In less than a month, President-elect Joe Biden will be sworn into office and immediately confront a list of cybersecurity problems ranging from a now-leaderless CISA to the SolarWinds breach. Here's how security experts - and former government leaders - see the administration's cyber policies taking shape.
Britain's National Crime Agency says 21 individuals have been arrested on suspicion of purchasing personally identifiable information from the WLeakInfo website. Authorities say the site provided access to more than 12 billion personal records culled from 10,000 data breaches.
A key player in the now-defunct "Silk Road" darknet marketplace who hid his involvement with the creation and operation of the website has been sentenced to eight months in federal prison for making false statements to federal investigators.
Assets worth $4 million have been seized by authorities in Singapore from the former CEO of Phantom Secure, a now-defunct encrypted telecommunications services provider that offered services to transnational organized criminal syndicates, according to the U.S. Justice Department.
One of those responsible for the massive Mirai-based DDoS attack launched in October 2016 that targeted domain name resolver Dyn and knocked Amazon, PayPal, Spotify, Twitter and others offline has pleaded guilty to federal charges.
Another federal judge is blocking the Trump administration's attempt to ban the Chinese-made social media app TikTok from being used in the U.S. The White House claims that the data the app collects on American users poses a national security threat.
President Donald Trump on Friday signed into law the Internet of Things Cybersecurity Improvement Act of 2020, the first U.S. federal law addressing IoT security. The act requires federal agencies to only procure devices that meet minimum cybersecurity standards.
A defense policy bill that Congress plans to vote on later this month now includes a provision that would restore the position of national cyber director at the White House, says Rep. Jim Langevin, D-R.I.
New Zealand's refreshed Privacy Act, which came into effect Tuesday, introduces breach notification requirements and civil penalties. It also holds data handlers to higher responsibilities to counter new threats to personal data. But the law doesn't impose financial penalties as severe as the EU's GDPR.
Europol, along with the other law enforcement agencies in Europe, prevented payment fraud losses of $47.5 million by targeting fraudsters who were selling stolen card data on darknet websites known as card shops.
The Home Depot reached a $17.5 million settlement of a multistate lawsuit stemming from a 2014 data breach that compromised the payment card data of 40 million customers. The company will also implement new security procedures as part of the agreement.
The Telecommunications Security Bill introduced by the British government aims to set enforceable, minimum security standards for the nation's telecommunications providers, backed by penalties, including for any company that opted to use equipment from high-risk providers such as China's Huawei.
Sen. Ron Wyden, D-Ore., and Rep. Lauren Underwood, D-Ill., have introduced a bill designed to patch loopholes in the Federal Cybersecurity Enhancement Act of 2015 that they say allow federal agencies to easily avoid implementing required cybersecurity procedures.
The U.S. Senate on Tuesday unanimously passed federal IoT security legislation that will require the government to only procure devices that meet minimum cybersecurity requirements. The bill now moves to President Donald Trump's desk.
European lawmakers are once again considering encryption policies and attempting to strike a balance between the privacy and security afforded by strong encryption and law enforcement's needs. But with encryption being a cornerstone of the internet, is there any new balance to be struck?