The Record

The DEF CON Franklin project paired volunteer cybersecurity experts with water utilities in four states, hardening their systems against potential nation-state threats. The founders expect that the model can work on a larger scale.

Yes24, the largest ticket retailer in South Korea, faced its second ransomware attack this summer, affecting a tour for K-pop band Day6 and other events.

The Interlock ransomware gang is claiming to have carried out a cyberattack that has disrupted the operations of the city government of St. Paul, Minnesota.

Three Ghanaian men face charges in the U.S. related to a multimillion-dollar operation that defrauded individuals online and ran business email compromise scams.

A prominent hacking operation known as RomCom and a lesser-known group tracked as Paper Werewolf or Goffee each exploited a zero-day vulnerability in WinRAR software this summer, researchers said.

In a statement on Monday, Finland’s National Prosecution Authority said they had brought aggravated criminal mischief and aggravated interference with communications charges against the three senior officers aboard the Eagle S, a tanker registered in the Cook Islands.

Although the U.K.’s High Court of Justice dismissed the foundation’s challenge, it said it would revisit the case if the organization was classified as category 1 by Ofcom — the country’s communications regulator — later this year.

The winner announced on Friday at the DEF CON cybersecurity conference, known as Team Atlanta, is composed of tech experts from Georgia Tech, Samsung Research, the Korea Advanced Institute of Science & Technology (KAIST) and the Pohang University of Science and Technology (POSTECH).

Embargo started to draw scrutiny in late 2024, just a few months after BlackCat’s leaders appeared to conduct an exit scam on affiliates.

Critics from press freedom groups say member states have not taken steps to give the law any teeth.

The statement followed a Wednesday report from Politico revealing a major hack of the courts’ case filing system which officials feared exposed the identities of confidential informants in criminal cases.

A North Korean state-linked hacking group known for spying added some "newly observed" ransomware to its kit in a campaign targeting South Koreans, researchers said.

Two weeks ago, the ransomware gang’s darknet extortion sites were seized in an operation involving police from more than nine countries including Germany, France and the United Kingdom.

The plaintiffs argued that a 2017 rules change enabling law enforcement to use spyware to eavesdrop on encrypted chats and messaging platforms could unfairly expose communications belonging to people who are not criminal suspects.

Organizations with on-premises Microsoft Exchange servers are being urged to take steps to reduce exposure to a vulnerability recently reported by a researcher.

Bouygues Telecom, a large French mobile carrier, disclosed a cyberattack and data breach affecting more than 6 million customer accounts.

Fines from a state regulator pushed one car maker to improve the data privacy on its website and customer portal, and others seem to have taken notice, according to new ratings from the watchdog Privacy4Cars.

Tornado Cash cofounder Roman Storm was found guilty of conspiring to operate an unlicensed money-transmitting business, while the jury failed to reach a ruling on more significant charges around money laundering and sanctions violations.

Hackers have been sending fake summons emails purportedly from Ukrainian courts to target the country’s military and defense, cyber authorities have found.

The National Cyber Security Centre stressed that Britain was underestimating the severity of the risk to critical infrastructure from cyberattacks and provided updated guidance for operators to protect themselves.