Tim Toole reports: A ransomware attack on Business Systems House (BSH), a Middle Eastern partner of payroll provider ADP, led to Broadcom employee data theft in September 2024. Data was leaked online in December, but Broadcom wasn’t informed until May 2025. The El Dorado ransomware group claimed responsibility for the breach, which occurred as Broadcom…
Martin Fornusek reports: Russian-linked hackers targeted U.K. Defense Ministry staff in an espionage operation while posing as journalists, Sky News reported on May 29, citing the British government. The cyber attack was detected and thwarted, the government said. Speaking to reporters at a government facility where a team had disrupted the Russian-backed operation, U.K. Defense Minister John Healey revealed the…
Graham Cluley writes: The Turkish government is proposing a controversial new cybersecurity law that could make it a criminal act to report on data breaches. The new legislation proposes penalties for various cybersecurity-related offences. But the key one which has people concerned is this: “Those who carry out activities aimed at targeting institutions or individuals…
From Hogan Lovells: The rapid development of data protection laws across the Asia-Pacific region indicates significant movement toward certain standards, albeit with notable local policy variations across multiple areas. Our Asia-Pacific Data, Privacy, and Cybersecurity Guide 2025 will explore these developments, key initiatives in major APAC jurisdictions, and the implications of an ever-changing regulatory landscape….
Zack Whittaker reports: U.S. prosecutors have formally linked the arrest of a serving U.S. Army soldier in December to a massive theft of U.S. phone records from AT&T and Verizon last year. Authorities arrested Cameron John Wagenius, a U.S. Army communications specialist, in Texas on December 20 following a brief two-page grand jury indictment accusing the U.S….
Researchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams. The post Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams appeared first on SecurityWeek.
RTHK reports: The Office of the Privacy Commissioner for Personal Data says a data breach incident by ImagineX has led to nearly 128,000 people’s information being compromised. Failing to delete temporary accounts in a timely manner and the use of end-of-support operating systems were the main factors leading to the breach, the Office of the…
