The Record

FlexiSPY, which is commercially available, can be more easily detected than far more expensive mercenary spyware available to nation states but has similar capabilities once installed, said John Scott-Railton, a forensic researcher at The Citizen Lab who helped confirm the infection.

Under the bail conditions, Illia Vitiuk must appear when summoned, report any change of residence, avoid contact with certain individuals and surrender his foreign passports to investigators.

A proposed update to China's national Cybersecurity Law would give Beijing firmer oversight over tech products while increasing penalties for companies and executives that don't meet requirements.

At least 29 people are dead and the prime minister has resigned following days of protests in Nepal over a social media ban that officials eventually lifted.

New York Blood Center submitted documents to regulators in Maine, Texas, New Hampshire and California that confirmed the cyberattack, which they said was first discovered on January 26.

Volodymyr Tymoshchuk, currently a fugitive, was an administrator for multiple ransomware strains, including LockerGoga, said U.S. prosecutors in unsealing an indictment against the Ukrainian national.

The Department of Justice’s Computer Crime and Intellectual Property Section (CCIPS) is pursuing funds taken from five victims between late October 2022 and March 2023, according to a news release.

King, a leading voice in the Senate on cybersecurity issues, honed in on the thousands of staffers and experts laid off by CISA, saying the agency has lost 30 percent of its staff and most of its seasoned leaders.

“We've admired the problem for too long, and now it's time to do something about it,” National Cyber Director Sean Cairncross said about the cybersecurity threat environment.

On Monday, independent researchers revealed that the app’s application programming interface (API) reportedly contained a flaw that allowed outsiders to retrieve photos and personal details from other users’ accounts without authorization.

OT security company Nozomi Networks will operate as a wholly owned subsidiary of Mitsubishi Electric, with its headquarters still in San Francisco, the companies said in announcing the acquisition.

Sources tell Recorded Future News that top Trump administration officials have accepted that splitting up the leadership of U.S. Cyber Command and the National Security Agency would prove too lengthy and arduous amid other national security priorities.

The hacker spent months performing reconnaissance activities on both Salesloft application environments as well as those for Drift, an AI chatbot company that Salesloft acquired last year.

The disruption is the latest to hit a high-profile brand in the United Kingdom, and follows repeated delays in the British government introducing cybersecurity regulations that would require businesses to better protect themselves from attacks.

Secretary of State Marco Rubio said U.S. officials sanctioned nine people and companies involved in running Shwe Kokko — a hub for scam centers in Myanmar — as well as four individuals and six entities for their roles operating forced labor compounds in Cambodia.

Indian cybersecurity researchers claimed Kazakhstan's state-owned oil company had been hacked by a Russian-speaking operation. It was all just a pentest, though, the company said.

The "Gen Z protest" against Nepal's restrictions on 26 major social media platforms turned deadly as police clashed with demonstrators.

Roblox says it will build a system to ensure that adults and children aren't communicating unless they know one another outside the gaming platform.

Australian airline Qantas reduced bonuses for its corporate leaders in response to a breach that exposed the data of 5.7 million people earlier this year.

After the notices from Sitecore and Mandiant on Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its exploited bugs catalog, giving all federal civilian agencies three weeks to patch it.