Threatline

US lawmakers want to put NSO Group, 3 other spyware makers out of business with fresh severe sanctions

Eighteen US Democratic lawmakers have asked the Treasury Department and State Department to punish Israel-based spyware maker NSO Group and three other surveillance software firms for enabling human rights abuses.…

As CISA tells US govt agencies to squash Log4j bug by Dec 24, fingers start pointing at China, Iran, others

Microsoft reckons government cyber-spies in China, Iran, North Korea, and Turkey are actively exploiting the Log4j 2.x remote-code execution hole.…

Facebook expands bug bounty program to include scraping attacks, two years after it was scraped – hard

Japan draws a LINE: web giants must reveal where they store user data

Social media and search engine operators in Japan will be required to specify the countries in which users' data is physically stored, under a planned tweak to local laws.…

National Cyber Strategy will lead to BritChip for mobile devices by 2025, claims UK.gov

National Cyber Strategy

Move fast, break security: Why CISOs must push back against Agile IT

The Vectra Masked CISO series gives security leaders a place to expose the biggest issues in security and advise peers on how to overcome them.

East Londoners nicked under Computer Misuse Act after NHS vaccine passport app sprouted clump of fake entries

British police have made a series of arrests over the past few months after people with apparent access to NHS databases allegedly sold fake vaccination status entries on the NHS vaccine passport app.…

Why ransomware attacks happen out of hours or during the holidays

Facebook locks out 1,500 fake accounts used by cyber-spy firms to snoop on people, alerts 50k potential targets

Facebook successor Meta on Thursday said it canceled 1,500 social media accounts used by seven surveillance-for-hire firms to conduct online attacks against government critics and members of civil society.…

Over Log4j? VMware has another critical flaw for you to patch

Log4j bug