The Record

Two U.K. teenagers pleaded not guilty to hacking the Transport for London agency in 2024 — an attack attributed to the Scattered Spider cybercrime group.

The NCA on Friday confirmed that a money laundering network under investigation was used to purchase Keremet Bank in Kyrgyzstan, which was sanctioned earlier this year.

Salesforce posted a message on its website saying an investigation revealed that the activity “may have enabled unauthorized access to certain customers’ Salesforce data through the app’s connection.”

The report, which is based on an investigation begun by the Privacy and Civil Liberties Oversight Board (PCLOB) in 2017, provides an overview of what open-source information the FBI consults in such investigations.

The malware can monitor everything displayed on a phone in real time — including contacts, full message threads and the content of encrypted chats — by accessing data after it has been decrypted by legitimate apps.

The Republican-led FCC voted to remove cybersecurity rules for telecom companies that were put in place before Donald Trump's inauguration as a response to 2024 breaches attributed to state-backed Chinese hackers.

A bipartisan congressional duo introduced legislation that would beef up cybersecurity protections at the Securities and Exchange Commission.

Thirty investigators from 15 countries took part in the five-day crackdown earlier this month targeting 69 digital piracy sites, including 25 illegal streaming services whose information was referred to cryptocurrency platforms for disruption.

A popular Russian bulletproof hosting service provider named Media Land was sanctioned by the U.S. Treasury and international partners for its alleged support of ransomware gangs and other cybercriminal operations.

The Ontario and Alberta information and privacy commissioners’ reports fault the school systems for several missteps, including not putting privacy and security related provisions in their contracts with the education software firm.

Under the proposal, the EU would weaken data protection rules by delaying when regulations governing high-risk AI systems take effect and allowing companies to use personal data for AI training without prior consent from users in most circumstances.

The threat group PlushDaemon uses routers and other network device implants to redirect domain name system (DNS) queries to malicious external servers which take over updates to unleash tools used for cyberespionage.

News that the Airlines Reporting Corporation (ARC) will shut down its controversial Travel Intelligence Program (TIP) surfaced in a letter ARC CEO Lauri Reishus sent to a bipartisan group of lawmakers on Tuesday.

A "specific overseas facility" fell prey to a ransomware attack but is now operating normally, according to LG Energy Solution — the South Korean multinational's battery-making subsidiary.

Officials at the Congressional Budget Office “have not observed further evidence of unauthorized access" to the legislative branch agency's systems, Director Phillip Swagel told lawmakers.

Voting was not disrupted Tuesday by a wave of DDoS incidents affecting political party and government websites in Denmark a day earlier, officials said.

The upcoming strategy would contain six “pillars” — with one focused on “shaping adversary behavior” and another on public-private partnerships, Sean Cairncross said.

The PILLAR Act, which would renew federal cybersecurity grants to state and local governments through 2033, passed by voice vote in the House.

Social Security numbers and medical information were among the data stolen in an August breach of the networks of Pennsylvania's attorney general, officials said.

The filing comes one week after the Clop cybercriminal organization claimed it stole information from Logitech through a zero-day vulnerability in Oracle’s E-Business Suite tool.