The Record

The software giant ServiceNow announced that it is acquiring the cyber firm Armis for $7.75 billion.

An organization is looking to develop a first-of-its-kind managed security service provider (MSSP) model tailored specifically for rural water utilities.

The company has begun notifying state regulators about the attack and sending breach notification letters to victims.

SEC lawyers said in a 29-page complaint that the companies ran “investment clubs” on WhatsApp that brought in users from advertisements on social media.

Crooks used fraudulent ads on major search engines to mimic banks and harvest people's login credentials, netting at least $14.6 million, the U.S. authorities said in announcing a takedown of the operation.

Spotify responded to the scraping and upload over the weekend of 86 million tracks from the platform by an open-source group.

France's La Poste confirmed that a distributed denial-of-service (DDoS) attack was the source of problems with its websites and mobile applications.

The campaign surfaced earlier in October after researchers at the New York-based cybersecurity firm Intezer identified a malicious XLL file uploaded to VirusTotal, first from Ukraine and later from Russia.

South Korea will begin requiring facial recognition when signing up for a new mobile phone number in a bid to fight scams, the Ministry of Science and ICT announced.

NSO Group had sought to stay the order pending a decision on its appeal in the case, which centers on allegations that it targeted 1,400 WhatsApp users with its powerful zero-click Pegasus spyware in 2019.

The Justice Department unsealed two indictments charging 54 people for their alleged roles in a campaign to develop and deploy a variant of the Ploutus malware, allowing them to pilfer hundreds of thousands of dollars from ATMs across the U.S.

The university said it detected the incident last week in an online code repository used by its IT teams and quickly secured the system.

One of the alleged developers behind the RaccoonO365 subscription-based phishing kit was arrested by Nigerian police this week.

Russia’s ambassador to Copenhagen, Vladimir Barbin, confirmed to Russian state media on Friday that he had been called to the Danish foreign ministry, but rejected the accusations as unfounded.

The first-of-its-kind temporary restraining order bars Hisense from using automated content recognition (ACR) technology to collect and use, share or sell Texans’ data.

Of the $3.4 billion in crypto stolen from January to December, Chainalysis attributed at least $2.02 billion to North Korean hackers.

Chinese hackers have been exploiting a vulnerability in a popular Cisco email management tool since late November, the company said in an advisory.

In a decision that only affects Pennsylvanians but could have privacy implications elsewhere, the state's Supreme Court ruled that police did not need a warrant to access a rape suspect's Google searches.

In a disclosure to the London Stock Exchange, the the U.K. healthcare IT provider DXS said it discovered a data breach on December 14.

The Paris Prosecutor’s Office said a person had been arrested on charges “including an attack on an automated personal data processing system operated by the State, as part of an organized group.”