The incoming Trump administration is set to explore ways to impose higher costs on adversaries and private actors behind cyber attacks, according to Representative Mike Waltz, the pick for national security adviser. Waltz’s statement follows US allegations that a widespread Chinese cyberespionage operation, known as Salt Typhoon, targeted senior American officials and stole significant amounts of metadata.
The White House has revealed that at least eight telecommunications and infrastructure firms in the US were compromised during this campaign. While Waltz did not specify potential actions against Salt Typhoon, he emphasised the need to go beyond defensive measures and start taking offensive actions to deter cyber threats.
Waltz also highlighted the role of the US tech industry in strengthening national defence and exposing vulnerabilities in adversaries. Meanwhile, Chinese officials continue to deny involvement, dismissing the accusations as disinformation and asserting that Beijing opposes cyber attacks in all forms.
Serbia has been accused of using spyware to target journalists and activists, according to a new Amnesty International report. Investigations revealed that ‘NoviSpy,’ a homegrown spyware, extracted private data from devices and uploaded it to a government-controlled server. Some cases also involved the use of technology provided by Israeli firm Cellebrite to unlock phones before infecting them.
Activists reported unusual phone activity following meetings with Serbian authorities. Forensic experts confirmed NoviSpy exported contact lists and private photos to state-controlled servers. The Serbian government has yet to respond to requests for comment regarding these allegations.
Cellebrite, whose phone-cracking devices are widely used by law enforcement worldwide, stated it is investigating the claims. The company’s representative noted that misuse of their technology could violate end-user agreements, potentially leading to a suspension of use by Serbian officials.
Concerns over these practices are heightened due to Serbia’s EU integration programme, partially funded by Norway and administered by the UN Office for Project Services (UNOPS). Norway expressed alarm over the findings and plans to meet with Serbian authorities and UNOPS for clarification.
Krispy Kreme has reported a cybersecurity incident that disrupted online ordering systems across the United States. The doughnut chain discovered the unauthorised activity on 29 November and immediately launched an investigation with external cybersecurity experts.
While the company’s stores remain open for in-person orders, it warned that revenue losses from digital sales could materially impact its financial results. Shares of Krispy Kreme fell by around 2% in premarket trading following the announcement.
The company said it is actively working to mitigate the effects of the incident while maintaining operations at its global locations.
Serie A has partnered with Meta to combat illegal live streaming of football matches, aiming to protect its broadcasting rights. Under the agreement, Serie A will gain access to Meta’s tools for real-time detection and swift removal of unauthorised streams on Facebook and Instagram.
Broadcasting revenue remains vital for Serie A clubs, including Inter Milan and Juventus, with €4.5 billion secured through deals with DAZN and Sky until 2029. The league’s CEO urged other platforms to follow Meta’s lead in fighting piracy.
Italian authorities have ramped up anti-piracy measures, passing laws that enable swift takedowns of illegal streams. Earlier this month, police dismantled a network with 22 million users, highlighting the scale of the issue.
Russian authorities have arrested over 300 individuals in Moscow during a major crackdown on an alleged international cryptocurrency scam ring. The Ministry of Internal Affairs revealed that the group operated several fraudulent call centres, using around 500 workstations to target victims in over 20 countries. The suspects reportedly persuaded individuals to invest in fake cryptocurrency platforms before disappearing with their funds.
Investigators believe the ring was tied to a broader international network led by Yegor Burkin, a fugitive associated with the Khimprom organised crime group, also known for drug smuggling activities. Police claimed that some stolen funds may have been used to support the Ukrainian Armed Forces, adding a geopolitical angle to the case.
Officials highlighted the increasing sophistication of crypto scams, with fraudsters using spoofed phone numbers, fake documents, and professional terminology to appear legitimate. The Ministry warned that such scams are on the rise, with many targeting foreign nationals and employing multilingual staff to reach victims worldwide.
A California court has ordered five individuals to pay over $5 million for their roles in the IcomTech Ponzi scheme. Between 2018 and 2019, the scheme defrauded investors through a fake Bitcoin trading platform. IcomTech promised 100% returns every six weeks, ultimately misappropriating $8.4 million of victims’ funds.
The group, led by founder David Carmona, lured over 190 investors with lavish expos and false claims of wealth. The court found them guilty of violating the Commodity Exchange Act and Commodity Futures Trading Commission (CFTC) regulations. Each was fined $1 million and banned from trading in CFTC-regulated markets.
In addition to financial penalties, the individuals received prison sentences ranging from five to ten years. The CFTC emphasised the importance of protecting investors from such schemes, urging vigilance in the cryptocurrency sector.
The Australian Federal Police (AFP) is increasingly turning to AI to handle the vast amounts of data it encounters during investigations. With investigations involving up to 40 terabytes of data on average, AI has become essential in sifting through information from sources like seized phones, child exploitation referrals, and cyber incidents. Benjamin Lamont, AFP’s manager for technology strategy, emphasised the need for AI, given the overwhelming scale of data, stating that AI is crucial to help manage cases, including reviewing massive amounts of video footage and emails.
The AFP is also working on custom AI solutions, including tools for structuring large datasets and identifying potential criminal activity from old mobile phones. One such dataset is a staggering 10 petabytes, while individual phones can hold up to 1 terabyte of data. Lamont pointed out that AI plays a crucial role in making these files easier for officers to process, which would otherwise be an impossible task for human investigators alone. The AFP is also developing AI systems to detect deepfake images and protect officers from graphic content by summarising or modifying such material before it’s viewed.
While the AFP has faced criticism over its use of AI, particularly for using Clearview AI for facial recognition, Lamont acknowledged the need for continuous ethical oversight. The AFP has implemented a responsible technology committee to ensure AI use remains ethical, emphasising the importance of transparency and human oversight in AI-driven decisions.
Polish authorities have detained Dmitry V., the former head of Russia’s crypto exchange WEX, in Warsaw following an extradition request from the US Department of Justice. During his tenure at WEX, Dmitry V. was suspected of fraud and money laundering. He is facing potential extradition to the US, where charges could carry a maximum 20-year prison sentence.
Dmitry V. has been linked to WEX, a successor to BTC-e, once Russia’s largest cryptocurrency platform before its collapse in 2018. The exchange was infamous for lax identity checks and ties to high-profile crypto hacks, including the Mt. Gox breach. Around $450 million remains unaccounted for from WEX, which had processed over $9 billion in transactions during its operation.
This is not Dmitry V.’s first arrest; he was previously detained in Poland in 2021 and later apprehended by Interpol in Croatia in 2022. His history also includes a 2019 arrest in Italy, which was short-lived due to errors in the extradition process.
Pavel Durov, founder of Telegram, appeared in a Paris court on 6 December to address allegations that the messaging app has facilitated criminal activity. Represented by his lawyers, Durov reportedly stated he trusted the French justice system but declined to comment further on the case.
The legal proceedings stem from charges brought against Durov in August, accusing him of running a platform that enables illicit transactions. Following his arrest at Le Bourget airport, he posted a $6 million bail and has been barred from leaving France until March 2025. If convicted, he could face up to 10 years in prison and a fine of 500,000 euros.
Industry experts fear the case against Durov reflects a broader crackdown on privacy-preserving technologies in the Web3 space. Parallels have been drawn with the arrest of Tornado Cash developer Alexey Pertsev, raising concerns over government overreach and the implications for digital privacy.
Supply chain software company Blue Yonder is investigating claims of data theft after the ‘Termite’ ransomware group threatened to release stolen data. The Arizona-based company, which serves major clients like DHL, Starbucks, and Walgreens, was hit by a ransomware attack on 21 November. While Blue Yonder initially confirmed a cyberattack, it did not disclose the perpetrators.
The Termite group, which recently claimed responsibility for the breach on its dark web leak site, claims to have stolen 680 gigabytes of data, including documents, reports, and email lists. The group, believed to be a rebranded version of the Babuk ransomware gang, has threatened to release the data soon. Blue Yonder is working with cybersecurity experts to investigate the breach and has notified impacted customers, though it has not confirmed specific details about the stolen data.
The attack has caused operational disruptions for some clients, including UK supermarkets Morrisons and Sainsbury’s, and US company Starbucks, which was forced to manually calculate employee pay. The full extent of the attack on Blue Yonder’s 3,000+ customers remains unclear.
