All news with #news tag

⚖️ The ICO has confirmed that Imgur’s decision to block UK access does not absolve the company from scrutiny over alleged past data protection breaches. The regulator issued a notice of intent to fine parent company MediaLab on 10 September and says its findings are provisional while the investigation continues. The concerns relate to potential breaches of the Age Appropriate Design Code, including failures to request or verify ages, lack of high-privacy defaults for children, and serving targeted adverts to minors. The ICO stressed that exiting the UK market is a commercial choice and does not prevent regulatory action for prior infringements.

⚠️ The US government shutdown that began on Sept. 30 deepens federal cyber risk by compounding prior spending cuts and workforce reductions. Significant cuts — including roughly $1.23 billion trimmed from civilian cyber budgets and about 1,000 CISA staff fired earlier in July — have already weakened defenses. Agencies have issued contingency plans and will exempt some critical SOCs and intelligence functions, but contractors and broader response capacity face disruption. Adversaries are likely monitoring for opportunities, and the effects will persist even after funding resumes.

🔒 Congress allowed CISA 2015 to lapse on Sept. 30, 2025 amid a US government shutdown, removing statutory liability shields for private-sector cyber threat information sharing. The expiration reduces government visibility into corporate threat data and is likely to make companies and CISOs more cautious about exchanging indicators and defensive measures. Experts urge immediate legal review and expect Congress may pursue a temporary reauthorization, though the timing and duration remain uncertain.

🔒 Imgur has geoblocked access for users in the United Kingdom after the Information Commissioner's Office (ICO) issued a notice of intent on 10 September 2025 to impose a monetary penalty on Imgur's parent, MediaLab, over age-verification and children's data protections under the Online Safety Act. From 30 September 2025 UK visitors cannot log in, view, upload, or see embedded Imgur content on third-party sites. The ICO cautioned that blocking UK traffic does not absolve the company of potential fines while MediaLab may make representations.

🚀 This roundup highlights how leading organizations are using Google Cloud to optimize networks, accelerate AI, and scale mission-critical services. From Uber reducing edge latency with Hybrid NEGs to Target rebuilding search with AlloyDB AI hybrid search, customers report measurable gains in performance, cost, and reliability. Healthcare, finance, media, and telecommunications teams also describe operational wins — faster inference, seamless migrations, and stronger real-time experiences.

🔒 CISA has transitioned to a new direct-support model to equip state, local, tribal, and territorial (SLTT) governments with access to grant funding, no-cost cybersecurity tools, and hands-on expertise. The agency’s cooperative agreement with the Center for Internet Security concludes on September 30, 2025, and CISA will deliver funding via DHS/FEMA programs including SLCGP and TCGP. Offered services include cyber hygiene scanning, phishing assessments, vulnerability management, the Cybersecurity Performance Goals and Cyber Security Evaluation Tool, regional advisors and incident response coordination, while CISA continues collaboration with MS-ISAC for Albert sensor users.

🔒 CISA announced a transition to a new support model to better equip state, local, tribal, and territorial (SLTT) governments to strengthen shared responsibility nationwide. The agency's cooperative agreement with the Center for Internet Security (CIS) will end on September 30, 2025, prompting a shift to direct support. CISA will provide access to grant funding (via DHS/FEMA SLCGP and TCGP), no-cost tools such as cyber hygiene scanning and phishing assessments, regional advisors, and professional services to bolster local cybersecurity posture.

🔐 Tony Anscombe reviews the top cybersecurity stories for September 2025 and highlights their implications for defenders. Incidents include disruptions at major European airports after a ransomware attack on Collins Aerospace, a prolonged outage at Jaguar Land Rover following an IT breach, and a large npm supply‑chain compromise that drew a CISA alert. He also notes impersonation campaigns targeting macOS users with LastPass‑themed information‑stealers.

🛡️ At the CSO30 Australia Awards 2025, Australia’s top cybersecurity leaders and teams were recognised for initiatives that materially strengthened organisational security and resilience. The Sydney gala, held alongside the CIO50 and aligned with Foundry’s global program, honoured winners for business value, leadership and emerging talent. Shaun Martin (Aware Super) secured the Business Value award and Manasseh Paradesi (Tyro Payments) won Leadership, while Duné Sookloll took the Next CISO prize—each cited for measurable impact, stakeholder engagement and industry contribution.

🔐 President Trump has signed an executive order approving a plan to separate TikTok’s U.S. operations from Chinese owner ByteDance, enabling a new U.S.-based joint venture to manage the service domestically. The agreement covers TikTok and related apps such as Lemon8 and CapCut and limits ByteDance to under 20% ownership. Oracle and other American investors will control algorithms, data storage, and content moderation while security partners monitor code and data flows.

🔒 A Sophos survey of 300 C-level executives across the DACH region finds that budget shortfalls are the primary barrier to implementing planned cybersecurity measures, with roughly one in ten organisations abandoning initiatives due to cost. Manufacturing and retail report the highest incidence of cancelled projects, while service firms are least affected. The study also notes that technical complexity is rarely cited as a blocker and that some firms, notably in manufacturing, consciously accept cyber risk, with younger executives in Germany and Switzerland tending to be more risk tolerant.

🔒 At DEF CON 33, Google and Airbus hosted the GenSec Capture the Flag (CTF) to promote human–AI collaboration and accelerate adoption of AI in cybersecurity workflows. Nearly 500 participants completed introductory challenges, 23% used AI for security for the first time, and 85% found the event useful for learning practical AI applications. The CTF also featured Sec-Gemini as an optional assistant in the UI; 77% of respondents rated it very or extremely helpful, and organizers are incorporating feedback into future iterations.

🕵️‍♂️ In a five-month international campaign, Operation HAECHI VI led by Interpol and partner agencies recovered more than $439 million in cash and cryptocurrency tied to cyber-enabled financial crimes. Investigators from 40 countries across five continents targeted a broad range of scams — including voice phishing, investment fraud, BEC, sextortion and romance scams — freezing 400 crypto wallets and blocking over 68,000 bank accounts. The action included 45 arrests in Portugal and multimillion-dollar recoveries in Thailand, building on prior HAECHI phases that netted hundreds of millions and thousands of arrests.

🔐 Fortinet’s Veterans Program, in partnership with VetSec, provides veterans and spouses free access to training, hands-on labs, and certification vouchers to accelerate entry into cybersecurity. Participants progress from foundational courses through associate-level credentials, including structured offerings such as the Networking Fundamentals Bootcamp. Graduates like Jeramiah Poff and Derek Zobler reported direct job placements—roles ranging from security architect to cyberthreat hunter—demonstrating measurable workforce impact.

🔔 The Cybersecurity and Infrastructure Security Agency (CISA) announced Stephen L. Casapulla as its new Executive Assistant Director for Infrastructure Security. Casapulla brings extensive federal experience, including service as Director for Critical Infrastructure Cybersecurity in the Office of the National Cyber Director and more than thirteen years at CISA and predecessor organizations. He also has prior roles at the Small Business Administration and the Department of State in Iraq, and over twenty years as a U.S. Navy Reserve officer. Casapulla will continue interim duties at the National Risk Management Center (NRMC) and serve as Acting Chief Strategy Officer.

🌐 Cloudflare announced sponsorships for two independent open-source projects: Ladybird, a browser built from scratch with new LibWeb and LibJS engines, and Omarchy, an opinionated Arch Linux setup for developers. The company frames its contributions as unconditional, aimed at preserving diversity, privacy, security, and performance across client and developer tooling. Both projects are early-stage, invite community contributions, and may influence broader web platform standards and developer workflows.

🚀 Cloudflare will open select office locations as free coworking hubs for early-stage companies beginning January 2026. The pilot will allow a capped number of external visitors on select days in San Francisco, Austin, London, and Lisbon, with registration coordinated through the Cloudflare for Startups program. Visitors will have access to common spaces at no cost, with simple ground rules and cohort-based scheduling—no mandatory talks or obligations.

🚀Cloudflare will hire up to 1,111 interns in 2026 across global hub offices to accelerate the creative application of AI and broaden its talent pipeline. Interns will be embedded on cross-functional teams—from engineering and product to marketing, legal, and finance—and are expected to deliver concrete, customer-facing work. Positions are paid, typically 12 weeks in length, with hybrid in-office attendance and dedicated mentors. Software engineering applicants can be fast-tracked by submitting an AI-powered project built on Cloudflare.

📣 Cloudflare’s 2025 Founders’ Letter reflects on 15 years of Internet change, highlighting encryption’s rise thanks in part to Universal SSL, slow IPv6 adoption, and the rising costs of scarce IPv4 space. It warns that AI answer engines are shifting value away from traffic-based business models and threatening publishers. Cloudflare previews tools and partnerships — including AI Crawl Control — to help creators control access and negotiate compensation.

🔒 The Royal Canadian Mounted Police have dismantled the TradeOgre cryptocurrency exchange and seized more than $40 million in assets believed linked to criminal activity. The small, privacy-focused platform — which supported Monero and did not enforce Know Your Customer (KYC) checks — was taken offline after an investigation by the RCMP’s Money Laundering Investigative Team. Authorities say the exchange failed to register with FINTRAC and cautioned not all seized funds have been confirmed as criminal proceeds.