Breaking News
Categories
- AI
- Analysis
- China
- Expert Opinions
- Featured
- Gambling
- Latest News
- LockBit
- News
- Aerospace
- Apple
- Arrest
- Automotive
- Big Tech
- Breaking News
- Business Email Compromise
- China
- Chip Technology
- Climate
- Cryptocurrency
- Cyber Budget
- Cyber Espionage
- Cyber M&A
- cybercrime
- Cybersecurity Events
- Data Leak
- deepfake
- Energy Sector
- Ethiopia
- European Union
- Finance
- France
- Geopolitics
- Government
- Hacktivism
- Healthcare
- Human Error
- India
- Investment Scam
- Iran
- Israel Conflict
- Malicious Bots
- Malware
- North Korea
- Norton
- One Minute Roundup
- Personal Services
- Phishing
- ransomware
- Retail
- Russia
- SEC
- SMB
- Social Media
- Spyware
- Sri Lanka
- Supply Chain
- Surveillance
- Taiwan
- Telecommunications
- VPN
- Vulnerability
- Wire Fraud
- Workforce Cyber
- One Minute Roundup
- sextortion
- Space
- Spyware
- Threat Intelligence
- Trends
- Uncategorized
The coming St Valentine’s Day cyber-massacre
This coming Friday is St Valentine’s Day and cybercriminals all over the world are rubbing their hands together with glee at the harvest they intend to reap. Developments in artificial intelligence and the widespread availability of off-the-shelf cybercrime software have enabled a new generation of cyber-scams specifically designed around St Valentine’s Day. In the recent past, cybercriminals typically used February 14th as an excuse to introduce themselves to lonely people with a view to patiently winning their victims’ trust in the short-term and cruelly robbing them of their savings in the longer term.
The rising costs of DORA compliance
The European Digital Operational Resilience Act (DORA), which came into force on Friday, January 17, is already having unforeseen costs for organizations right across the financial sector. Although the act is the brainchild of the European Union (EU), the financial services industry has been global for some years, and firms in the US and the UK are also impacted. As of Friday, the new regulations now also apply to US companies providing financial services within the EU or catering to EU customers. California-based cybersecurity company Rubrik has commissioned research that almost half of UK financial businesses report spending over €1 million each over the last two years in trying to comply with the new EU regulation. DORA mandates key provisions such as contractual safeguards and contingency plans to mitigate risks from partners and third parties. DORA compliance also requires regular testing of digital resilience and attack simulations.
Marriott to pay $52m fine for 300m customer data breaches
Marriott International has agreed to pay a $52 million fine for cyber-negligence resulting in data breaches affecting over 300 million of its customers worldwide, representing a fine of less than two cents per customer. The US Federal Trade Commission and attorney generals from 49 states ran parallel investigations into three data breaches which took place between 2014 and 2020. Cybercriminals were able to steal the passport information, payment card numbers, loyalty numbers, dates of birth, email addresses plus personal information from hundreds of millions of customers.
German Intelligence warns of Russian cyber-attacks
The cyber cold war just became a little warmer, with German Intelligence now publicly crying foul on Monday at Russia for online attacks stretching back to 2020. Germany’s Bundesverfassungsschutz has issued a strong warning against a cyber group belonging to Russian military intelligence (GRU) Unit 29155, which was linked to the 2018 poisonings of a former Russian double agent and his daughter in the UK, claiming that the unit has also been active in carrying out cyberattacks against NATO and EU countries.
Brussels backs down on mass surveillance
The European Union (EU) Council has made a last-minute withdrawal of the EU’s highly controversial planned “Chat Control” legislation, which was due to vote yesterday. This would have effectively introduced mass digital surveillance by means of fully automated real-time monitoring of all messaging and chats. The EU would appear to finally have heeded the harsh warnings that have been coming from the cybersecurity and communication sectors since the controversial ruling was first proposed in 2022. For the six months prior to Thursday’s decision, the EU Belgian Council presidency has been sitting on a deadlock between EU countries. Germany and Poland have heeded privacy experts' warnings of a potential police state. But Ireland and Spain are pressing for draconian new online laws to fight a rise in online child sexual abuse material that has grown since the start of Europe’s widespread lockdowns two and a half years ago.
Secret Service Hot on the Trail of Cybercriminal “Stalin”
The United States Secret Service is doubling down on the search for cybercriminal “Stalin.” On August 26, 2024, the U.S Department of State partnered with the US Secret Service to put out a bounty of up to $2.5 million for information leading to the arrest of Belarusian hacker Volodymyr Kadariya, sometimes going by the alias “Stalin.” Kadariya was allegedly part of a malicious advertising (“malvertising”) ring responsible for transmitting the Angler Exploit Kit, a toolkit utilized by threat actors to exploit vulnerabilities in a system or code.
Brussels plots mass EU digital surveillance
While the world’s attention is focused on the arrest of Telegram owner, Pavel Durov, and Brazil’s decision to ban Elon Musk’s X platform ( formerly Twitter), the European Union (EU) Council in Brussels is hoping to quietly greenlight the EU’s proposed controversial “Chat Control” legislation. On Thursday, the EU is due to vote on planned legislation intended to introduce mass digital surveillance by means of fully automated real-time monitoring of messaging and chats, marking the end of private digital correspondence. Ostensibly, the proposal aims to prevent the online dissemination of child sexual abuse material. But there are growing concerns that the controversial new ruling will extend far beyond arresting purveyors of child porn and be used for the full-scale state-monitoring of personal and business communications in Europe and beyond.
Telegram chief’s arrest ignites global cyber-war
In the wake of Telegram owner and founder Pavel Durov’s shock arrest in Paris on Saturday, the French state is being hit by a growing wave of cyber-attacks designed to cause maximum embarrassment to beleaguered French president Emmanuel Macron. Durov was released from police custody in France on Wednesday and has been transferred to court for questioning ahead of a possible indictment that could result in a long prison sentence. A post on X by SaxX, reportedly the nom de Twitter of cybersecurity consultant Clément Domingo, listed 10 websites in France that bore the brunt of the first wave of cyber-attacks orchestrated by a new online hacktivist group, #opDurov.
The EU bares its teeth – again
The EU has bared its cyber teeth for the second time in a week. Hard on the heels of the arrest of Telegram founder and owner, Pavel Kurov, Uber has been slapped with a $290 million fine for allegedly violating the European Union (EU)’s General Data Protection Regulation (GDPR) by failing to protect personal data of European taxi drivers held on servers located in the US. The Dutch Data Protection Authority (DPA) enforced the regulation by imposing a fine on Uber, which transmitted European drivers’ personal data to the US, including drivers’ account details, taxi licenses, location data, photos, payment details, identity documents and, in some cases, even criminal records and medical data.