The Irish Data Protection Commission (DPC) has fined TikTok €530 million (over $601 million) for illegally transferring the personal data of users in the European Economic Area (EEA) to China, violating the European Union’s GDPR data protection regulations. […]
UK Retailers Co-op, Harrods and M&S Struggle With Cyberattacks
Major UK retailers Co-op, Harrods, and M&S are scrambling to restore services that were affected by cyberattacks.
The post UK Retailers Co-op, Harrods and M&S Struggle With Cyberattacks appeared first on SecurityWeek.
How to Automate CVE and Vulnerability Advisory Response with Tines
Run by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition.
A recent standout is a workflow that automates monitoring for security advisories from CISA and other vendors, enriches advisories with CrowdStrike
A recent standout is a workflow that automates monitoring for security advisories from CISA and other vendors, enriches advisories with CrowdStrike
Nova Scotia Power Says Hackers Stole Customer Information
Nova Scotia Power’s investigation has shown that the recent cyberattack resulted in the theft of some customer information.
The post Nova Scotia Power Says Hackers Stole Customer Information appeared first on SecurityWeek.
Microsoft fixes Exchange Online bug flagging Gmail emails as spam
Microsoft has resolved an issue with a machine learning model that mistakenly flagged emails from Gmail accounts as spam in Exchange Online. […]
RSA Conference 2025 Announcement Summary (Day 3)
Hundreds of companies showcased their products and services this week at the 2025 edition of the RSA Conference in San Francisco.
The post RSA Conference 2025 Announcement Summary (Day 3) appeared first on SecurityWeek.
Microsoft Accounts Go Passwordless by Default
Microsoft is prioritizing passwordless sign-in and sign-up methods, and is making new accounts passwordless by default.
The post Microsoft Accounts Go Passwordless by Default appeared first on SecurityWeek.
MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks
The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver.
“MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts,” Recorded Future’s Insikt Group said in a report shared with The Hacker News.
“The malware employs sandbox and virtual machine evasion techniques, a domain
“MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts,” Recorded Future’s Insikt Group said in a report shared with The Hacker News.
“The malware employs sandbox and virtual machine evasion techniques, a domain
Ukrainian Nefilim Ransomware Affiliate Extradited to US
Ukrainian national Artem Stryzhak was extradited to the US and charged with using Nefilim ransomware in attacks on large businesses.
The post Ukrainian Nefilim Ransomware Affiliate Extradited to US appeared first on SecurityWeek.
Microsoft makes all new accounts passwordless by default
Microsoft has announced that all new Microsoft accounts will be “passwordless by default” to secure them against password attacks such as phishing, brute force, and credential stuffing. […]