The U.S. Department of Commerce's Bureau of Industry and Security has announced a ban prohibiting Kaspersky Lab's U.S. subsidiary from offering its security software due to national security concerns. This ban extends to all of Kaspersky's affiliates, subsidiaries, and parent companies, citing the risk posed by the Russian government's potential influence and cyber capabilities. The ban, effective from July 20, allows the company to continue providing updates to existing customers until September 29. Kaspersky, which has faced multiple restrictions over its ties to Russia, argues that the decision is based on geopolitical tensions and ignores the transparency measures it has implemented.

U.S. Bans Kaspersky Software, Citing National Security Risks The Hacker News

Vikas Singla, an Atlanta-based cybersecurity executive, has been sentenced to two years of home detention after hacking the Gwinnett Medical Center's computer system in an attempt to boost his struggling company's business. As part of his sentence, Singla also paid over $800,000 in restitution. The hack disrupted more than 200 phones, leaked patient data on social media, and generated over 200,000 emails through the hospital's network. Despite these actions, no patients were harmed. Singla's legal team argued that his sentence should consider his medical condition, charitable work, and lack of prior criminal history.

Cybersecurity Exec Sentenced in Medical Center Hacking The Atlanta Journal-Constitution

Change Healthcare has started notifying individuals affected by a data breach. The incident involved unauthorized access to a network that may have exposed personal and medical information of patients. The company is taking measures to enhance security protocols and provide support to those impacted by the breach. For more details, you can access the full article through the provided link.

Change Healthcare Starts Notifying Data-Breach Victims — The Wall Street Journal wsj.com

The U.S. government has mandated that federal employees update their Google Pixel devices by July 4 due to a high-severity firmware vulnerability, CVE-2024-32896, which Google acknowledged might be under limited, targeted exploitation. This zero-day issue, integrated into Android's recent feature drop, necessitates urgent action not only from government agencies but also other enterprises and individual users, especially those connecting to enterprise systems. While Google and GrapheneOS have rolled out necessary updates for Pixel devices, the vulnerability persists in other Android devices without immediate remediation. As multiple threats, including malware on the Play Store and the Rafel trojan, continue to challenge Android security, timely compliance with update protocols is crucial to mitigate risks.

Google Pixel Deadline—10 Days To Update Or Stop Using Your Phone Forbes