In a significant development for IP crime, a court has granted a confiscation order against a hacker who was previously jailed for stealing unreleased music owned by Ed Sheeran and Lil Uzi Vert and selling it on the dark web.

A bipartisan pair of lawmakers Monday suggested the model Ukraine is employing to combat Russian hacking may be useful for U.S. industry and government agencies if laid out properly.

“Cryptocurrency mining is a crucial part of our industry, but it also holds special appeal to bad actors, as it provides a means to acquire money with a totally clean on-chain original source,” blockchain analytics firm Chainalysis said.

Federal law enforcement officials arrested a Russian national in Arizona on charges related to his participation in multiple LockBit ransomware attacks against victims in the U.S., Asia, Europe and Africa, the Department of Justice said Thursday.

The cyberespionage activities consist of spear-phishing campaigns that are designed to entice victims into opening booby-trapped attachments, which ultimately lead to the deployment of stealers such as Giddome, Pterodo, GammaLoad, and GammaSteel.

The threat actors behind the Vidar malware have made changes to their backend infrastructure, indicating attempts to retool and conceal their online trail in response to public disclosures about their modus operandi.

The Swedish Authority for Privacy Protection, or IMY, on Tuesday, imposed a fine of 58 million Swedish kroner (~$5.4 million) in a statement saying Spotify should be more specific about how and for which purposes it collects individuals’ data.

A phishing operation was discovered impersonating WannaCry ransomware (WannaCry 3.0) and targeting Russian-speaking gamers. The phishing page mimics the official Enlisted Game website to spread infection. The ransomware is in fact a customized edition of an open-source ransomware tool called Crypter. This variant was specifically developed for Windows systems and was written in Python.

HP’s analysts report that in the campaign that started in March 2023, ChromeLoader is distributed via a network of malicious websites that promise free downloads of copyrighted music, movies, or video games.

The tension between difficult economic conditions and the pace of technology innovation, including the evolution of AI, is influencing the growth of identity-led cybersecurity exposure, according to CyberArk.