The Record

Finnish prosecutors allege that a U.S. national, Daniel Lee Newhard, played a role in extorting the psychotherapy center Vastaamo. Until now the case had centered on Aleksanteri Kivimäki.

Cybersecurity researchers examining an intrusion into the network of a Philippine military company found a "new and advanced malware toolset" that they linked to China.

Auditors examined CISA's Cybersecurity Retention Incentive program and found that the agency did not “properly design, implement, comply with or manage” requirements for it.

Vietnam's credit information bureau and Panama's finance ministry are each responding to apparent data breaches claimed by high-profile cybercrime groups.

The official's call for a renewal came less than three weeks before the 2015 Cybersecurity Information Sharing Act (CISA 2015), which provides incentives for private entities to voluntarily share digital threat intelligence with the federal government, is due to sunset.

A Finnish judge set free Aleksanteri "Julius" Kivimäki, convicted of extorting victims of the Vastaamo psychotherapy center's data breach, as his appeal in the case continues.

Gov. Gavin Newsom vetoed an earlier version of the bill which would also have applied to mobile operating systems last year.

Switzerland-based providers of secure email, VPNs and other digital services say a pending government proposal would be catastrophic to their ability to protect the privacy of users.

The inquiry is intended to determine whether the tech companies are taking adequate steps to limit children’s use of the chatbots — a goal that could be at odds with their desires to expand their reach.

The privacy regulator said it identified “a worrying pattern” in the 215 insider threat breach reports from the education sector between January 2022 and August 2024, with 57% of incidents caused by students who were likely motivated by “dares, notoriety, financial gain, revenge and rivalries.”

Hackers leveraged insecure Microsoft encryption technology known as RC4 to gain access to the network of the hospital chain Ascension, Sen. Ron Wyden said in a letter asking the Federal Trade Commission to investigate.

The policy roadmap’s digital security text is tame in comparison to the last two years, when the idea of studying a U.S. Cyber Force dominated the debate.

The role American investors are playing in propping up spyware vendors is notable given the aggressive actions the U.S. government has taken to rein in the sector, including through sanctions, entity listings and visa restrictions.

FlexiSPY, which is commercially available, can be more easily detected than far more expensive mercenary spyware available to nation states but has similar capabilities once installed, said John Scott-Railton, a forensic researcher at The Citizen Lab who helped confirm the infection.

Under the bail conditions, Illia Vitiuk must appear when summoned, report any change of residence, avoid contact with certain individuals and surrender his foreign passports to investigators.

A proposed update to China's national Cybersecurity Law would give Beijing firmer oversight over tech products while increasing penalties for companies and executives that don't meet requirements.

At least 29 people are dead and the prime minister has resigned following days of protests in Nepal over a social media ban that officials eventually lifted.

New York Blood Center submitted documents to regulators in Maine, Texas, New Hampshire and California that confirmed the cyberattack, which they said was first discovered on January 26.

Volodymyr Tymoshchuk, currently a fugitive, was an administrator for multiple ransomware strains, including LockerGoga, said U.S. prosecutors in unsealing an indictment against the Ukrainian national.

The Department of Justice’s Computer Crime and Intellectual Property Section (CCIPS) is pursuing funds taken from five victims between late October 2022 and March 2023, according to a news release.