Federal regulators initiated a probe of social media after accusing firms such as Facebook of presiding over a surge in advertising fraud including ads for sham healthcare products. Sham ads "can pose real dangers," including by spreading health disinformation, said Commissioner Rebecca Slaughter.
The Securities and Exchange Commission proposed a slew of new cybersecurity rules for the companies underpinning the U.S. stock market, the latest sign of increasing unhappiness among Biden administration officials about the private sector's management of digital risk.
An overview of the White House's spending blueprint for the coming federal fiscal year shows big proposed increases for cybersecurity. CISA would receive $145 million more that current amounts. Ukraine would receive hundreds of millions to counter "Russian malign influence" including in cyberspace.
Hackers have been selling data stolen from an online health insurance marketplace used by members of Congress and residents of Washington, D.C. The cause, size and scope of the breach are still unknown. The data pertains to "numerous" lawmakers as well as their spouses, dependents and employees.
A dozen U.S. senators on Tuesday introduced legislation backed by the White House charging the federal government with initiating a process to systematically block foreign technology from reaching the domestic market when the tech poses a national security threat.
Cybersecurity will take its place alongside chemical contaminant removal as an element the U.S. Environmental Protection Agency says public water systems must mitigate. "Cyberattacks that are targeting water systems are real and a significant threat," said an EPA official.
Internet domain registrar GoDaddy says it is the victim of a yearslong hacking campaign that installed malware on internal systems and obtained source code. The hackers' "apparent goal is to infect websites and servers with malware for phishing campaigns, malware distribution," the company says.
The FBI is investigating a hack of its computer network. “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time," the bureau said in a statement provided to Information Security Media Group.
Chris Inglis, head of the Office of the National Cyber Director in the White House, stepped down from the position. The widely anticipated move comes as the Biden administration finalizes a national cyberspace strategy expected to call for more regulation and the disruption of malicious actors.
The California city of Oakland is in a state of emergency as its response to a ransomware attack enters its second week. The attack did not affect emergency systems, including 911 dispatch and fire services, or the city's financial systems, the city says.
Russian operators of the TrickBot banking Trojan that later evolved into a ransomware dropper felt trans-Atlantic pressure Thursday through sanctions imposed by the United States and the United Kingdom and an indictment against a senior figure unsealed by U.S. federal prosecutors in New Jersey.
The German government selected a new president for the Federal Office for Information Security, better known as BSI. Claudia Plattner, currently serving as the European Central Bank's director general of information systems, is set to lead the agency starting on July 1.
Denis Mihaqlovic Dubnikov, 30, pleaded guilty in U.S. federal court to conspiracy to commit money laundering. Federal prosecutors say the Russian national laundered more than $400,000 for the Ryuk ransomware-as-a-service gang. He faces up to 20 years in prison and a potential fine of $500,000.
The insider threat hacker who attempted to extort $1.9 million out of Ubiquiti Networks faces sentencing in May after pleading guilty to three crimes in federal court. The hacker, Nickolas Sharp, was the company's cloud lead and was on the team remediating the security incident he caused.
The FTC has for the first time enforced its almost 14-year-old health data breach notification rule. It hit a telehealth and prescription drug discount provider with a $1.5 million civil penalty for failing to inform consumers that it shares their data with advertisers and other third parties.