Security News
And that includes ransomware crims, claims US of alleged sanctions-buster A Russian woman the US accuses of being a career money launderer is the latest to be sanctioned by the country for her...
Three Russian nationals were arrested in New York yesterday on charges of moving electronics components worth millions to sanctioned entities in Russia, pieces of which were later recovered on battlefields in Ukraine. Components "With the same make, model and part number shipped by defendants have been found in seized Russian weapons platforms and signals intelligence equipment in Ukraine," the government alleged.
Top White House officials are working to secure an agreement between almost 50 countries to not pay ransom demands to cybercriminals as the international Counter Ransomware Initiative summit gets underway in Washington DC Tuesday. Second, member governments will also increase their information-sharing capabilities via two dedicated platforms that let countries rapidly exchange threat indicators following ransomware infections.
In a rare display of transparency, US energy services firm BHI Energy details how the Akira ransomware operation breached their networks and stole the data during the attack. In a data breach notification sent by BHI Energy to impacted people, the company provides detailed information on how the Akira ransomware gang breached its network on May 30, 2023.
A Moldovan who allegedly ran the compromised-credential marketplace E-Root has been extradited from the UK to America to stand trial. Sandu Diaconu, 31, along with another individual whose name has been redacted from court documents, allegedly operated the illicit souk selling access to compromised servers worldwide between 2015 and 2020.
If an AI breaks the rules for you, does that count as breaking the rules? This is the essential question being taken up by the Federal Election Commission this month, and public input is needed to curtail the potential for AI to take US campaigns off the rails. Future uses of AI by campaigns go far beyond deepfaked images.
US authorities have issued an urgent plea to network admins to patch the critical vulnerability in Atlassian Confluence Data Center and Server amid ongoing nation-state exploitation. "Due to the ease of exploitation, CISA, FBI, and MS-ISAC expect to see widespread exploitation of unpatched Confluence instances in government and private networks."
For years it seemed as though the construction industry was "Immune" to security attacks, according to a research paper [PDF] by the Association of General Construction of America in 2021. Why? "Threat actors know that the construction industry is in some areas behind in data security and privacy initiatives. This is in large part because this industry, to date, avoided heavy regulation in data security and privacy laws. The limited regulation and guidance in the construction industry may have contributed to less focus on cyber security than in other industries."
A US Navy service member pleaded guilty yesterday to receiving thousands of dollars in bribes from a Chinese spymaster in exchange for passing on American military secrets. Petty Officer Wenheng Zhao, 26, aka Thomas Zhao, of Monterey Park, California, now faces up to 20 years in prison for two federal felony offenses: conspiring with a People's Republic of China intelligence officer, and receiving a bribe.
Opinion The UK Extension to the EU-US Data Privacy Framework will enter into force on October 12, allowing certifying entities to easily transfer personal data from the UK to the US. Transferring personal data across the Atlantic would otherwise be prohibited under the UK General Data Protection Regulation without transfer mechanisms. As the UK is no longer a member of the European Union, the DPF does not automatically enable the transfer of personal data from the UK to the US. Transfers of personal data from the UK will require a Data Bridge.