UN General Assembly adopts historic cybercrime convention

The United Nations General Assembly has adopted a landmark treaty to combat cybercrime, marking the culmination of five years of negotiations. The UN Convention against Cybercrime is set to become the first global instrument for global efforts to combat cybercrime and enhance international cooperation and technical assistance.

The UN Office on Drugs and Crime (UNODC), which acted as secretariat throughout the negotiations, celebrated the treaty as a victory for global cooperation.

‘Adopting this landmark convention is a major victory for multilateralism, marking the first international anti-crime treaty in 20 years. It is a crucial step forward in our efforts to address crimes like online child sexual abuse, sophisticated online scams and money laundering,’ said UNODC Executive Director Ghada Waly.

The General Assembly adopted the resolution by consensus, underscoring widespread support. Negotiations included contributions from civil society, academia, and the private sector, ensuring the treaty reflects diverse perspectives. However, many non-state actors raised concerns about the latest draft.

The treaty will open for signature during a formal ceremony in Vietnam in 2025 and will enter into force 90 days after being ratified by at least 40 member states. In addition, UNODC will continue its role as the secretariat for the Ad Hoc Committee, which is tasked with drafting a supplementary protocol to the Convention and supporting the future Conference of States Parties.

For more details about the Convention and negotiations process, please follow the dedicated page.

Digital Robin Hood scam hits crypto thieves

A crafty new scam is ensnaring would-be crypto thieves by baiting them with fake wallet seed phrases. Cybersecurity experts at Kaspersky have revealed how scammers post these phrases in YouTube comments, claiming the wallets hold significant funds. The wallets, however, are traps designed to exploit anyone attempting to steal the assets.

One wallet discovered by Kaspersky analyst Mikhail Sytnik reportedly held $8,000 in USDT on the Tron network. A thief must send Tron (TRX) tokens to move the funds to cover transaction fees. Unbeknownst to them, the wallet is a multi-signature account, meaning the TRX sent for fees is instantly redirected to another wallet controlled by the scammers.

Sytnik described the scammers as “digital Robin Hoods” for targeting other opportunists. He advised people never to try accessing others’ wallets, even if given a seed phrase, and to remain cautious of strangers’ claims about cryptocurrency online.

This isn’t the first time fraudsters have exploited greed in the crypto space. In July, Kaspersky exposed a similar scam on Telegram, where users were tricked into downloading malware disguised as legitimate crypto tools, potentially compromising their devices and funds.

Data security measures must be bolstered by Marriott and Starwood

Marriott International and Starwood Hotels have been ordered to improve data security following multiple breaches impacting over 344 million customers. The Federal Trade Commission (FTC) finalised the order on Friday, citing inadequate security practices. Major breaches occurred in 2015, 2018, and 2020, exposing sensitive customer information, including passport details and payment data.

Hackers gained prolonged access to systems during the breaches, with one lasting four years undetected. The companies must now implement measures such as limiting data retention and providing US customers with a way to request the deletion of personal information tied to their accounts.

The FTC accused the hotel chains of misleading consumers with claims of robust data security while failing to address basic vulnerabilities like weak passwords and outdated software. The Connecticut Attorney General’s office also announced a $52 million settlement with Marriott on the same day.

Under the 20-year order, Marriott and Starwood must maintain compliance records, undergo inspections, and ensure transparency about their data handling practices. The ruling is part of broader efforts to hold businesses accountable for safeguarding customer information.

Israeli spyware deal reports denied by US and Israel

Officials from the United States and Israel have refuted claims of approving the sale of Israeli spyware firm Paragon to Florida-based AE Industrial Partners. Reports of the transaction surfaced in Israeli media, suggesting both governments had greenlit the deal, but US and Israeli representatives dismissed these assertions.

The White House clarified that the sale was a private transaction with no formal US approval, while Israel‘s Defence Ministry stated it was still evaluating the deal. Paragon, linked to former Israeli intelligence officers, has faced scrutiny in the US market, including a paused $2 million contract with ICE.

The alleged acquisition has drawn attention due to Paragon’s ties to national security and controversial surveillance software. Both AE and Paragon have not yet commented on the situation.

US charges Russian-Israeli citizen over Lockbit ransomware

The United States has charged Rostislav Panev, a Russian-Israeli dual citizen, for his alleged role as a developer for the Lockbit ransomware group, which authorities describe as one of the world’s most destructive cybercrime operations. Panev, arrested in Israel in August, awaits extradition.

Lockbit, active since 2019, targeted over 2,500 victims across 120 countries, including critical infrastructure and businesses, extorting $500 million. Recent arrests, guilty pleas, and international law enforcement efforts have significantly disrupted the group’s activities.

Experts say law enforcement actions have tarnished Lockbit’s reputation, reducing its attacks and deterring affiliates. Authorities emphasise the importance of holding cybercriminals accountable.

NETSCOUT enhances DDoS protection with AI/ML-Driven adaptive solutions

NETSCOUT SYSTEMS announced significant updates to its Arbor Edge Defense (AED) and Arbor Enterprise Manager (AEM) products as part of its Adaptive DDoS Protection solution. These enhancements are designed to address the growing threats of AI-enabled DDoS attacks, which have surged in sophistication and frequency.

Application-layer and volumetric attacks have increased by 43% and 30%, respectively, with DDoS-for-hire services making attacks easier to execute. To combat these evolving threats, NETSCOUT leverages AI and machine learning (ML) within its ATLAS Threat Intelligence system, which monitors over 550 Tbps of real-time internet traffic across 500 ISPs and 2,000 enterprise sites worldwide.

The AI/ML-powered solution enables dynamic threat identification and mitigation, creating a scalable, proactive defence mechanism. The updated AED and AEM products automate a closed-loop DDoS attack detection and mitigation process, providing real-time protection by adapting to changing attack vectors and applying mitigation recommendations automatically.

NETSCOUT’s solution also offers comprehensive protection across hybrid IT environments, including on-premise infrastructure, private data centres, and public cloud platforms like AWS and Microsoft Azure, with enhancements such as 200 Gbps mitigation capacity, high-performance decryption, and visibility into non-DDoS threats.

By minimising downtime and safeguarding business-critical services, NETSCOUT’s Adaptive DDoS Protection reduces business risks and protects productivity and reputation. As the threat landscape continues to evolve, organisations can rely on NETSCOUT’s innovative technology to stay ahead of attackers and maintain IT resilience. Industry experts and agencies like the Cybersecurity & Infrastructure Security Agency (CISA) highlight the need for adaptive cybersecurity measures. NETSCOUT’s AI/ML-driven solutions meet these demands by offering robust, future-proof protection for critical IT infrastructure.

WhatsApp wins case as US judge rules against NSO Group

A US judge has ruled against Israel’s NSO Group in a lawsuit brought by WhatsApp, finding the spyware firm liable for hacking and breach of contract. The case, heard in Oakland, California, revolves around allegations that NSO exploited a vulnerability in WhatsApp to install Pegasus spyware, enabling unauthorised surveillance of 1,400 individuals. The court decision moves the case forward to determine damages.

Will Cathcart, head of WhatsApp, described the ruling as a triumph for privacy, emphasising the need for accountability in the spyware industry. WhatsApp expressed gratitude for support from various organisations and pledged continued efforts to safeguard private communications. Cybersecurity experts, including Citizen Lab’s John Scott-Railton, hailed the judgment as a pivotal moment for holding spyware companies accountable.

NSO argued that its Pegasus software serves to combat serious crime and threats to national security. However, the courts previously rejected claims of immunity, noting the company’s activities fell outside the protection of federal law. Appeals by NSO to higher courts, including the US Supreme Court, failed, paving the way for the trial to proceed.

The judgment signals a significant shift in how the spyware industry may be regulated, with implications for firms previously claiming they were not responsible for the misuse of their technology. Experts see it as a warning to surveillance companies that illegal actions will not go unchallenged.

TikTok faces ban in Albania after teen’s death

Albania has announced a one-year nationwide ban on TikTok, citing concerns about the platform’s influence on children. The decision follows the fatal stabbing of a 14-year-old boy in November, reportedly linked to social media disputes. Prime Minister Edi Rama revealed the ban as part of a broader strategy to enhance school safety after consultations with parents and teachers.

The Prime Minister has criticised TikTok and similar platforms for encouraging youth violence. Videos supporting the killing were shared online, raising alarms about the role of social media in such incidents. Rama stated that society, not children, bears responsibility for the issue, describing TikTok as a platform that holds children ‘hostage’.

Several European nations, including France and Germany, have introduced restrictions on social media for children. Albania’s move aligns with a growing global trend, with Australia recently approving a complete social media ban for users under 16.

TikTok responded by seeking clarity from the Albanian government, claiming no evidence linked the involved teens to the platform. A spokesperson suggested another platform might have hosted the content tied to the incident.

Trump signals support for TikTok amid national security debate

President-elect Donald Trump hinted at allowing TikTok to continue operating in the US, at least temporarily, citing the platform’s significant role in his presidential campaign. Speaking to conservative supporters in Phoenix, Arizona, Trump shared that his campaign content had garnered billions of views on TikTok, describing it as a “beautiful” success that made him reconsider the app’s future.

TikTok’s parent company, ByteDance, has faced pressure from US lawmakers to divest the app over national security concerns, with allegations that Chinese control of TikTok poses risks to American data. The US Supreme Court is set to decide on the matter, as ByteDance challenges a law that could force divestment. Without a favourable ruling or compliance with the law, TikTok could face a US ban by January 19, just before Trump takes office.

Trump’s openness to TikTok contrasts with bipartisan support for stricter measures against the app. While the Justice Department argues that Chinese ties to TikTok remain a security threat, TikTok counters that its user data and operations are managed within the US, with storage handled by Oracle and moderation decisions made domestically. Despite ongoing legal battles, Trump’s remarks and a recent meeting with TikTok’s CEO suggest he sees potential in maintaining the platform’s presence in the US market.

Tech giants join forces for US defence contracts, FT says

Data analytics firm Palantir Technologies and defence tech company Anduril Industries are leading efforts to form a consortium of technology companies to bid jointly for US government contracts, according to a report from the Financial Times. The group is expected to include SpaceX, OpenAI, Scale AI, autonomous shipbuilder Saronic, and other key players, with formal agreements anticipated as early as January.

The consortium aims to reshape the defence contracting landscape by combining cutting-edge technologies from some of Silicon Valley’s most innovative firms. A member involved in the initiative described it as a move toward creating “a new generation of defence contractors.” This collective effort seeks to enhance the efficiency of supplying advanced defence systems, leveraging technologies like AI, autonomous vehicles, and other innovations.

The initiative aligns with President-elect Donald Trump’s push for greater government efficiency, spearheaded in part by Elon Musk, who has been outspoken about reforming Pentagon spending priorities. Musk and others have criticised traditional defence programs, such as Lockheed Martin’s F-35 fighter jet, advocating instead for the development of cost-effective, AI-driven drones, missiles, and submarines.

With these partnerships, the consortium hopes to challenge the dominance of established defence contractors like Boeing, Northrop Grumman, and Lockheed Martin, offering a modernised approach to defence technology and procurement in the US.