The Record

A North Korean state-linked hacking group known for spying added some "newly observed" ransomware to its kit in a campaign targeting South Koreans, researchers said.

Two weeks ago, the ransomware gang’s darknet extortion sites were seized in an operation involving police from more than nine countries including Germany, France and the United Kingdom.

The plaintiffs argued that a 2017 rules change enabling law enforcement to use spyware to eavesdrop on encrypted chats and messaging platforms could unfairly expose communications belonging to people who are not criminal suspects.

Organizations with on-premises Microsoft Exchange servers are being urged to take steps to reduce exposure to a vulnerability recently reported by a researcher.

Bouygues Telecom, a large French mobile carrier, disclosed a cyberattack and data breach affecting more than 6 million customer accounts.

Fines from a state regulator pushed one car maker to improve the data privacy on its website and customer portal, and others seem to have taken notice, according to new ratings from the watchdog Privacy4Cars.

Tornado Cash cofounder Roman Storm was found guilty of conspiring to operate an unlicensed money-transmitting business, while the jury failed to reach a ruling on more significant charges around money laundering and sanctions violations.

Hackers have been sending fake summons emails purportedly from Ukrainian courts to target the country’s military and defense, cyber authorities have found.

The National Cyber Security Centre stressed that Britain was underestimating the severity of the risk to critical infrastructure from cyberattacks and provided updated guidance for operators to protect themselves.

Chukwuemeka Victor Amachukwu, 39, was extradited from France on Monday and appeared in a New York District Court on Tuesday — where he is now facing hacking, wire fraud and identity theft charges that will lead to decades-long sentences if he is convicted.

Windows spyware tracked as DevilsTongue — a product of the company Candiru — is likely still active, with clusters appearing in Hungary and Saudi Arabia, researchers said.

The Click Here podcast talked with DEF CON and Black Hat founder Jeff Moss ahead of this year's events in Las Vegas.

A broad range of personal and health data was exposed in an April ransomware attack on dialysis provider DaVita, the company said in notices filed in several states.

According to the research published Tuesday, it is possible for an attacker to break into the ControlVault chip used in many laptops owned by security professionals and modify the firmware inside.

The Treasury Department warned that the massive increase in the number of crypto ATMs — convertible virtual currency kiosks — has been accompanied by a spike in the number of operators who fail to comply with anti-money laundering rules.

Multiple cybersecurity incident response firms are warning about the possibility that a zero-day vulnerability in some SonicWall devices is allowing ransomware attacks.

The decision in the civil case against Meta over how it handled data from the Flo period tracking app represents a significant loss for the tech giant, privacy advocates say.

Ukraine’s military intelligence agency said it hacked into government servers in Russian-occupied Crimea that allegedly contained evidence of Russia’s forced deportation of Ukrainian children from occupied territories.

The Senate voted 59-35 to place Republican Party insider Sean Cairncross atop the Office of the National Cyber Director, which plays a pivotal role in dictating policy and bolstering U.S. cybersecurity efforts.

The Commission on Cyber Force Generation will develop potential routes Congress and the White House could follow in creating a separate cyber service and aim to deliver them in time for next year’s must-pass national defense authorization act.