Legal
US seizes E-Note crypto exchange for laundering ransomware payments
Law enforcement has seized the servers and domains of the E-Note cryptocurrency exchange, allegedly used by cybercriminal groups to launder more than $70 million. It is believed that the funds originated from ransomware and account takeover attacks, and were subsequently funneled through an international network of “money mules.” “Since 2017, the FBI identified more than […]
Portugal updates cybercrime law to exempt security researchers
Portugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make hacking non-punishable under certain strict conditions. First spotted by Daniel Cuthbert, a new provision in Article 8.o-A, titled “Acts not punishable due to public interest in cybersecurity,” provides a legal exemption for actions that previously were classified as illegal system […]
Korea arrests suspects selling intimate videos from hacked IP cameras
The Korean National Police have arrested four individuals suspected of hacking over 120,000 IP cameras across the country and then selling stolen footage to a foreign adult site. Although the suspects or the websites haven’t been named, the police are already taking action against viewers of the illicitly gained content, as well as the operators […]
FTC settlement requires Illuminate to delete unnecessary student data
The Federal Trade Commission (FTC) is proposing that education technology provider Illuminate Education to delete unnecessary student data and improve its security to settle allegations related to an incident in 2021 that exposed info of 10 million students. The agency’s decision comes shortly after the states of California, Connecticut, and New York agreed to settle their legal […]
Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison
A 44-year-old man was sentenced to seven years and four months in prison for operating an “evil twin” WiFi network to steal the data of unsuspecting travelers during flights and at various airports across Australia. The man, an Australian national, was charged in July 2024 after Australian authorities had confiscated his equipment in April and confirmed that he […]
FCC rolls back cybersecurity rules for telcos, despite state-hacking risks
The Federal Communications Commission (FCC) has rolled back a previous ruling that required U.S. telecom carriers to implement stricter cybersecurity measures following the massive hack from the Chinese threat group known as Salt Typhoon. The ruling came in January 2025 and took effect immediately under the Communications Assistance for Law Enforcement Act (CALEA), in response to Salt Typhoon’s breaching multiple […]
Five plead guilty to helping North Koreans infiltrate US firms
The U.S. Department of Justice announced that five individuals pleaded guilty to aiding North Korea’s illicit revenue generation schemes, including remote IT worker fraud and cryptocurrency theft. As part of this, the U.S. authorities announced actions seeking the forfeiture of $15 million in cryptocurrency from heists carried out by the APT38 threat group, which is […]
Data breach at major Swedish software supplier impacts 1.5 million
The Swedish Authority for Privacy Protection (IMY) is investigating a cyberattack on IT systems supplier Miljödata that exposed data belonging to 1.5 million people. Miljödata is an IT systems supplier for roughly 80% of Sweden’s municipalities. The company disclosed the incident on August 25, saying that the attackers stole data and demanded 1.5 Bitcoin to not leak it. […]
Ex-L3Harris exec guilty of selling cyber exploits to Russian broker
Peter Williams, an Australian national and a former general manager at U.S. defense contractor L3Harris Trenchant, has pleaded guilty in U.S. District Court to stealing and selling confidential cybersecurity information to a Russian vulnerability exploit broker. The illegal activity took place between 2022 and 2025, when Williams stole at least eight protected exploit components from […]
Microsoft sued for allegedly tricking millions into Copilot M365 subscriptions
The Australian Competition and Consumer Commission (ACCC) is suing Microsoft for allegedly misleading 2.7 million Australians into paying for the Copilot AI assistant in the Microsoft 365 service. Even though subscribers could have stayed on their existing plan without Copilot and at the same price, the ACCC says that Microsoft concealed that option and designed […]