FTC considers setting aside or modifying $150 million privacy penalty against X
Twitter, renamed X in 2023, filed a petition saying that the settlement terms are unfair because the order was issued against a company that “no longer exist...
The Record
20 articles
Russia seeks to label two anti-Kremlin hacker groups as ‘extremist’
The groups have previously claimed responsibility for cyberattacks targeting critical infrastructure and government institutions in Russia and Belarus.
Supreme Court rules FCC fines punishing telecom giants for sharing location data were legal
The Trump administration had backed the FCC’s position and, apart from Justice Clarence Thomas, the high court agreed.
CISA directive for AI executive order to be released this week, Andersen says
The binding operational directive will focus in part on “vulnerability alleviation and vulnerability management,” Andersen said in remarks delivered at the T...
UN food agency investigates breach exposing data of Gaza aid recipients
In a message sent to aid recipients via Telegram over the weekend, the World Food Programme (WFP) said that "unauthorized parties" had accessed data stored i...
Researcher publishes GitHub token-stealing exploit, blames Microsoft’s disclosure process
The security researcher, Ammar Askar, released the new proof-of-concept exploit on his personal blog — alongside the public tracker for issues in VS Code — g...
Five Eyes warn Chinese spies are using job sites to recruit insiders
The alert warned that Chinese intelligence officers are posing as recruiters and consultants for front companies based outside China in order to target Five ...
DHS chief signals efforts to reshape CISA
In his first appearance before the panel since being confirmed in March, Mullin said that CISA probably needs “somewhere around” 2,800 employees, despite its...
New cyber force would cost up to $11 billion to start, commission says
The military branch would take 12 to 18 months to get up and running and also include roughly 5,000 members of the National Guard and up to 6,000 civilians, ...
White House unveils pared-back AI executive order
The order notes that federal access to the models should be subject to “appropriate confidentiality, cybersecurity, insider-risk, and intellectual-property p...
Russia claims foreign spy agencies hacked officials' phones
In a statement, Russia's Federal Security Service (FSB) said it had uncovered what it described as a "large-scale operation" involving malicious software ins...
Red Hat removes tainted packages after software pipeline compromise
According to the company’s preliminary analysis, a compromised GitHub account was used to push the malicious code out to customers, hitting 32 packages downl...
Spain arrests suspected hacker for publishing personal data of police, prosecutors and cyber officials
Police described the incident as a large-scale disclosure of sensitive personal information that posed a threat to both the affected individuals and the inst...
Inspector general finds NIST mistakes have made vulnerability database ineffective
NIST’s National Vulnerability Database (NVD) backlog mushroomed from 13,000 unprocessed security vulnerabilities in February 2024 to more than 27,000 by the ...
NSA selects new leads for key cybersecurity posts
David Imbordino, an NSA senior executive who most recently led its cybersecurity directorate in an acting capacity, has been named as its new chief. Bruce Jo...
Microsoft says it will not pursue security researchers after zero-day backlash
Microsoft said it is taking the feedback seriously, adding: “To be clear about our approach to legal matters, we have no intention to pursue action against i...
Unknown hacker group targeted Russian maritime universities, diplomats for nearly two years
More than half of the attacks observed over the past year targeted educational institutions, particularly maritime universities and schools that train person...
Afghan finance officials targeted by suspected Pakistani cyberespionage campaign
A suspected Pakistan-linked hacking group has targeted Afghanistan's Ministry of Finance and provincial government officials in a new cyberespionage campaign...
Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more
Each vulnerability was published with working proof-of-concept code to the Microsoft-owned code repository GitHub, making them immediately available to both ...
Cruise giant Carnival confirms data breach affecting nearly 6 million people
The company said the threat actor gained access to a limited portion of its IT environment last month after compromising an employee account. By the end of A...