Ransomware DataBreachToday.com

Threat Actor Shifts From Targeting Exchange to Databases
A Chinese cyberespionage threat actor with a history of hacking Microsoft Exchange to spy on geopolitical events including summits in Africa, the Middle East and Asia, has shifted its attention to targeting databases, say researchers.

Medication Tech Firm Says Hacking Incident Contained to One Employee Email Account
A Florida firm that offers medication therapy management services to health plans is notifying nearly 150,000 individuals that their information was potentially compromised in a phishing attack affecting one employee's email account for only about an hour. Why do users still fall for phishing scams?

Public-Private Cyberthreat Sharing at Risk Amid Shutdown, Experts Warn
With a key cyberthreat sharing law expiring Tuesday, analysts tell Information Security Media Group legal protections enabling cyberthreat sharing across the public and private sectors will vanish, raising fears of reduced visibility into critical infrastructure just as federal resources shrink.

A Look at How the 2nd Largest Deal in Cyber History Nearly Fell Apart in the 11th Hour
The second-largest acquisition in cybersecurity history included initial outreach in 2023, the seller nearly walking away and an accelerated announcement timeline due to media leaks. Palo Alto CEO Nikesh Arora first approached CyberArk Chairman Udi Mokady about a potential deal back in May 2023.

Carmaker Anticipates Phased Restart of Production
The British government will guarantee a 1.5 billion pound loan to Jaguar Land Rover as the embattled carmaker grapples with the fallout of a September cyberattack that froze production and sales across the globe. The government backed-loan shows the hack endangered "national economic security."

Cognex Says It Won't Patch Flaws
Nearly a dozen serious vulnerabilities in a Cognex industrial smart camera will go without a patch because the company says the model is "too old to merit a fix." Industrial security firm Nozomi Networks uncovered nine flaws during a security assessment.

2024 Cyberattack Was One of Several on Other Blood Suppliers in US, UK
OneBlood, which provides blood supplies to 250 hospitals in Florida, Georgia and the Carolinas, will pay $1 million to settle proposed class action litigation filed against the non-profit entity in the wake of a 2024 ransomware attack that compromised the information of nearly 170,000 individuals.

Global Cyber Agencies Call for Exhaustive OT Inventories to Combat Threats
Global cyber agencies are urging critical infrastructure owners and operators to maintain "definitive records" of their complex operational technology environments, calling for exhaustive asset visibility as regulators shift toward prescriptive mandates to counter escalating threats.

OpenAI, Apollo Research Find Models Hide Misalignment; Training Cuts Deception
Frontier artificial intelligence models are learning to hide their true intentions to pursue hidden agendas, said OpenAI and Apollo Research. Researchers say the risk of deception needs to be tackled now, especially as AI systems take on more complex, real-world responsibilities.

MIND Act Asks FTC to Study Exploitation Risks for Neural Data Collected by Devices
Are brain waves and similar neural data the next frontier in consumer privacy worries? A trio of U.S. senators have introduced federal legislation aiming to get ahead of risks that such brain-related data could be collected and misused by tech firms, data brokers, government agencies and others.

Cybersecurity Programs, Workforce Face Disruption If Congress Fails to Act
A potential government shutdown threatens to gut federal cybersecurity operations, with key programs set to expire, agency cyber staff facing layoffs and no public contingency plans in place - leaving core defenses, threat sharing and incident response at risk.

Eset: Lazarus Group Shares Backdoor With Newer Pyongyang Threat Actor
A gang of North Korean hackers behind fake IT job recruitment scams now have access to a remote access Trojan favored by their more technically advanced counterparts tracked collectively as the Lazarus Group, say security researchers.

Researcher Finds Database of Sensitive Patient Info With No Password Protection
An unencrypted database containing nearly 150,000 patient records of a California provider of home health and palliative care services was left exposed on the internet, said a cybersecurity researcher who discovered the unsecured data cache. Why does this keep happening in the healthcare sector?

Newly Implemented Rule to Boost Cloud Competition and AI Development
The EU Data Act is now in its second phase of implementation, shifting the balance of power by granting users rights over the data generated by their connected devices and services. Beyond banning unfair contract terms and eliminating vendor lock-in, the act mandates data portability and access.

CISA Issues Emergency Directive After Cisco Exploits Persist After Reboot
CISA issued an emergency directive Thursday after discovering an advanced hacking campaign exploiting two persistent zero-days in Cisco firewall gear - malware that survives system reboots and upgrades - forcing agencies to disconnect vulnerable devices by Friday.

'RedNovember' Has Hacked Organizations in the US, Asia and Europe
A hacking group associated with widespread compromise of edge devices is a Chinese-state-aligned group, says cybersecurity firm Recorded Future. The firm says the threat actor, which it now tracks as RedNovember, is "highly likely a Chinese state-sponsored threat activity group."

Pentesting Tools Uncover Vulnerabilities but White Hat Skills Are Still in Demand
Automated pentesting tools offer faster visibility and robust integration with daily security operations, but automation doesn't eliminate the need for humans in the loop. Automation raises the baseline for vulnerability management and changes what white hat hackers need to know to stay relevant.

Recent Incidents Highlight Patient Record Cyber Risks Tied to Third-Party Suppliers
Vendor security risk has long been a source of pain for many healthcare providers. Veradigm - formerly Allscripts - and ApolloMD are among the latest software and services vendors reporting hacking incidents potentially triggering headaches for customers and their patients.

Researchers Uncover Covert Chinese Access to US Service Provider Infrastructure
Mandiant said it has tracked a Chinese-linked espionage campaign using BRICKSTORM malware to quietly embed within U.S. infrastructure and service providers for over a year, exploiting appliance-level blind spots to maintain persistence, evade detection and potentially develop zero-day exploits.