Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for FBI Seizes Key Domai ...

 Cyber News

The U.S. Department of Justice (DOJ) announced that it had obtained and acted on the two court-approved warrants authorizing the seizure of five internet domains linked to a global malware operation known as LummaC2. The domains were being used by cybercriminals to spread information-stealing malware and were taken   show more ...

down in a coordinated effort involving the DOJ, the FBI, and Microsoft. Malware has become one of the most common tools in a cybercriminal’s arsenal, offering relatively easy deployment with high impact. Experts often stress that malware attacks not only target large corporations or government agencies but also regular individuals whose personal information can be monetized or used in further attacks. What is LummaC2 Malware? LummaC2 malware is a type of information-stealing malware or "infostealer" that has gained notoriety in cybercriminal circles for its effectiveness in targeting and stealing personal and financial data from millions of users worldwide. Once installed on a victim’s device, the malware is capable of harvesting: Browser history and autofill data Email and banking login credentials Cryptocurrency wallet seed phrases Other sensitive personal information These stolen details can then be used for various malicious purposes, including unauthorized bank transfers, identity theft, and cryptocurrency fraud. How the Operation Worked According to court documents, the administrators of LummaC2 operated the malware through a set of internet domains that served as login portals—referred to as user panels—for authorized users, typically affiliates or cybercriminals who had purchased or leased access to the malware. These portals allowed them to deploy the malware across networks and extract stolen data. The FBI’s investigation revealed at least 1.7 million instances where LummaC2 was used to compromise victim systems and steal data. [caption id="attachment_102960" align="aligncenter" width="661"] Source: FBI Cyber Division[/caption] Domain Seizure Details The Justice Department's operation unfolded over several days in May 2025: May 19, 2025: The government seized two domains linked to the LummaC2 infrastructure. May 20, 2025: In response, LummaC2 administrators notified their users about three newly created domains to restore access to the malware service. May 21, 2025: The U.S. government swiftly seized the additional three domains, effectively cutting off cybercriminal access to the service again. Now, anyone attempting to access these domains is greeted with a notice indicating that the websites have been seized by the Department of Justice and the FBI. [caption id="attachment_102958" align="aligncenter" width="489"] Source: LinkedIn[/caption] Statements from Officials Sue J. Bai, head of the DOJ’s National Security Division, emphasized the importance of public-private collaboration in tackling cyber threats: “Today’s disruption is another instance where our prosecutors, agents, and private sector partners came together to protect us from the persistent cybersecurity threats targeting our country.” Matthew R. Galeotti, head of the DOJ’s Criminal Division, highlighted the dangers posed by malware like LummaC2: “This type of malware is used to steal personal data from millions, facilitating crimes such as fraudulent bank transfers and cryptocurrency theft.” FBI Assistant Director Bryan Vorndran added: “We took action against the most popular infostealer service available in online criminal markets. Thanks to partnerships with the private sector, we were able to disrupt the LummaC2 infrastructure and seize user panels.” In a coordinated effort, Microsoft independently launched a civil legal action to take down 2,300 additional internet domains believed to be linked to LummaC2 actors or their proxies. This move reflects a broader public-private initiative to clamp down on cybercrime infrastructure and prevent future attacks. The operation was led by the FBI’s Dallas Field Office and supported by several branches of the DOJ: The U.S. Attorney’s Office for the Northern District of Texas The National Security Division’s National Security Cyber Section The Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS) The crackdown on LummaC2 is part of a larger effort by the U.S. government to counter foreign cyber threats. The U.S. Department of State’s Rewards for Justice (RFJ) program is offering up to $10 million for information leading to the identification or location of individuals engaged in malicious cyber activities against U.S. critical infrastructure. [caption id="attachment_102957" align="aligncenter" width="1024"] Source: FBI[/caption] Conclusion The success of this operation demonstrates the importance of timely coordination between government agencies and private companies like Microsoft. While the takedown of LummaC2’s infrastructure is a major step forward, one needs to be cautious that similar threats will continue to emerge. Individuals and organizations alike are advised to remain vigilant, adopt strong cybersecurity practices, and stay informed about the latest developments in cybercrime and data protection.

image for Should Children Use ...

 Cyber Essentials

Google’s quiet rollout of its AI-powered Gemini chatbot to children under the age of 13 has sparked intense debate or I should say backlash, from privacy and child advocacy groups. Critics argue that the move not only raises ethical concerns but may also violate U.S. law, particularly the Children’s Online Privacy   show more ...

Protection Act (COPPA). At the core of the controversy is Google’s decision to allow children with supervised accounts, managed through its Family Link program, to access Gemini, a generative AI chatbot that can create stories, songs, poetry, and help with homework. While Google frames this as an educational and creative tool for kids, a growing alliance of parents' groups sees it as a potential privacy problem and a threat to children’s mental well-being. Parents Get Emails—Advocates Raise the Concern The issue came into the spotlight after Google sent emails to parents using Family Link, notifying them that their children could now access Gemini. The chatbot is available through web and mobile apps, and while parents have the option to disable access, the default setting allows use. This opt-out model, critics argue, bypasses an essential requirement of COPPA: verifiable parental consent. The backlash was instant and loud. A broad coalition led by the Electronic Privacy Information Center (EPIC) and Fairplay fired off letters to both the Federal Trade Commission (FTC) and Google CEO Sundar Pichai, demanding an immediate halt to the rollout. They called on the FTC to investigate whether Google has violated federal privacy law. “Shame on Google for attempting to unleash this dangerous and addictive technology on our kids,” said Josh Golin, Executive Director of Fairplay. “Gemini and other AI bots are a serious threat to children’s mental health and social development.” Gemini AI for Kids: What's the Risk? Gemini might appear harmless or even beneficial. It talks like a human, answers questions, and entertains kids with stories or songs. But the concerns run deeper. The parents’ groups warn that children are particularly vulnerable to manipulation and misinformation from AI systems. Generative AI doesn’t always provide factual answers, and its human-like communication style can mislead young users into forming parasocial relationships, where children treat the chatbot as a friend or confidant. This could foster emotional dependency and blur the line between reality and simulation. Additionally, Gemini’s warnings about inaccuracies and sensitive content are deeply troubling. Google itself admits in its documentation that Gemini “can make mistakes” and “may encounter content you don’t want [your child] to see.” Yet instead of fixing those issues or pausing the rollout, the company shifts the responsibility onto parents, suggesting they teach their children to “think critically” about Gemini’s responses. This is a tough ask, especially when the users in question are under 13. How realistic is it to expect young children to recognize bias, misinformation, or emotional manipulation from an AI system that mimics human conversation? What Does the Law Say? Under the Children’s Online Privacy Protection Act (COPPA), any online service that collects personal data from children under 13 must obtain verifiable parental consent before doing so. According to EPIC and Fairplay, Google appears to have sidestepped this requirement by simply notifying parents after enabling access by default. In its email, Google tells parents that they will be notified if their child uses Gemini and can disable access if they choose. But the opt-out model isn’t enough under COPPA. The law requires proactive consent, not passive acknowledgment. Newly appointed FTC Chair Andrew Ferguson emphasized this in recent Congressional testimony. “Protecting children and teens online is of paramount importance,” he wrote, adding that COPPA mandates companies obtain clear consent before collecting data from children. Ferguson’s comments suggest that the FTC may be more willing to investigate companies like Google moving forward, especially in light of this public pressure. Google’s Defense: Not Enough? So far, Google has tried to defend its move by stressing that children’s data will not be used to train AI models. The company also points to parental controls and educational resources about AI. But critics say these measures fall short. The company hasn’t disclosed what other safeguards are in place to protect kids’ emotional well-being, guard against bias, or ensure compliance with privacy law. In a particularly damning part of the letter sent to the FTC, EPIC and Fairplay argue that “Google has not identified additional safeguards to ensure that it would not misuse data collected through these interactions.” “If Google wants to market its products to children, it is Google’s responsibility to ensure that the product is safe and developmentally appropriate,” said Suzanne Bernstein, Counsel at EPIC. “Which it has not done.” Shifting Responsibility onto Parents? One of the most controversial aspects of Google’s rollout is how it frames the burden of safety. Rather than taking full responsibility for making its AI child-safe, Google instead offers a how-to guide for parents on managing access and helping kids direct AI responses. While parental involvement is undeniably crucial, critics argue that it should not be used as a shield by tech companies. The developers of AI systems, who best understand the risks and reap the profits, must be held accountable for ensuring the technology is safe before putting it into the hands of children. Who’s Leading the Fight? A broad alliance of organizations has joined forces to push back against Google’s decision. This includes the U.S. Public Interest Research Group (PIRG), The Anxious Generation Campaign, Design It For Us, Eating Disorders Coalition, and Tech Transparency Project, among others. The campaign also has heavyweight academic backing. Signatories to the letter include Jonathan Haidt, a well-known social psychologist, MIT professor Sherry Turkle, and Fordham Law Professor Zephyr Teachout. Their message is clear: AI chatbots are not developmentally appropriate for young children, and until the science says otherwise, big tech should keep them away. What Happens Next? The FTC has not yet announced whether it will open a formal investigation into Google’s rollout of Gemini for kids. But the issue has gained significant traction among both policymakers and the public. Given Chair Ferguson’s stated priorities around children’s privacy and the weight of expert opinion against Google’s decision, the tech giant may face regulatory scrutiny in the coming weeks. In the meantime, many parents may be left wondering: Should they trust an AI chatbot with their child’s development? Google’s decision to move ahead with Gemini for children, despite so many unanswered questions and warnings, suggests that in the race to dominate the AI market, caution is being thrown to the wind, even when the stakes involve the well-being of the most vulnerable users of all.

image for JavaScript Crypto Li ...

 Firewall Daily

A flaw has been discovered in OpenPGP.js, a widely used JavaScript library for OpenPGP encryption. Tracked as CVE-2025-47934, the vulnerability allows threat actors to spoof both signed and encrypted messages, effectively undermining the very foundation of trust in public key cryptography.  The vulnerability, rated 8.   show more ...

7 (High) on the CVSS scale, was discovered by security researchers Edoardo Geraci and Thomas Rinsma of Codean Labs. Their findings were disclosed in an advisory posted to the OpenPGP.js GitHub repository, with a full technical write-up and proof-of-concept exploit. The delay in publishing the PoC is a standard practice intended to give developers and users time to apply necessary patches. Nature of the CVE-2025-47934 Vulnerability  The issue lies in the openpgp.verify and openpgp.decrypt functions of OpenPGP.js. According to the advisory, a malicious message can be processed by these functions in a way that falsely returns a valid signature verification, even though the message was never signed by a trusted party. This defect affects both inline-signed messages and signed-and-encrypted messages.  In technical terms, the vulnerability arises because OpenPGP.js fails to correctly associate the extracted message data with its actual signature during verification. This oversight allows attackers to manipulate the content of a message while retaining a valid signature from a previous, unrelated message.  "In order to spoof a message," the advisory explains, "the attacker needs a single valid message signature (inline or detached) as well as the plaintext data that was legitimately signed. They can then construct an inline-signed or signed-and-encrypted message containing any data of their choice, which will appear as legitimately signed."  This means a bad actor can reuse a valid signature to forge new content that appears authentic to the recipient, bypassing the trust model OpenPGP is built upon.  The vulnerability affects versions 5.0.1 through 5.11.2 and 6.0.0-alpha.0 through 6.1.0 of OpenPGP.js. Users are strongly advised to upgrade to version 5.11.3 or 6.1.1, both of which contain the necessary security patches. Notably, version 4.x remains unaffected by this issue.  Mitigation Strategies  While patches are available, users who cannot immediately upgrade are encouraged to implement workarounds:  For inline-signed messages, manually extract the message and signature, then verify the signature as if it were detached. This involves creating a new message object using openpgp.createMessage and passing it along with the extracted signature to openpgp.verify. For signed-and-encrypted messages, first decrypt the message without specifying verification keys. Then verify the decrypted content in a separate step, again treating the signature as detached. These steps prevent reliance on the vulnerable combined verification-decryption logic present in the affected versions.  To sum up, the discovery of CVE-2025-47934 highlights the critical risks inherent in client-side cryptographic libraries, particularly those written in JavaScript and used in browser environments. It highlights the necessity of rigorous testing and validation for tools that secure encrypted communications.  

image for Cyberattack Hits Cel ...

 Firewall Daily

Cellcom, a regional wireless provider based in Wisconsin, is continuing efforts to restore full service following a cybersecurity incident that has disrupted customers’ ability to make phone calls and send text messages. The company, which reported a Cellcom cyberattack last week, left many of its customers   show more ...

frustrated and without service. On Tuesday, Cellcom’s CEO Brighid Riordan, addressed the situation in a video message, assuring customers that there was no indication that any personal information had been compromised in the cyberattack. While the outage due to the Cellcom cyber security incident has affected voice and text services, the company emphasized that its data systems, including sensitive customer information, were not impacted by the breach. Cellcom CEO Assures Customers Their Data Is Safe  “We are committed to restoring services as quickly as possible, but we want to ensure that every step is taken with care to avoid compromising security,” Riordan stated. She further emphasized that there was no evidence of personal data being accessed or stolen during the cybersecurity incident.   Despite these reassurances, Cellcom has warned its customers to be extra vigilant for potential scams. With the ongoing outage affecting a significant number of users, the company noted that cybercriminals may attempt to take advantage of the situation, exploiting the vulnerability caused by the service interruption. Cellcom advised its users to be cautious of unsolicited messages or phone calls, especially those that may appear to come from the company. Ongoing Restoration Efforts After Cellcom Cyberattack The company’s latest update indicated that while progress is being made, the full restoration of services may take additional time. Cellcom has brought in outside cybersecurity experts and has been working to resolve the issue. Additionally, the company has notified both the FBI and Wisconsin state officials about the incident, ensuring that appropriate legal and security measures are being taken. In a letter to customers, Riordan expressed deep gratitude for their patience and understanding during the disruption. She acknowledged the hardship caused by the outage, stating, “We know this disruption has caused frustration and, for some, real hardship — and for that, I am truly sorry.” She also praised the employees who have been working tirelessly to address the issue, noting their dedication and creativity in finding solutions.  Riordan further assured customers that the company would take responsibility for the disruption by covering the time customers were without service. “We’re taking responsibility. We’re covering the time you were without service, and then some,” she wrote. The cybersecurity breach has prompted heightened concern, not only because of the immediate service disruptions but also because of the potential risks it poses to customer trust. Cellcom, however, has continued to stress that security is its top priority. “We will not rush anything that compromises safety, security, or trust,” Riordan emphasized.  Conclusion   Cellcom is actively working to restore full service following a cybersecurity incident that disrupted its customers’ ability to make calls and send texts. While the company reassured customers that no personal data had been compromised, it has warned users to be vigilant for potential scams during the outage. Despite progress in restoring services, the company acknowledged that the process may take additional time and has enlisted external cybersecurity experts for support. In a message to customers, CEO Brighid Riordan expressed gratitude for their patience, emphasized the company’s commitment to security, and confirmed that they would cover the downtime.

image for A Kaspersky checklis ...

 Privacy

These days, were hardly ever separated from our devices. According to a 2024 study conducted in the U.S. by analytics firm Reviews.org, the average user spends around 2.5 months of a year on their smartphone! Thats a staggering figure — showing just how deeply mobile devices have become ingrained into our daily   show more ...

lives. A digital detox — a trendy term for taking a break from our screens and notifications — can benefit anyone with a smartphone and/or laptop. According to a review of 10 studies conducted between 2013 and 2023, digital detoxes help improve sleep quality, life satisfaction, and overall wellbeing. They also reduce anxiety, stress, depression, and phone addiction. Whats more, regular digital breaks can restore the brains ability to focus for long periods and process information deeply. However, completely unplugging from the internet can pose certain cybersecurity risks to your digital life. So today, well look at how to give your mind a rest while ensuring the security of your accounts, devices, data, and even smart home. What could go wrong during a digital detox? Of course, its impossible to completely eliminate all risks, but you can make some preparations to minimize their impact. But what kinds of risks are we talking about? Account theft — both of regular, single-service accounts, and ecosystem accounts (like Google, Apple, Facebook, Instagram, Samsung, etc.) via password guessing or SIM swapping. Unauthorized subscriptions and charges. Leak of personal data from password dumps or due to a lack of two-factor authentication. Account hijacking in messengers and social networks. Use of your devices or accounts to send spam. Loss or theft of your gadgets. Household issues — break-ins while youre away, flooding, gas leaks, or fires. How to stay in control during a digital detox? Start with a digital spring-clean, and strengthen your digital perimeter across a few key areas. Accounts, data, and finances Review your subscriptions. More than half of users worldwide pay for subscriptions they dont use. According to one study, only 38% of respondents had used all of their subscriptions in the past six months. The majority had unused ones: 15% hadnt used two, 11% three, and 3% more than five. Moreover, we tend to underestimate our total subscription costs by two to three times — even though we spend, on average, around a thousand dollars a year on them! So reviewing your subscriptions is a great place to start your digital detox, and dedicated subscription managers can help make this easier. Make a list of subscriptions to pause or cancel completely while youre away. And conversely, make sure the services that require ongoing payments are linked to an account with enough funds to cover them during your detox. This might include services like website hosting autopayments, VPS rental for a project, or a paid cloud storage or mail server. Also check how long your data is retained after suspending a subscription — and when it might be permanently deleted. Beef up your passwords. Review your critically important accounts: online banking, government service portals, crypto wallets, and so on. If youre already using a password manager, take advantage of the built-in password leak check If you store passwords in your browser, or your password manager cant check for compromised passwords, switch to Kaspersky Password Manager. Replace weak passwords with unique and strong ones — our password manager can generate and remember them for you. Enable two-factor authentication (2FA) wherever possible so that logging in requires a one-time code. Keep in mind that codes sent via SMS arent secure — so for critical accounts (banks, email, social networks, ecosystem accounts like Google and Apple), switch to an authenticator app wherever you can. By the way, our password manager can help here too. Make backups. Create up-to-date backups of important files stored both locally and online — because the internet remembers not quite everything. Keep multiple copies — for example, on NAS at home as well as in a reliable cloud with encryption features. Dont forget to make fresh backups of your smartphone and any other devices youre taking with you, and store them in a safe place. Give backup access to people you trust. If youre a blogger, run Telegram channels or video-hosting platforms, or have popular social media accounts, be sure to set them up so youre not the only one with access. In case attackers do manage to compromise your account — for example, through SIM swapping or hijacking session cookies — a prompt response is essential, even if youre away. Kaspersky Password Manager can help here too: install it on multiple devices and sync your passwords and two-factor authentication tokens across them. Notify your bank of your travel plans so they dont block your card due to a suspicious transaction abroad. Depending on your bank, this can be done via in-app chat, a hotline, or in person. Gadgets and connectivity Install security updates. Update the operating systems, apps, and firmware on all your gadgets to the latest versions. Patches fix known vulnerabilities and lower the chances of a successful attack on you. If youre using Android, check out our pain-free guide to installing Android updates. Protect your devices. Make sure your both your computer and smartphone are protected with reliable security software. Enable disk encryption, and set a strong password for unlocking your device — whether youre taking it with you or leaving it behind. On smartphones, disable biometric access, use strong passcodes, and enable automatic data-wipe after several failed unlock attempts. To be able to locate lost Apple devices, turn on Find My. Kaspersky for Android has a similar feature for Android devices. Protect your SIM cards from being swapped. Your cellphone number provides access to many services. It can be used to access social media, banking, government services, and — most critically — ecosystem accounts that store important personal data like your calendar, cloud documents, and payment card data saved in your browser. Criminals may try to get a duplicate of your SIM card at a mobile store to bypass SMS or call verification. Of course, this can happen at any time, but if youre away, you wont be able to respond as quickly. Some mobile carriers let you set a password without which all SIM reissue requests are denied. Some providers let you prohibit them from providing you with services remotely and preventing anyone from replacing your SIM card, even if they have ? power of attorney – real or fake. Check what options your provider offers, and for more tips on SIM swapping protection, see our article on the topic. Set a good old PIN code on your primary SIM card before your trip — especially if you plan to remove it from your phone to leave at home, or swap it for a travel SIM while abroad. That way, even if your SIM falls into the wrong hands, they wont be able to access your accounts: once inserted into a phone, the SIM wont work without the PIN code. If you have an eSIM, keep the multi-use eSIM activation QR code stored in a secure place — or opt for single-use codes instead. Make sure you have a backup communication channel. If youre heading somewhere where mobile signal is unreliable or nonexistent — like in mountainous regions — satellite SMS services (like Garmins inReach) or Apples Emergency SOS via satellite feature can be useful. Be sure to check the subscription details in advance and confirm the service is available in the country youre visiting. Personal safety Check your digital legacy settings and designate who gets access to your accounts if something happens to you. In Apples ecosystem, you can assign an account recovery contact in case you completely lose access to your Apple ID. With a code they receive according to your instructions, the trusted person can help you regain access to your account and data — such as a smartphone backup. However, they wont get direct access to your data. In addition to a recovery contact, Apple also lets you designate a Legacy Contact. Google offers a similar feature called Inactive Account Manager, which is especially worth setting up if you plan not to use Google services for a long time. This option sends your selected contacts a backup of chosen data after a set period of inactivity — the default is three months. If thats not enough for your full-on digital detox, be sure to increase the inactivity period in the settings so you dont alarm your trusted contacts. Decide which smart-home and IoT devices should remain active while youre away. Surveillance cameras and alarms should ideally not just stay on, but be connected to an uninterruptible power supply. That way, the alarm can still send a signal to the monitoring center even if burglars cut the power before breaking in. On the other hand, smart sockets, speakers, or appliances you dont plan to use should be unplugged and disconnected from the internet. Learn more about smart-home protection here. Change the default passwords on all IoT devices to your own, strong ones, and dont forget your router. Many devices come with standard login/password combos out of the box, making them vulnerable to botnet attacks. Also, if an attacker gains access to your IP camera, they can monitor your home and plan a break-in while youre away. Make sure you (or a trusted person) can receive critical alerts — for example, from smoke, gas, or flood detectors — and that a relative, trusted neighbor, or friend can quickly deal with any issues. Leave your trusted contact with spare keys and a way to reach you. If youre going fully offline for your digital detox, this could be your hotels phone number or the contact details of your travel companion. How to minimize gadget use on vacation A full digital detox might feel too extreme for many people. But if you want to truly relax without worrying about your online life or offline property, we recommend at least sticking to the following rules: Forget about the news, social media, and email — or at least stop checking them all the time. Special modes on Apple and Android devices can help limit your access to the most distracting apps. If these built-in tools arent enough, you could become your own child — install Kaspersky Safe Kids (included in your Kaspersky Premium subscription) and customize it by setting filters for apps, websites, and social media — adding daily time limits for each. Minimize your digital footprint. Avoid posting vacation photos or updates in public in real time — better is to share the memories once youre back. That way, youre not telling the world: Hey, Im not home and wont be for two more weeks! If you really cant resist, at least limit the audience to close friends only. Let colleagues and family know in advance that youll be away, so they wont worry or — most importantly — send you anything sensitive or urgent via email or messaging apps. Also, review your messaging account settings to prevent hijacking while youre gone. Scammers love to strike when account owners are absent — so a quick reminder to your contacts not to fall for messages like Hey! Can you lend me $100 till tomorrow? can save you a lot of trouble. Set up an out-of-office message for your email and voicemail stating that youre temporarily offline — without giving too many details about your destination or reasons for your trip. Take just one, essential device. If youre traveling, dont bring every gadget you own. Choose just one — whether a laptop, tablet, or smartphone — and keep it in your carry-on luggage. At your accommodation, store your device in a safe and never leave it unattended — even if you dont plan to use it. If someone gets physical access to your device, they could compromise your data — and in the case of a smartphone, even steal your SIM card. Use a backup phone for SMS messages. If youre swapping your main SIM for a local or tourist one, insert your home SIM into an old backup phone — ideally a basic button phone with a long battery life — and turn off mobile data. This way, youll still receive calls and texts to your main number and can react promptly if something suspicious happens — like getting a two-factor authentication code you didnt request, or a bank alert about a strange transaction or loan approval. To avoid roaming charges, simply do not answer the calls from this device and contact the caller on another channel. Keep this phone in a hotel safe or other secure spot and check it at least once a day. Avoid risky connections. If possible, avoid connecting to unknown Wi-Fi networks or using someone elses computer — especially if your goal is to unplug from the internet and screens. If you do need to get online (say, to check an important email), use your own device and stick to trusted Wi-Fi networks — or, better yet, mobile internet. Tourist SIM cards with cheap data plans are available pretty much everywhere in todays world. With public Wi-Fi, use a secure connection to encrypt your traffic. And never enter passwords when using internet café networks or shared computers. How to avoid missing anything important when you return After your digital vacation, its important to return online wisely — checking what happened while you were away. Power on your devices and check for updates. Turn on all the gadgets youd switched off. Security updates may have been released while you were away; install them as soon as possible before actively using your devices again. Make sure your antivirus databases are also up to date. If you had any IoT devices unplugged, turn them back on and ensure theyre working properly and reconnected to your home network (and double-check that no passwords have been reset). Review notifications and logs. Go through the backlog of notifications in your email, banking apps, and social media accounts. Pay close attention to login attempt alerts, two-factor authentication codes, and bank messages about transactions. If you notice any attempts to access your accounts that occurred during your digital detox, your first step should be to change the passwords for those services, terminate suspicious sessions if possible, and contact support. An SMS or push notification with a login code you didnt request is a strong sign of a potential hack or SIM-swap attempt; in that case, immediately reach out to your mobile provider and the service in question. Check your SIM card and phone. After a long time offline, make sure your phone number is still active and functioning, and that your balance hasnt been drained by any suspicious activity. A pre-set PIN code and a restriction on reissuing SIM cards should reliably protect your number. However, its still worth double-checking your mobile account and, at the slightest suspicion, requesting a detailed expenses log from your mobile provider. Assess your resilience and make notes and amendments for the future. Reflect on how well your digital ecosystem held up during your time away. The ideal outcome: nothing went wrong, your data is intact, your accounts are secure, and your home is fine. If thats the case, congratulations — not only did you enjoy your break, but you also confirmed that your security measures work even without constant supervision. If any issues did arise — say, a backup failed or an IP camera went offline — treat them not as disasters but as lessons to learn, and take measures to improve your setup going forward. We hope these tips help you enjoy a smooth and secure digital-detox vacation. Make the most of your time offline — and remember, its better to be safe than sorry. And to be even safer, follow our Telegram channel.

image for Oops: DanaBot Malwar ...

 A Little Sunshine

The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and that many of the   show more ...

defendants exposed their real-life identities after accidentally infecting their own systems with the malware. DanaBot’s features, as promoted on its support site. Image: welivesecurity.com. Initially spotted in May 2018 by researchers at the email security firm Proofpoint, DanaBot is a malware-as-a-service platform that specializes in credential theft and banking fraud. Today, the U.S. Department of Justice unsealed a criminal complaint and indictment from 2022, which said the FBI identified at least 40 affiliates who were paying between $3,000 and $4,000 a month for access to the information stealer platform. The government says the malware infected more than 300,000 systems globally, causing estimated losses of more than $50 million. The ringleaders of the DanaBot conspiracy are named as Aleksandr Stepanov, 39, a.k.a. “JimmBee,” and Artem Aleksandrovich Kalinkin, 34, a.k.a. “Onix”, both of Novosibirsk, Russia. Kalinkin is an IT engineer for the Russian state-owned energy giant Gazprom. His Facebook profile name is “Maffiozi.” According to the FBI, there were at least two major versions of DanaBot; the first was sold between 2018 and June 2020, when the malware stopped being offered on Russian cybercrime forums. The government alleges that the second version of DanaBot — emerging in January 2021 — was provided to co-conspirators for use in targeting military, diplomatic and non-governmental organization computers in several countries, including the United States, Belarus, the United Kingdom, Germany, and Russia. “Unindicted co-conspirators would use the Espionage Variant to compromise computers around the world and steal sensitive diplomatic communications, credentials, and other data from these targeted victims,” reads a grand jury indictment dated Sept. 20, 2022. “This stolen data included financial transactions by diplomatic staff, correspondence concerning day-to-day diplomatic activity, as well as summaries of a particular country’s interactions with the United States.” The indictment says the FBI in 2022 seized servers used by the DanaBot authors to control their malware, as well as the servers that stored stolen victim data. The government said the server data also show numerous instances in which the DanaBot defendants infected their own PCs, resulting in their credential data being uploaded to stolen data repositories that were seized by the feds. “In some cases, such self-infections appeared to be deliberately done in order to test, analyze, or improve the malware,” the criminal complaint reads. “In other cases, the infections seemed to be inadvertent – one of the hazards of committing cybercrime is that criminals will sometimes infect themselves with their own malware by mistake.” Image: welivesecurity.com A statement from the DOJ says that as part of today’s operation, agents with the Defense Criminal Investigative Service (DCIS) seized the DanaBot control servers, including dozens of virtual servers hosted in the United States. The government says it is now working with industry partners to notify DanaBot victims and help remediate infections. The statement credits a number of security firms with providing assistance to the government, including ESET, Flashpoint, Google, Intel 471, Lumen, PayPal, Proofpoint, Team CYRMU, and ZScaler. It’s not unheard of for financially-oriented malicious software to be repurposed for espionage. A variant of the ZeuS Trojan, which was used in countless online banking attacks against companies in the United States and Europe between 2007 and at least 2015, was for a time diverted to espionage tasks by its author. As detailed in this 2015 story, the author of the ZeuS trojan created a custom version of the malware to serve purely as a spying machine, which scoured infected systems in Ukraine for specific keywords in emails and documents that would likely only be found in classified documents. The public charging of the 16 DanaBot defendants comes a day after Microsoft joined a slew of tech companies in disrupting the IT infrastructure for another malware-as-a-service offering — Lumma Stealer, which is likewise offered to affiliates under tiered subscription prices ranging from $250 to $1,000 per month. Separately, Microsoft filed a civil lawsuit to seize control over 2,300 domain names used by Lumma Stealer and its affiliates. Further reading: Danabot: Analyzing a Fallen Empire ZScaler blog: DanaBot Launches DDoS Attack Against the Ukrainian Ministry of Defense Flashpoint: Operation Endgame DanaBot Malware Team CYRMU: Inside DanaBot’s Infrastructure: In Support of Operation Endgame II March 2022 criminal complaint v. Artem Aleksandrovich Kalinkin September 2022 grand jury indictment naming the 16 defendants

 Feed

A sprawling operation undertaken by global law enforcement agencies and a consortium of private sector firms has disrupted the online infrastructure associated with a commodity information stealer known as Lumma (aka LummaC or LummaC2), seizing 2,300 domains that acted as the command-and-control (C2) backbone to commandeer infected Windows systems. "Malware like LummaC2 is deployed to steal

 Feed

A privilege escalation flaw has been demonstrated in Windows Server 2025 that makes it possible for attackers to compromise any user in Active Directory (AD). "The attack exploits the delegated Managed Service Account (dMSA) feature that was introduced in Windows Server 2025, works with the default configuration, and is trivial to implement," Akamai security researcher Yuval Gordon said in a

 Feed

A recently patched pair of security flaws affecting Ivanti Endpoint Manager Mobile (EPMM) software has been exploited by a China-nexus threat actor to target a wide range of sectors across Europe, North America, and the Asia-Pacific region. The vulnerabilities, tracked as CVE-2025-4427 (CVSS score: 5.3) and CVE-2025-4428 (CVSS score: 7.2), could be chained to execute arbitrary code on a

 Feed

It’s not enough to be secure. In today’s legal climate, you need to prove it. Whether you’re protecting a small company or managing compliance across a global enterprise, one thing is clear: cybersecurity can no longer be left to guesswork, vague frameworks, or best-effort intentions. Regulators and courts are now holding organizations accountable for how “reasonable” their security programs are

 Feed

For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not systems—to function. In fact, fewer than 4% of security teams have fully automated their core identity workflows. Core workflows, like

 Feed

Cybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestration platform that could be exploited to take control of susceptible instances. It's worth noting that the identified shortcomings remain unpatched despite responsible disclosure on February 13, 2025, prompting a public release of the issues

 Feed

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell. "UAT-6382 successfully exploited CVE-2025-0944, conducted reconnaissance, and rapidly deployed a variety of web shells and custom-made malware to maintain long-term access," Cisco Talos researchers

 Data loss

In this week’s episode, Graham investigates the mysterious Iberian Peninsula blackout (aliens? toaster? cyberattack?), Carole dives in the UK legal aid hack that exposed deeply personal data of society's most vulnerable, and Dinah Davis recounts how Instagram scammers hijacked her daughter’s account - and how a parental control accidentally saved the day.

 Cyber Security News

Source: www.lastwatchdog.com – Author: bacohido Palo Alto, Calif., May 21, 2025 – DataHub, by Acryl Data, the leading open source metadata platform, today announced it has raised $35 million in Series B funding led by Bessemer Venture Partners. This latest round brings the company’s total funding to $65   show more ...

million, enabling accelerated development of its context […] La entrada News alert: DataHub secures $35M Series B to enable AI to safely manage and use data – Source: www.lastwatchdog.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.lastwatchdog.com – Author: cybernewswire Dover, Del., May 21, 2025, CyberNewswire — Attaxion, the external attack surface management (EASM) vendor with industry-leading asset coverage, announces the integration of the European Vulnerability Database (EUVD) into its platform. Operated by the   show more ...

European Union Agency for Cybersecurity (ENISA), the EUVD is a publicly accessible vulnerability repository developed in […] La entrada News alert: Attaxion integrates its EASM Platform with ENISA’s EU Vulnerability Database (EUVD) – Source: www.lastwatchdog.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 0CISO2CISO

Source: www.theguardian.com – Author: Samuel Gibbs Consumer technology editor Your Facebook or Instagram account can be your link to friends, a profile for your work or a key to other services, so losing access can be very worrying. Here’s what to do if the worst happens. What to do if your Facebook or   show more ...

Instagram account […] La entrada What to do if you can’t get into your Facebook or Instagram account – Source: www.theguardian.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Iain Thomson A 19-year-old student has agreed to plead guilty to hacking into the systems of two companies as part of an extortion scheme, and The Register has learned that one of the targets was PowerSchool. In January, PowerSchool, which holds data on around 60 million   show more ...

North American kids and about […] La entrada US teen to plead guilty to extortion attack against PowerSchool – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Jessica Lyons Russian cyberspies have targeted “dozens” of Western and NATO-country logistics providers, tech companies, and government orgs providing transport and foreign assistance to Ukraine, according to a joint government announcement issued Wednesday. The   show more ...

orgs they attacked span “virtually all transportation modes: air, sea, and rail,” the security advisory [PDF] warns. […] La entrada Russia’s Fancy Bear swipes a paw at logistics, transport orgs’ email servers – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Jessica Lyons International cops working with Microsoft have shut down infrastructure and seized web domains used to run a distribution service for info-stealing malware Lumma. Criminals paid $250 to $1,000 a month to get access to the infostealer. Lumma is a popular malware   show more ...

variant first noticed in 2022. It’s been used […] La entrada FBI, Microsoft, international cops bust Lumma infostealer service – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Coinbase

Source: go.theregister.com – Author: Connor Jones Coinbase says the data of nearly 70,000 customers was handed over by overseas support staff who were bribed by criminals to give up the goods. The crypto giant confirmed 69,461 users would be receiving direct communications from the company about the attack in a   show more ...

notification filed with Maine’s Attorney […] La entrada Coinbase confirms insiders handed over data of 70K users – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Connor Jones CrowdStrike is “confident” that the worst-case scenario of its pending lawsuit with Delta will result in it paying the airline a sum in the “single-digit millions.” That’s according to its outside counsel, Michael Carlinsky of law   show more ...

firm Quinn Emanuel, who told The Register that he believes Delta’s claims will […] La entrada Judge allows Delta’s lawsuit against CrowdStrike to proceed with millions in damages on the line – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Dan Robinson Google has updated its sovereign cloud services, including an air-gapped solution for customers with strict data security and residency requirements, as customers grow uneasy over US digital dominance. The tech giant first detailed a sovereign cloud capability   show more ...

some years ago, partnering with T-Systems in Germany to offer this to […] La entrada Google carves out cloudy safe spaces for nations nervous about America’s reach – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Iain Thomson In a White House press conference on Tuesday President Trump announced his plans for a defensive network of missiles, radar, space surveillance, and attack satellites that he promised would protect America. In January Trump signed an Executive Order for what he   show more ...

called the “Iron Dome of America” that would […] La entrada Trump announces $175B for Golden Dome defense shield over America – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Tara Seals Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution.   show more ...

There are several actions that could trigger this […] La entrada Lumma Stealer Takedown Reveals Sprawling Operation – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Rob Wright Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution.   show more ...

There are several actions that could trigger this […] La entrada Ivanti EPMM Exploitation Tied to Previous Zero-Day Attacks – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Kristina Beek, Associate Editor, Dark Reading Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed   show more ...

triggered the security solution. There are several actions […] La entrada Marks & Spencer Projects $400M Loss After Cyberattack – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Jai Vijayan, Contributing Writer Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the   show more ...

security solution. There are several actions that could […] La entrada Pandas Galore: Chinese Hackers Boost Attacks in Latin America – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Alexander Culafi, Senior News Writer, Dark Reading Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just   show more ...

performed triggered the security solution. There are several […] La entrada Unimicron, Presto Attacks Mark Industrial Ransomware Surge – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Coinbase

Source: www.darkreading.com – Author: Kristina Beek, Associate Editor, Dark Reading Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed   show more ...

triggered the security solution. There are several actions […] La entrada Coinbase Breach Compromises Nearly 70K Customers’ Information – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Elizabeth Montalbano, Contributing Writer Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed   show more ...

triggered the security solution. There are several actions that could […] La entrada Unpatched Windows Server Flaw Threatens Active Directory Users – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Alexander Culafi, Senior News Writer, Dark Reading Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just   show more ...

performed triggered the security solution. There are several […] La entrada NIST’s ‘LEV’ Equation to Determine Likelihood a Bug Was Exploited – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Dark Reading Staff Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security   show more ...

solution. There are several actions that could trigger […] La entrada Dark Reading Confidential: The Day I Found an APT Group in the Most Unlikely Place – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.darkreading.com – Author: Denny LeCompte Please enable cookies. Sorry, you have been blocked You are unable to access darkreading.com Why have I been blocked? This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution.   show more ...

There are several actions that could trigger this […] La entrada The Hidden Cybersecurity Risks of M&A – Source: www.darkreading.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: West Lothian Council has confirmed that ransomware actors have stolen “personal and sensitive” information stored on its education network. The Scottish local authority said in a May 21 update that it is now in the process of contacting parents and carers at   show more ...

every school in West Lothian to inform them of […] La entrada Sensitive Personal Data Stolen in West Lothian Ransomware Attack – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Microsoft has teamed up with law enforcement agencies across the globe to disrupt the infrastructure behind one of the world’s most notorious infostealer operations. Microsoft said that, between March 16 and May 16, it identified over 394,000 Windows computers   show more ...

globally that were infected with Lumma Stealer malware. A coordinated operation between […] La entrada Global Law Enforcers and Microsoft Seize 2300+ Lumma Stealer Domains – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Dozens of Western logistics and tech firms delivering aid to Ukraine have been targeted by a Russian state-backed cyber-espionage campaign over the past two years, allied security agencies have warned. The unnamed companies operate across the defense, IT services,   show more ...

maritime, airports, ports and air traffic management systems sectors in the US and […] La entrada Western Logistics and Tech Firms Targeted by Russia’s APT28 – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: www.infosecurity-magazine.com – Author: Organizations in Europe are about to face a wave of cybersecurity legislation, coming from both the EU and the UK. In the EU, the tech legislation roadmap is relatively clear, with most relevant regulations and laws already adopted, including the updated Network   show more ...

and Information Systems Directive (NIS2), the Digital Operational Resilience […] La entrada #Infosec2025: NCC Group Expert Warns UK Firms to Prepare for Cyber Security and Resilience Bill – Source: www.infosecurity-magazine.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: CyberNewswire. Cary, North Carolina, May 22nd, 2025, CyberNewsWire INE Security, a global leader in Cybersecurity training and certifications, has announced a strategic partnership with Abadnet Institute for Training, a Riyadh-based leader in specialized Information Technology,   show more ...

Cybersecurity, and Networking training. The collaboration leverages INE Security’s internationally recognized cybersecurity training content and Abadnet’s […] La entrada INE Security Partners with Abadnet Institute for Cybersecurity Training Programs in Saudi Arabia – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Waqas. Microsoft, in a global takedown with support from international law enforcement agencies, has disrupted a major malware distribution network responsible for widespread credential theft, financial fraud, and ransomware attacks. The operation targeted Lumma Stealer, an   show more ...

infostealer malware used by hundreds of threat actors to steal sensitive information from nearly 400,000 […] La entrada Microsoft Dismantles Lumma Stealer Network, Seizes 2,000+ Domains – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Waqas. A threat actor using the alias “ByteBreaker” is claiming to have abused the Facebook API and scraped 1.2 billion account details, which are now being sold on a data breach forum. A look at the sample data of 100,000 users shared by ByteBreaker on the forum shows it   show more ...

includes the […] La entrada Threat Actor Selling 1.2 Billion Facebook Records, But Details Don’t Add Up – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 1 - Cyber Security News Post

Source: hackread.com – Author: Owais Sultan. As the crypto market continues to mature, investors are looking for sophisticated financial instruments that allow them to capitalize on market fluctuations and mitigate risks effectively. One such instrument that has raised interest is XRP futures, which will enable   show more ...

you to earn a profit off of XRP, without needing […] La entrada XRP Futures Offer New Tools for Navigating Crypto Volatility – Source:hackread.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 APT

Source: securityaffairs.com – Author: Pierluigi Paganini CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply chains Russia-linked cyberespionage group APT28 intensifies its operations against Western logistics and technology   show more ...

companies moving supplies into Ukraine, US CISA warns. The APT28 group (aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) has been active […] La entrada Russia-linked APT28 targets western logistics entities and technology firms – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Breaking News

Source: securityaffairs.com – Author: Pierluigi Paganini Cellcom, a regional wireless carrier based in Wisconsin (US), announced that a cyberattack is the cause of a service outage it faced during the past week. Cellcom, a regional wireless carrier in Wisconsin, confirmed a cyberattack that caused a week-long   show more ...

outage affecting voice and text services in Wisconsin and […] La entrada A cyberattack was responsible for the week-long outage affecting Cellcom wireless network – Source: securityaffairs.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Chinese

Source: go.theregister.com – Author: Jessica Lyons A suspected Chinese crew has been exploiting a now-patched remote code execution (RCE) flaw in Trimble Cityworks to break into US local government networks and target utility management systems, according to Cisco’s Talos threat intelligence group.   show more ...

Cityworks is an asset and work management platform that integrates closely with Geographic […] La entrada Chinese snoops tried to break into US city utilities, says Talos – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Brandon Vigliarolo The Irish Data Protection Commission has cleared the way for Meta to begin slurping up the data of European citizens for training AI next week, ongoing legal challenges notwithstanding.  The DPC said in a statement yesterday that Meta had made a number of   show more ...

improvements to its proposal to harvest […] La entrada Irish privacy watchdog OKs Meta to train AI on EU folks’ posts – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

 Cyber Security News

Source: go.theregister.com – Author: Connor Jones Foreigners in Moscow will now be subject to a new experimental law that affords the state enhanced tracking mechanisms via a smartphone app. The new law, announced by Vyacheslav Volodin, chairman of the State Duma – the lower house of the Russian Parliament   show more ...

– is pitched as a means […] La entrada Russia expected to pass experimental law that tracks foreigners in Moscow via smartphones – Source: go.theregister.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

2025-05
Aggregator history
Thursday, May 22
THU
FRI
SAT
SUN
MON
TUE
WED
MayJuneJuly