All news with #regulatory action tag

🧑‍💻 Three 17-year-olds in the Netherlands are suspected of providing services to a foreign power after one was found communicating with an unnamed Russian-government-affiliated hacking group. Prosecutors say the linked suspect directed the others to repeatedly map Wi‑Fi networks in The Hague and then sold the collected data to the client's contact for a fee. The investigation, opened after a report from the Military Intelligence and Security Service, led to two arrests on 22 September and seizure of devices from a third minor. An updated Criminal Code effective 15 May 2025 now criminalizes digital espionage, carrying up to eight years' imprisonment (or up to 12 years in the most serious cases).

⚖️ More than seven in 10 IT leaders list regulatory compliance as a top-three challenge when deploying generative AI, according to a recent Gartner survey. Fewer than 25% are very confident in managing security, governance, and compliance risks. With the EU AI Act already in effect and new state laws in Colorado, Texas, and California on the way, CIOs worry about conflicting rules and rising legal exposure. Experts advise centralized governance, rigorous model testing, and external audits for high-risk use cases.

🔒 German authorities, working with BaFin, Europol and Bulgarian law enforcement, seized 1,406 fraudulent crypto and investment domains in Operation Heracles on October 3, 2025. The seized sites, which targeted German-speaking users, now display warning banners after roughly 866,000 access attempts were recorded in the first ten days. Authorities warn these professional-looking platforms often use AI-generated content, mobile apps and call centres to defraud victims.

🔒 The ICO fined Capita £14 million after a March 2023 cyberattack that exposed personal information for 6.6 million people and hundreds of clients, including 325 pension providers. Attackers—claiming responsibility as Black Basta—gained access via a malicious file, remained in systems for 58 hours, exfiltrated almost 1TB, and deployed ransomware. The fine was reduced from an initial £45 million after Capita accepted liability and implemented remediation measures, including enhanced access controls and customer protections.

🔒 Nineteen‑year‑old college student Matthew D. Lane was sentenced to four years in prison and ordered to pay $14 million in restitution and a $25,000 fine after pleading guilty for his role in a December 19, 2024 breach of PowerSchool. Authorities say Lane and accomplices used credentials stolen from a subcontractor to access the PowerSource support portal and download databases containing personal records for millions of students and staff. Attackers demanded Bitcoin ransoms and attempted to extort individual districts; PowerSchool paid a ransom before the full scope was disclosed.

🛡️ CISA has issued Emergency Directive 26-01 requiring Federal Civilian Executive Branch agencies to install vendor-provided updates for at-risk F5 devices and software — including F5OS, BIG-IP TMOS, BIG-IQ, and BNK/CNF — by October 22, 2025. The action responds to disclosure that a nation-state actor maintained persistent access to F5 development environments and exfiltrated files containing embedded credentials and API keys. CISA will assess and support agency adherence and urges all entities using these products to apply mitigations immediately.

⚠ CISA issued Emergency Directive ED 26-01 directing Federal Civilian Executive Branch agencies to inventory and secure F5 BIG-IP hardware and software, assess public internet exposure of management interfaces, and apply vendor patches. Agencies must update specified F5 products by Oct. 22, 2025 (other devices by Oct. 31) and submit inventories to CISA by Oct. 29, 2025. The directive responds to a nation-state actor compromise that exfiltrated BIG-IP source code and vulnerability data.

🔒 The Information Commissioner’s Office (ICO) confirmed Capita will not appeal a £14m penalty for security failings that led to a March 2023 breach affecting nearly seven million people. The fine was reduced from an initial £45m after the ICO considered post-incident remediation, support to affected individuals and engagement with the NCSC. The regulator cited delayed SOC response, absence of a tiered privileged-access model and siloed pen testing that allowed a threat actor linked to Black Basta to escalate privileges and deploy ransomware.

🛡️The UK and US have jointly sanctioned a transnational network accused of operating scam centres across Southeast Asia, immediately freezing businesses and UK properties linked to the group. Targets include Prince Group, its chairman Chen Zhi, and proxy firms such as Jin Bei Group, Golden Fortune Resorts World Ltd and crypto platform Byex Exchange. Investigations by the UK FCDO and US OFAC allege victims were lured by fake job adverts, forced to perpetrate online fraud under threat of torture, and that proceeds were laundered via front companies, casinos and crypto services.

📣 Senior leaders are being warned to take personal responsibility for cyber resilience as the UK government says organisations cannot rely on state protection alone. The NCSC's 2025 Annual Review recorded 204 "nationally significant" incidents and prompted a ministerial letter to FTSE 350 CEOs urging physical incident plans and supply‑chain checks. The agency also highlighted slow uptake of Cyber Essentials and launched the Cyber Action Toolkit to help small businesses reach minimum standards.

🔍The Brookings report details the Trump administration’s expanded social media surveillance to identify and punish foreign nationals for public speech. Agencies historically gathered millions of handles, but Secretary of State Marco Rubio has promoted a zero-tolerance “Catch and Revoke” policy that uses AI to flag conduct deemed contrary to national interest. Rubio said about 300 visas—mainly student and visitor visas—were revoked, and a State Department cable now requires student applicants to set accounts public for vetting.

🔐 The Council of Europe has authorized the European Commission and EU member states to sign the United Nations Convention against Cybercrime, adopted by the UN General Assembly in December 2024, which sets common global standards for cybercrime and the cross-border exchange of electronic evidence. The treaty requires harmonization of criminal offenses, including computer fraud, illegal interception and measures targeting online child sexual abuse, grooming and non-consensual dissemination of intimate images, while including explicit safeguards to protect human rights. The Convention will be open for signature from October 25, 2025 until December 31, 2026 and enters into force ninety days after the fortieth ratification; the EU Presidency will prioritize finalizing a Council decision to enable conclusion of the instrument and seek the European Parliament's consent.

🛡️ US and French authorities say they have seized at least one clearweb domain used by the cybercrime forum BreachForums, which has been acting as a leak site linked to recent Salesforce breaches. Screenshots of the site display logos for the FBI, DOJ, BL2C and JUNALCO, although the forum's .onion instance appears still accessible. Reports suggest breachforums[.]hn was disrupted while threat actors such as ShinyHunters claim backups and backend servers were compromised or destroyed. Experts warn the seizure may yield valuable historical data for investigations, but will not immediately stop ongoing extortion of victims.

🔔 The US Department of Homeland Security has reassigned hundreds of cybersecurity personnel from the Cybersecurity and Infrastructure Security Agency to non-cyber roles supporting immigration and border enforcement, reports say. This shift has most impacted CISA’s Capacity Building team, which writes emergency directives and oversees protections for the government’s highest-value assets; refusal to accept new roles reportedly risks termination. Analysts warn that reductions in specialized threat hunting, vulnerability scanning, and coordinated advisories will slow response times and create exploitable gaps. Enterprises are urged to tighten patch cycles, adopt phishing-resistant MFA, review privileges, and rely on sector ISACs and private intel sharing while federal capacity is strained.

🔍 The UK Information Commissioner’s Office (ICO) won an Upper Tribunal ruling that bolsters its authority to enforce the UK GDPR against Clearview AI and increases the likelihood of a previously issued £7.5m penalty being upheld. The tribunal found that Clearview’s scraping and global database usage involved monitoring the behavior of UK residents and is not beyond the reach of UK law even when services are provided to foreign law‑enforcement customers. The UT has directed the First‑Tier Tribunal to reconsider its earlier decision in light of this jurisdictional clarity, though Clearview may still appeal.

🔒 Two teenage boys were arrested in Bishop's Stortford on suspicion of computer misuse and blackmail following a ransomware attack on the Kido nursery group, the Metropolitan Police said. Referred to the Met by Action Fraud on 25 September, investigators allege attackers demanded £600,000 in Bitcoin after stealing names, addresses, contact details and photos of around 8,000 children via a Famly account. The group, which called itself "Radiant," reportedly contacted parents directly and posted some images on the dark web before blurring and later claiming deletion; the app provider says its infrastructure was not breached. The Met described the arrests as a significant step while inquiries continue alongside partner agencies.

🔒 it-sa 2025 opened in Nuremberg on October 7, with organizers reporting 990 exhibitors — a 15% increase over last year — and an expected attendance record to be announced at the close. At the opening press conference, BSI President Claudia Plattner said the agency will implement the Cyber Resilience Act in Germany and exercise market surveillance powers. Industry leaders highlighted strong market growth, rising cybercrime losses, and calls to increase corporate security budgets while supporting European security startups.

🔐 At Europol’s 4th Annual Cybercrime Conference in The Hague, officials warned that criminals are exploiting encryption, anonymization and emerging technologies faster than law enforcement and regulators can adapt. Speakers including Europol executive director Catherine De Bolle and European commissioner Magnus Brunner urged stronger cooperation, updated laws and enhanced cross-border data-sharing to ensure lawful access to digital evidence while respecting privacy.

⚠️ The US government shutdown will sharply reduce federal cybersecurity capacity, with CISA set to furlough approximately 1,651 of its 2,540 staff (about 65%), leaving only 889 employees, and NIST estimated to retain roughly 34% of its workforce. Core functions such as vulnerability management, guidance, the CVE program and website operations will be curtailed until appropriations resume. The pause raises immediate operational risks, complicates incident response and increases opportunities for threat actors and fraud.

🔒 The 2015 Cybersecurity Information Sharing Act (CISA 2015) has expired after lawmakers failed to extend legal safe-harbors for voluntary threat sharing via the Automated Indicator Sharing program (AIS). Amid a congressional funding standoff and a resulting partial government shutdown, industry leaders warn the lapse exposes companies to litigation and may deter intelligence exchange. Security executives say reduced sharing could create blind spots, elevate software supply-chain risk and slow development of AI-driven defenses.