The Record

In October 2024, Amazon disrupted another APT29 operation that attempted to use phishing domains impersonating AWS.

The Cybersecurity and Infrastructure Security Agency announced that Nicholas Andersen has taken over as the executive assistant director for cybersecurity.

The Federal Trade Commission (FTC) announced Disney has agreed to pay $10 million to settle allegations that it collected personal data from children watching YouTube videos without parental notification or consent.

Pennsylvania Attorney General Dave Sunday said his office has made significant progress in recovering from an August 11 cyberattack, and it did not pay a ransom to the intruders.

WhatsApp believes the vulnerability could have been combined with a separate OS-level vulnerability on Apple devices to potentially launch sophisticated attacks against “specific targeted users."

A senior Moscow official said the city hired several hackers who previously launched a cyberattack against the capital’s digital education platform.

Staff at the company's plant in Halewood, near Liverpool, were sent an email early on Monday morning and told not to report for work, according to the Liverpool Echo. The shutdown is expected to continue into Wednesday, the newspaper reported.

Last week, a contract worth €10 million had been awarded to the Spanish multinational Telefónica to use Huawei kit to upgrade the RedIRIS network, effectively more than 16,000km of infrastructure.

In a post mortem of the incident, Baltimore Inspector General Isabel Mercedes Cumming said the city’s accounts payable department had failed to implement corrective measures after previous incidents of fraud and did not have proper protections in place to verify supplier details.

The ransomware ecosystem continues to splinter, with new gangs proliferating in the wake of law enforcement takedowns that have scattered affiliates and prompted criminal rebrands.

The incident began on July 28 and was discovered two days later, TransUnion told the Maine attorney general. A separate filing in Texas shows that Social Security numbers were among the leaked information.

While ransomware gangs traditionally rely on deploying malware to encrypt files, a threat actor’s recent tactics show they no longer need to do that during attacks.

The Cybersecurity and Infrastructure Security Agency, FBI and others are supporting Nevada as it recovers from a cyberattack that has affected a range of state government services.

German prosecutors charged a man with carrying out a damaging cyberattack on Rosneft Deutschland, the German subsidiary of Russia’s state-owned oil giant, in the weeks following Russia's invasion of Ukraine.

The Netherlands announced on Thursday that it was targeted by a Chinese cyber-espionage campaign tracked as Salt Typhoon and RedMike that has been compromising critical infrastructure globally.

The U.S. Treasury Department announced new sanctions targeting key players in North Korea’s ongoing scheme to get its citizens hired as IT workers at American companies.

Flock acknowledged in a Monday blog post that it has engaged in “limited pilots” with CBP and Homeland Security Investigations, the law enforcement division of the Department of Homeland Security. It said the partnerships were meant to bolster the federal agencies’ efforts to fight human trafficking and fentanyl distribution.

Hackers are targeting American industrial firms by contacting them through their website forms, posing as potential business partners before infecting them with malware.

The three companies were accused of providing “cyber-related products and services to China’s intelligence services, including multiple units in the People’s Liberation Army and Ministry of State Security” since at least 2021, according to the advisory.

Spanish police have arrested a university student suspected of hacking the local government’s education management system to alter grades and gain access to professors’ emails.