Security Bundle.

"Tik Tok slammed with E530 million GDPR fine for sending E.U. data to China."

 Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 02 May 2025, 1354 UTC.

Content and Source provided by https://feedly.com.

https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895

Please check email link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

24

Most popular

TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China

TikTok fined 530 million euros

•

73The Hacker News / 1h

Ireland's Data Protection Commission (DPC) on Tuesday fined popular video-sharing platform TikTok €530 million ($601 million) for infringing data protection regulations in the region by transferring European users' data to China. "TikTok infringed the GDPR regarding its transfers of EEA [European Economic Area] User Data to China and its transparency requirements," the DPC said in a statement. "

Three Brits charged over 'active shooter threats' swattings in US, Canada

The Register – Security / 40min

UK starts prosecution days after FBI vowed to clamp down on the crime Three young Brits are accused of stateside swatting offences and will appear in a UK court today to face their charges after a joint investigation by the FBI and Merseyside cops.…

UK Retailers Co-op, Harrods and M&S Struggle With Cyberattacks

4 TTPs

•

SecurityWeek / 2h

•

Harrods targeted by cyber attack

Major UK retailers Co-op, Harrods, and M&S are scrambling to restore services that were affected by cyberattacks. The post appeared first on SecurityWeek .

Today

NotebookLM apps are coming soon to Android and iOS - how to be first in line

Google launches NotebookLM mobile app

•

ZDNet | Security / 40min

Google's NotebookLM mobile app listings are now live. Expect to hear more about them at I/O 2025 on May 20.

Redis returns to open source with AGPLv3 license but not everyone is happy

Redis returns to open source

•

ZDNet | Security / 1h

Redis leadership asserts that the AGPLv3 license strikes the right balance between protecting the company's business interests and supporting the open-source community. We'll see if developers and customers agree.

Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures

Raytheon Nightwing pay 84M$ settlement

•

SecurityWeek / 1h

The US government says defense contractor Raytheon and Nightwing agreed to pay $8.4 million to settle False Claims Act allegations. The post appeared first on SecurityWeek .

Microsoft sets all new accounts passwordless by default

Microsoft makes accounts passwordless by default

•

Security Affairs / 1h

Microsoft announced that all new accounts will be “passwordless by default” to increase their level of security. Microsoft now makes all new accounts “passwordless by default,” enhancing protection against social engineering attacks, phishing, brute-force, and credential stuffing attacks. “As part of this simplified UX, we’re changing the default behavior for new accounts. Brand new Microsoft acc

In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down

7 TTPs

•

SecurityWeek / 1h

Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police. The post appeared first on SecurityWeek .

TikTok fined €530 million for sending European user data to China

TikTok fined 530 million euros

•

47BleepingComputer / 1h

The Irish Data Protection Commission (DPC) has fined TikTok €530 million (over $601 million) for illegally transferring the personal data of users in the European Economic Area (EEA) to China, violating the European Union's GDPR data protection regulations. [...]

How to Automate CVE and Vulnerability Advisory Response with Tines

25The Hacker News / 2h

Run by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by security practitioners from across the community - all free to import and deploy through the platform’s Community Edition. A recent standout is a workflow that automates monitoring for security advisories from CISA and other vendors, enriches advisories with CrowdStrike

MIWIC25: Marine Ruhamanya, Cybersecurity Senior Manager

IT Security Guru / 3h

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee’s answers are written in their own words. In 2025, the awards were sponsored by BT , KnowB

Nova Scotia Power Says Hackers Stole Customer Information

Emera Nova Scotia Power cybersecurity response

•

SecurityWeek / 3h

Nova Scotia Power’s investigation has shown that the recent cyberattack resulted in the theft of some customer information. The post appeared first on SecurityWeek .

British govt agents step in as Harrods becomes third mega retailer under cyberattack

Harrods targeted by cyber attack

•

The Register – Security / 3h

Experts suggest the obvious: There is an ongoing coordinated attack on UK retail sector Harrods, a globally recognized purveyor of all things luxury, is the third major UK retailer to confirm an attempted cyberattack on its systems in under two weeks.…

When is the best time to book your flight? Google just spilled all the airfare secrets

ZDNet | Security / 3h

Google Flights analyzed four years of airfare data, providing insights on finding the cheapest flights and the best days to book.

Microsoft fixes Exchange Online bug flagging Gmail emails as spam

100BleepingComputer / 3h

​Microsoft has resolved an issue with a machine learning model that mistakenly flagged emails from Gmail accounts as spam in Exchange Online. [...]

I didn't expect to love a budget stylus phone - but Motorola proved me wrong

ZDNet | Security / 3h

Despite its $400 price point, the Moto G Stylus punches well above its weight thanks to its snappy chipset and brilliant AMOLED screen.

RSA Conference 2025 Announcement Summary (Day 3)

RSA Conference 2025 showcases cybersecurity

•

SecurityWeek / 3h

Hundreds of companies showcased their products and services this week at the 2025 edition of the RSA Conference in San Francisco. The post appeared first on SecurityWeek .

Yesterday

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks

23 TTPs

•

64The Hacker News / 4h

•

MintsLoader malware used in attacks

The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver. "MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts," Recorded Future's Insikt Group said in a report shared with The Hacker News. "The malware employs sandbox and virtual machine evasion techniques, a domain

Luxury department store Harrods suffered a cyberattack

Harrods targeted by cyber attack

•

Security Affairs / 4h

Harrods confirmed a cyberattack, following similar incidents suffered by M&S and Co-op, making it the third major UK retailer targeted in one week. Luxury department store Harrods confirmed a cyberattack, threat actors attempted to gain unauthorised access to some of its systems. “We recently experienced attempts to gain unauthorised access to some of our systems.” reads a statement published by

Microsoft Accounts Go Passwordless by Default

Microsoft makes accounts passwordless by default

•

SecurityWeek / 4h

Microsoft is prioritizing passwordless sign-in and sign-up methods, and is making new accounts passwordless by default. The post appeared first on SecurityWeek .

U.S. CISA adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog

Security Affairs / 5h

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SMA100 and Apache HTTP Server flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Qualitia Active! Mail, Broadcom Brocade Fabric OS, and Commvault Web Server flaws to its Known Exploited Vulnerabilities (KEV) catalog . Below are the descriptions for

Ukrainian Nefilim Ransomware Affiliate Extradited to US

Ukrainian extradited for Nefilim ransomware

•

SecurityWeek / 5h

Ukrainian national Artem Stryzhak was extradited to the US and charged with using Nefilim ransomware in attacks on large businesses. The post appeared first on SecurityWeek .

Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support

Microsoft makes accounts passwordless by default

•

77The Hacker News / 6h

A year after Microsoft announced passkeys support for consumer accounts, the tech giant has announced a big change that pushes individuals signing up for new accounts to use the phishing-resistant authentication method by default. "Brand new Microsoft accounts will now be 'passwordless by default,'" Microsoft's Joy Chik and Vasu Jakkal said. "New users will have several passwordless options for

Microsoft makes all new accounts passwordless by default

Microsoft accounts now passwordless by default

•

73BleepingComputer / 6h

Microsoft has announced that all new Microsoft accounts will be "passwordless by default" to secure them against password attacks such as phishing, brute force, and credential stuffing. [...]

End of feed