Security News

U.S. President Joe Biden has issued an Executive Order that prohibits the mass transfer of citizens' personal data to countries of concern. The Executive Order also "provides safeguards around...

U.S. President Joe Biden has signed an executive order that aims to ban the bulk sale and transfer of Americans' private data to "Countries of concern" such as China, Russia, Iran, North Korea, Cuba, and Venezuela. "Our adversaries are exploiting Americans' sensitive personal data to threaten our national security. They are purchasing this data to use to blackmail and surveil individuals, target those they view as dissidents here in the United States, and engage in other malicious activities," said Attorney General Merrick B. Garland.

US President Joe Biden is expected to sign an executive order today that aims to prevent the sale or transfer of Americans' sensitive personal information and government-related data to adversarial countries including China and Russia. In addition to the executive order, the White House will propose regulations that prohibit companies from directly or indirectly transferring large amounts of certain types of data to so-called "Countries of concern" - China, Russia, North Korea, Iran, Cuba, and Venezuela - according to a senior administration official.

The US regulator filed [PDF] a lengthy complaint against Avast regarding its use and alleged misuse of customer data. According to the FTC's allegations it sold browsing information collected by its parent from 2014 until Avast grounded the biz in 2020 when allegations of customer data sales emerged.

Cybercriminals increasingly use open-source intelligence to craft convincing backstories, often by mining social media profiles for details on a target's profession, interests, and routines. Armed with these personal insights, these malicious actors leverage chatbots to compose highly persuasive messages.

The Caravan and Motorhome Club and the experts it drafted to help clean up the mess caused by a January cyberattack still can't figure out whether members' data was stolen. According to an update shared with members late last week and now published on its website, the CAMC listed all the different types of data that might have been accessed, and all the data that definitely wasn't, but remained firmly on the fence as to whether any theft actually took place.

Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with...

Trezor issued a security alert after identifying a data breach that occurred on January 17 due to unauthorized access to their third-party support ticketing portal. A subset of 66,000 users who have interacted with Trezor Support since December 2021 may have had their names or usernames, and email addresses exposed to an unauthorized party.

One of America's biggest private freight shippers, Estes Express Lines, has told more than 20,000 customers that criminals may have stolen their personal information. "As you may be aware, on October 1, 2023, Estes discovered that an unauthorized threat actor had gained access to a portion of the Company's IT network and deployed ransomware," it said in a letter mailed to 21,184 people [PDF].

MGM Resorts has admitted that the cyberattack it suffered in September will likely cost the company at least $100 million. According to an 8K filing with the Securities and Exchange Commission on Thursday, MGM Resorts said less than $10 million has also been spent on "One-time expenses" such as legal and consultancy fees, and the cost of bringing in third-party experts to handle the incident response.