante-style payback by aggrieved organizations. It instead embraces a more systematic effort to interfere with adversaries earlier in the attack chain using authorities and capabilities that already exist.”To be clear, this is not hacking back,” Joyce said. “This is…
Child Safety at Risk as EU CSAM Detection Law Lapses, Reporting Concerns Rise

Apr 7, 2026 10:51 AM

Tags: detection, exploit, law, risk

A growing surge in CSAM (Child Sexual Abuse Material) circulating online has become an urgent concern for authorities and child protection organizations across the EU. As digital platforms continue to play a central role in communication, the challenge of tackling child sexual exploitation has intensified. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/eu-csam-law-gap-child-sexual-exploitation-risk/
New Mexico’s Meta Ruling and Encryption

Apr 6, 2026 10:51 PM

Tags: access, encryption, framework, law

Mike Masnick points out that the recent New Mexico court ruling against Meta has some bad implications for end-to-end encryption, and security in general: If the “design choices create liability” framework seems worrying in the abstract, the New Mexico case provides a concrete example of where it leads in practice. One of the key pieces…
Big tech vows to continue CSAM scanning in Europe despite expiration of law allowing it

Apr 6, 2026 9:52 PM

Tags: google, law, microsoft, privacy

Microsoft, Google, Meta and Snapchat released a statement on Friday saying they “reaffirm their continued commitment to protecting children and preserving privacy, and will continue to take voluntary action” to complete the scans. First seen on therecord.media Jump to article: therecord.media/big-tech-vows-to-continue-csam-scanning
North Korea’s Modular Malware Strategy Hides Attribution, Defies Takedowns

Apr 6, 2026 1:51 PM

Tags: cyber, korea, law, malware, north-korea, strategy, tool

North Korea’s cyber program is shifting from monolithic “families” to a modular, portfolio-style malware ecosystem designed to survive exposure, frustrate attribution, and keep operations running under constant pressure. Years of sanctions, coordinated law-enforcement pressure, and rapid public disclosure of campaigns have forced Pyongyang to treat every tool as disposable. Once-static implants are now built with…
West Virginia Gives CISO Greater Authority to Lead Statewide Cybersecurity Program

Apr 5, 2026 5:50 AM

Tags: ciso, cybersecurity, law, office, technology

What happened West Virginia approved legislation that gives the state’s chief information security officer greater authority to lead and standardize cybersecurity efforts across state government. Gov. Patrick Morrisey signed the measure on Thursday. The law directs the state’s Cybersecurity Office, led by Leroy Amos within the Office of Technology, to develop statewide cybersecurity policies and…The…
ShinyHunters Claims Rebooted BreachForums Now More Secure

Apr 3, 2026 11:52 PM

Tags: group, hacker, law, scam

Group Resurrects Hacker Site Despite Multiple Law Enforcement Disruptions Drama continues to come fast and furious in BreachForums land, as the ShinyHunters group announced that it’s rebooted the long-running and oft-disrupted forum yet again, just weeks after it got hacked and its databases dumped, leading the previous admin to allegedly exit scam and steal $4,000.…
HIPAA I Do Not Think That Word Means What You Say It Means

Apr 3, 2026 1:51 PM

Tags: framework, HIPAA, law, software

HIPAA is often used as a shorthand for “no,” but the law is a nuanced permissions framework, not a blanket prohibition. Explore why “HIPAA-compliant” software often enforces a caricature of the actual 45 C.F.R. pt. 164. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/hipaa-i-do-not-think-that-word-means-what-you-say-it-means/
When Your Own Eyes Turn Against You: How Compromised Security Cameras and IoT/OT Devices Become Tools for Your Attackers

Apr 3, 2026 1:51 AM

Tags: access, advisory, attack, botnet, cctv, china, cloud, control, corporate, credentials, cyber, cyberattack, cybersecurity, dark-web, data, data-breach, defense, detection, endpoint, espionage, exploit, finance, firmware, flaw, government, group, hacking, healthcare, infrastructure, intelligence, international, Internet, iot, iran, law, linux, malware, network, office, privacy, ransomware, resilience, risk, russia, service, supply-chain, technology, threat, tool, ukraine, unauthorized, update, vpn, vulnerability, warfare, windows, zero-day, zero-trust

TL;DR Security cameras, IoT, and OT devices that are meant to protect us, are easily compromised and turned against defenders, enabling nation-state reconnaissance (Iranian hacks on Hikvision/Dahua cameras during strikes, Russian webcam abuse in Ukraine), espionage via exposed live feeds, ransomware pivots (Akira group bypassing EDR), massive botnets (Mirai/Eleven11bot), and physical disruption. Structural weaknesses like…
State AG Sues Change Healthcare in 2024 Ransomware Attack

Apr 2, 2026 11:53 PM

Tags: attack, data, finance, group, healthcare, law, ransomware

Iowa Seeking Civil Monetary Fines, Damages for Alleged Violations. Iowa’s state attorney general is seeking financial damages, civil penalties and improvements to UnitedHealth Group’s data security practices for alleged violations of state and federal laws and other claims involving the 2024 ransomware attack on its Change Healthcare unit. First seen on govinfosecurity.com Jump to article:…
French Senate passes bill that would ban children under 15 from social media

Apr 2, 2026 7:51 PM

Tags: country, law

If the French effort becomes law, it would make France the first European country to follow Australia’s lead by banning social media for young teenagers. First seen on therecord.media Jump to article: therecord.media/french-senate-passes-bill-child-ban-social-media
Employee Data Breaches Surge to Seven-Year High

Mar 31, 2026 2:30 PM

Tags: breach, cyber, data, incident, law

Analysis from law firm Nockolds suggests non-cyber incidents are driving up employee data breaches First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/employee-data-breaches-surge/
Iranian hackers breach FBI director’s personal email, and post his CV and photos online

Mar 31, 2026 10:29 AM

Tags: breach, email, hacker, iran, law, usa

It’s not every day that you read that the head of America’s top law enforcement agency has been hacked, but then – these aren’t ordinary times. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/iranian-hackers-breach-fbi-directors-personal-email-post-cv-and-photos-online
Global Cybercrime Investigations Gain Ground

Mar 31, 2026 7:32 AM

Tags: attack, crypto, cybercrime, intelligence, law, ransomware, tactics, threat

Stan Duijf of Dutch National Police on Collaborative Law Enforcement. Global law enforcement agencies are shifting tactics to disrupt ransomware earlier in the attack chain. Stan Duijf of the Dutch National Police describes how collaboration, threat intelligence and cryptocurrency seizures are making cybercrime more costly and less effective for criminals. First seen on govinfosecurity.com Jump…
Europe Girds for Looming IoT Security Regulations

Mar 27, 2026 11:30 PM

Tags: cyber, cybersecurity, iot, law, regulation, resilience

European Commission Publishes Draft Guidance for Cyber Resilience Act. Key implementation deadlines loom for one of Europe’s most consequential cybersecurity laws and draft guidance from the European Union may help manufacturers comply – up to a point. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/europe-girds-for-looming-iot-security-regulations-a-31249
European Parliament rejects extension of CSAM scanning rules for tech platforms

Mar 27, 2026 10:30 PM

Tags: group, law

The 311 members of Parliament who voted against an extension did so despite strong support from law enforcement, children’s rights groups, German Chancellor Friedrich Merz, several European commissioners and a half dozen big tech companies to allow the scans to continue. First seen on therecord.media Jump to article: therecord.media/eu-parliament-rejects-csam-scanning-extension
Cryptohack Roundup: Hacker Mints $24M From Resolv

Mar 26, 2026 5:46 PM

Tags: hacker, law, lazarus, phishing, scam

Also: SEC Drops BitClout Founder Case, BlockFills Files for Chapter 11. This week, a hacker minted $24M from Resolv, SEC dropped its case against BitClout founder, BlockFills filed for Chapter 11, Bitrefill linked hack to Lazarus, OpenClaw phishing scam hit devs, global law enforcement crackdown on scams and Balancer Labs to wind down after $128M…
Russia detains alleged admin of LeakBase cybercrime forum weeks after global crackdown

Mar 26, 2026 2:47 PM

Tags: breach, cybercrime, data, law, marketplace, russia

Russian authorities have detained a suspected administrator of LeakBase, a major online marketplace for stolen data, weeks after U.S. and European law enforcement agencies carried out a global crackdown on the platform. First seen on therecord.media Jump to article: therecord.media/leakbase-russia-admin-arrest-cyber
Russian authorities arrest alleged LeakBase admin behind stolen data marketplace

Mar 26, 2026 11:46 AM

Tags: breach, cybercrime, data, law, marketplace, russia

Russian authorities arrested the alleged LeakBase admin for running a marketplace selling stolen data since 2021. Russian law enforcement has arrested the suspected administrator of LeakBase, a cybercrime forum used to trade stolen personal data. The suspect, from Taganrog, is accused of running the platform since 2021. During a search of his home, authorities seized…
LeakBase Forum Admin Arrested by Russian Authorities in Global Cybercrime Operation

Mar 26, 2026 8:46 AM

Tags: breach, cyber, cybercrime, international, law, russia, service

Russian law enforcement agencies have successfully apprehended the suspected administrator of LeakBase, a prominent international cybercrime forum. The arrest, executed by officers from the Russian Ministry of Internal Affairs (MVD) alongside regional security services in Rostov, marks a significant disruption to the global underground trade of stolen data. The suspect, a resident of Taganrog, is…
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace

Mar 25, 2026 7:47 PM

Tags: breach, credentials, cybercrime, law, marketplace, russia

The alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday.According to TASS and MVD Media, a news website linked to the Russian Interior Ministry, the suspect is a resident of the city of Taganrog. The suspect is said to have been detained for creating and…
Sen. Wyden Warns of Another Section 702 Abuse

Mar 25, 2026 2:47 PM

Tags: law, privacy

Sen. Ron Wyden is warning us of an abuse of Section 702: Wyden took to the Senate floor to deliver a lengthy speech, ostensibly about the since approved (with support of many Democrats) nomination of Joshua Rudd to lead the NSA. Wyden was protesting that nomination, but in the context of Rudd being unwilling to…
Treasury asks whether terrorism risk insurance program should bolster cyber coverage

Mar 24, 2026 4:47 PM

Tags: cyber, insurance, law, risk, terrorism

A Federal Register notice seeks public comment on how cyber is covered within a 2002 law and program. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-asks-whether-terrorism-risk-insurance-program-should-bolster-cyber-coverage/
Treasury asks whether terrorism risk insurance program should bolster cyber coverage

Mar 24, 2026 4:47 PM

Tags: cyber, insurance, law, risk, terrorism

A Federal Register notice seeks public comment on how cyber is covered within a 2002 law and program. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-asks-whether-terrorism-risk-insurance-program-should-bolster-cyber-coverage/