cybersecurity

Customer data stolen in cyber attacks on Cartier and North Face

Fashion brand The North Face and luxury jeweller Cartier have confirmed recent cyber attacks that exposed customer data, including names and email addresses.

Neither company reported breaches of financial or password information.

North Face identified the attack as a credential stuffing attempt, where previously stolen passwords are used to break into other accounts.

Affected customers are being advised to change their login details, while the company’s owner, VF Corporation, continues recovering from an earlier incident.

Cartier said the breach allowed brief access to limited client data but insisted that it quickly secured its systems.

Retailers such as Adidas, Victoria’s Secret, Harrods, and M&S have all been hit in recent months, prompting warnings that the industry remains an attractive target for cyber criminals.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft and CrowdStrike align naming of threat actors

Microsoft and CrowdStrike have announced a joint initiative to align their threat actor taxonomies, aiming to improve clarity and coordination in the fight against cyberattacks.

While the two cybersecurity giants are not creating a unified naming standard, they are publishing a cross-referenced mapping that shows how threat actors tracked by both companies correspond under their respective naming systems.

The inconsistency in threat actor names across the cybersecurity industry has long created confusion, often slowing response times and complicating collaboration between teams.

A single actor might be known as Midnight Blizzard by Microsoft, Cozy Bear by another firm, and APT29 or UNC2452 by others — all referring to the same group. This fragmentation of identifiers has made tracking and defending against threats more difficult.

To address this, Microsoft and CrowdStrike have released a reference document that maps common threat actors across both organisations’ taxonomies and includes aliases from other vendors.

The goal is to provide security teams with a clearer understanding of which groups are being discussed, regardless of the terminology used.

Although the mapping effort currently involves only Microsoft and CrowdStrike, other major players in the cybersecurity industry — including Google’s Mandiant and Palo Alto Networks’ Unit 42 — are expected to contribute to the initiative in the future.

‘Security is a shared responsibility, requiring community-wide efforts to improve defensive measures,’ said Vasu Jakkal, Corporate Vice President of Microsoft Security. ‘We are excited to be teaming up with CrowdStrike and look forward to others joining us on this journey.’

As more companies adopt this collaborative approach, experts believe it will enhance collective defence by making threat intelligence easier to interpret and act upon across the security ecosystem.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

184 million passwords exposed in massive data breach

A major data breach has exposed over 184 million user credentials, including emails, passwords, and account details for platforms such as Google, Microsoft and government portals. It is still unclear whether this was due to negligence or deliberate criminal activity.

The unencrypted, unprotected database was discovered online by cybersecurity researcher Jeremiah Fowler, who confirmed many of the credentials were current and accurate. The breach highlights ongoing failures by data handlers to apply even the most basic security measures.

Fowler believes the data was gathered using infostealer malware, which silently extracts login information from compromised devices and sells it on the dark web. After the database was reported, the hosting provider took it offline, but the source remains unknown.

Security experts urge users to update passwords across all platforms, enable two-factor authentication, and use password managers and data removal services. In today’s hyper-connected world, the exposure of such critical information without encryption is seen as both avoidable and unacceptable.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Microsoft takes down massive Lumma malware network

Microsoft has dismantled a major cybercrime operation centred around the Lumma Stealer malware, which had infected over 394,000 Windows devices globally.

In partnership with global law enforcement and industry partners, Microsoft seized more than 1,300 domains linked to the malware.

The malware was known for stealing sensitive data such as login credentials, bank details and cryptocurrency information, making it a go-to tool for cybercriminals since 2022.

The takedown followed a court order from a US federal court and included help from the US Department of Justice, Europol, and Japan’s cybercrime unit.

Microsoft’s Digital Crimes Unit also received assistance from firms like Cloudflare and Bitsight to disrupt the infrastructure that supported Lumma’s Malware-as-a-Service network.

The operation is being hailed as a significant win against a sophisticated threat that had evolved to target Windows and Mac users. Security experts urge users to adopt strong cyber hygiene, including antivirus software, two-factor authentication, and password managers.

Microsoft’s action is part of a broader effort to tackle infostealers, which have fuelled a surge in data breaches and identity theft worldwide.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

NATO weighs inclusion of cybersecurity in new 5% defense spending target

NATO is discussing proposals to broaden the scope of defence-related expenditures to help member states meet a proposed spending target of 5% of GDP. According to Bloomberg, the target includes 3.5% for traditional defence spending and 1.5% for related activities.

The 1.5% portion may include cybersecurity, protection of critical infrastructure, border and coastal security, space-related initiatives, and the work of non-defence intelligence agencies. Some member states are also advocating for the inclusion of counter-terrorism efforts and dual-use infrastructure, pending agreement among the alliance.

The proposals are currently under negotiation and are expected to be discussed further by NATO’s policy and planning committee. These discussions will inform a framework to be considered at the alliance’s summit in June.

A final decision on the classification of eligible expenditures has not yet been made, according to the reports, and remains subject to consensus among member states. NATO has not responded publicly to inquiries regarding the ongoing negotiations.

The 5% figure was originally proposed by former US President Donald Trump and was initially viewed as an ambitious benchmark. Recent reporting suggests, however, that a growing number of member states now recognise the need for increased defence investments. As of April, 23 out of 32 NATO members had met the current 2% defence spending guideline, with all expected to do so by the summer.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Japan to develop new cybersecurity strategy and measures

The Japanese government is preparing to develop a new cybersecurity strategy within the year, aiming to address growing digital threats targeting both public institutions and private enterprises. As part of the forthcoming strategy, the government plans to transition its internal communications systems from public-key cryptography to post-quantum cryptography, which is considered more resilient against potential cyberattacks enabled by quantum computing technologies.

In a recent development, Defence Minister Gen Nakatani met with Lithuanian Defence Minister Dovile Šakalienė in Tokyo, where both sides agreed to strengthen bilateral cooperation on cybersecurity. A Japanese Ministry of Defence expert will be sent to Lithuania in June to engage with local specialists, who are recognised for their expertise in managing persistent cyber threats, particularly those attributed to Russian state-linked actors.

The agreement follows an earlier announcement that Japan intends to expand its pool of specialist cybersecurity personnel from the current 24,000 to at least 50,000 by 2030. The target was introduced in response to a Ministry of Economy, Trade and Industry (METI) panel recommendation that the country needs approximately 110,000 skilled cybersecurity professionals to meet growing demand.

Under new regulatory measures due to take effect in 2026, the government will also begin inspecting the cybersecurity practices of private companies. Firms failing to meet the established standards may risk losing access to state subsidies.

Earlier this year, the parliament passed a new law enabling active cyberdefence measures, allowing authorities to legally monitor communications data during peacetime and neutralise foreign servers if cyberattacks occur.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

EU extends cybersecurity deadline for wireless devices

The European Commission has extended the deadline for mandatory cybersecurity requirements targeting wireless and connected devices sold within the EU.

Under the Delegated Act (2022/30) of the Radio Equipment Directive, manufacturers must embed robust security features to guard against risks such as unauthorised access and data breaches. The rules will now take effect from 1 August 2025.

A broad range of products will be affected, including mobile phones, tablets, cameras, and telecommunications devices using radio signals.

Internet of Things (IoT) items—such as baby monitors, smartwatches, fitness trackers, and connected industrial machinery—also fall within the scope. Any device capable of transmitting or receiving data wirelessly may be subject to the new requirements.

The deadline extension aims to give manufacturers additional time to adopt harmonised standards and integrate cybersecurity into product design. The Commission emphasised the importance of early action to avoid compliance issues when the rules become binding.

Despite the grace period, businesses are urged to act now by reviewing development cycles and addressing potential vulnerabilities well ahead of the implementation date.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

Tech coalition to push for faster US foreign cybersecurity aid

A coalition of leading technology and cybersecurity firms, including Carahsoft, Dell Technologies, Forescout, Google Cloud, Trellix, and Velos, has launched the Strategic Cybersecurity Coalition (SCC). The group is dedicated to advocating for a more efficient and streamlined US approach to foreign cybersecurity assistance.

Their goal is to accelerate the deployment of sustainable, interoperable cybersecurity solutions that can effectively respond to the growing global cyber threat landscape. The US government continues to face significant bureaucratic and legal barriers that slow the delivery of timely cybersecurity support to its allies.

Despite the Biden administration’s introduction of a rapid-response fund, the broader foreign aid framework remains outdated and ill-equipped to keep pace with fast-evolving cyber incidents. Progress was further stalled by a pause in foreign assistance during the previous administration.

Moreover, existing military aid programs focus largely on traditional weaponry, which often requires years-long procurement processes, an impractical timeline for urgently needed cybersecurity tools and training. Restrictive regulations also hinder US companies from providing cybersecurity services abroad, limiting critical threat intelligence sharing vital to national security.

Strengthening allied cybersecurity is crucial for US security, as threats often target both partners and the US. The SCC calls for faster, streamlined cyber aid through military programs by easing contracting rules and funding limits, aiming to reduce procurement from years to months.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

FCC to enhance security on foreign communications equipment

The Federal Communications Commission (FCC) has implemented new policies aimed at strengthening the security of the United States’ communications infrastructure against foreign threats. These policies expand the FCC’s authority to prohibit the authorisation of communications equipment from companies identified as national security risks, including Huawei, ZTE, Hytera, Hikvision, and Dahua.

Additionally, the FCC now has the power to revoke previously granted equipment authorisations if a company is later added to the ‘covered list.’ The scope of these regulations has also broadened to cover not only core network infrastructure but also a wide range of devices such as routers, switches, and consumer electronics, thereby reducing vulnerabilities and protecting against foreign interference.

US telecom companies must comply by replacing equipment from covered vendors, which may involve significant costs. While this transition poses challenges, the FCC stresses minimal short-term impact on consumers and highlights the long-term security benefits.

The agency also has enforcement powers, including fines, to ensure compliance. Going forward, the FCC will keep monitoring threats and update its policies as needed.

It will also work with government and international partners to strengthen cybersecurity efforts, showing its commitment to protecting critical communications infrastructure.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!

The United Nations calls for urgent regulation of military AI

The UN and global experts have emphasised the urgent need for comprehensive regulation of AI in military applications. UN Secretary has called for ‘global guardrails’ to govern the use of autonomous weapons, warning that rapid technological development has outpaced current policies.

Recently, 96 countries met at the UN to discuss AI-powered weapons, expanding the conversation to include human rights, criminal law, and ethics, with a push for legally binding agreements by 2026. Unregulated military AI poses serious risks like cybersecurity attacks and worsening geopolitical divides, as some countries fear losing a strategic advantage to rivals.

However, if properly regulated, AI could reduce violence by enabling less-lethal actions and helping leaders choose non-violent solutions, potentially lowering the human cost of conflict. To address ethical challenges, institutions like Texas A&M University are creating nonprofits that work with academia, industry, and defence sectors to develop responsible AI frameworks.

These efforts aim to promote AI applications that prioritise peace and minimise harm, shifting the focus from offensive weapons toward peaceful conflict resolution. Finally, UN Secretary warned against a future divided into AI ‘haves’ and ‘have-nots.’

He stressed the importance of using AI to bridge global development gaps and promote sustainable progress rather than deepen inequalities, emphasising international cooperation to guide AI toward inclusive growth and peace.

Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!