Ransomware DataBreachToday.com

Hackers Impersonate IT Support Staff
A hacking collective linked to recent British retailer attacks is targeting cloud companies through or voice phishing scams for data theft from European hospitality, retail and education sectors. Hackers impersonate IT support staff.

Invest in Preparation and Training During the Calmer Times Between Attacks
Cyberattacks may make headlines, but the daily discipline of security - patching routines, threat hunting, tabletop exercises and user education campaigns - is where resilience is forged. These tasks might not feel heroic, but they build technical and human infrastructure to handle the next crisis.

While healthcare organizations often know in general what they need to do in case they're faced with a ransomware attack, the devil is in the details of how comprehensive and well-rehearsed that incident preparedness plan is for optimal response, said Rick Doten, vice president and healthplan CISO at Centene Corp.

Identity security is still one of the most underinvested areas of cybersecurity across the healthcare sector, regardless of the depth of cyber resources available to many different types and sizes of entities, said Hugo Lai, CISO at Temple University Health System.

BidenCash Was Notorious for Posting Free Tranches of Stolen Card Data
An online carder marketplace with a flair for publicity is now offline following a U.S. and Dutch law enforcement seizure. The site, BidenCash, began operations in March 2022, growing to 117,000 customers who facilitated the trafficking of more than 15 million payment card numbers.

Top Trump Official Touts Enforcement Wins as Firms Warn China Is Gaining Ground
Despite pushback from tech leaders like Nvidia, Commerce Secretary Howard Lutnick told Congress that expanded export controls, seizures and arrests are safeguarding U.S. innovation, as the Trump administration scraps Biden-era AI policies and targets Chinese access to chips.

Banking Sector Faces Challenges in Meeting March 2026 Compliance Deadline
The Central Bank of UAE has issued a directive asking financial institutions to eliminate weak authentication methods including SMS and email OTPs. Banks are also expected to implement real-time fraud monitoring and suspend sessions when malicious activity is detected.

Malware Operation Shows Signs of Regrouping
Just days after a global takedown disrupted over 2,300 Lumma-linked domains, the info-stealing malware-as-a-service operation resurfaced, exposing how modular malware and resilient infrastructure allow cybercriminals to rapidly rebound and evade law enforcement.

Florida Vendor Set to Reach $100M ARR by 2027 With Identity Segmentation, ZTNA Push
With $55 million in Series C funding led by Highland Europe, Zero Networks aims to expand its zero trust architecture through identity segmentation and zero trust network access. The Orlando, Fla.-based microsegmentation startup aims to double headcount and target a $100 million ARR goal by 2027.

Vulnerability Could Enable Remote Code Injection Attacks
When the lights start flickering in homes equipped with Schneider Electric end-of-life smart switches, it could be hackers, now that the French company disclosed a remotely exploitable vulnerability that won't receive a patch. No hacking has been reported to date.

Onslought Also Paved Way for Rise of English-Speaking Hackers
An international law enforcement crackdown on the LockBit ransomware group caused fragmentation and distrust among Russian-speaking cybercrime groups, paving the way for English-speaking hacking groups to gain prominence, experts said Tuesday during a London conference.

Context-Driven Insights, Automation Fuel Faster, Clearer Decisions for Cyber Teams
With its acquisition of San Francisco-based startup Fletch, F5 is embedding agentic AI into its security platform to automate threat detection and response. The technology provides real-time context, filters irrelevant alerts and helps security teams prioritize urgent risks and mitigation tasks.

Dutch Semiconductor Sector Among Chinese Targets
Chinese nation state groups ramped up espionage campaigns against Dutch critical infrastructure in recent months, said a state official who added that discussions are underway in the European Union on how to minimize Chinese threats.

Researchers in Proof of Concept Show Exploit Potential for Widely Used Software
Technical details for a recently patched maximum-severity vulnerability in Cisco IOS XE reveal how hackers can enable remote code execution if the flaw is exploited. The vulnerability is an arbitrary file upload triggered by a hardcoded JSON Web Token.

DHS Budget Proposal Reduces CISA’s Operational Core Amid Growing Global Threats
The Trump administration’s 2026 Homeland Security Department budget would cut $500 million from the Cybersecurity and Infrastructure Security Agency, eliminating over a third of its staff and gutting key programs central to federal cybersecurity and private sector engagement efforts.

Ransomware, Quantum Computing, Geopolitics, Gen AI and More on the Agenda
Infosecurity Europe is set to return June 3 to London. Hot topics at this year's event include everything from quantum computing, geopolitics and artificial intelligence, to supply chain attacks, insider threats and the cybercrime juggernaut that continues to be ransomware.

It's only a matter of time before cybercriminals begin to use artificial intelligence-enabled tools, open-source software and other technologies to launch attacks to exploit sensitive genetic data, said Nicholas Morris, a practice manager at security firm Optiv.

Also: Deepfake Dangers with Veo 3; Claude Opus 4's Manipulative Edge
In this week's update, Information Security Media Group editors questioned whether we’re less secure today despite agentic AI and platformization, examined Veo 3’s alarming leap in deepfake realism, and dug into Anthropic’s powerful yet problematic Claude Opus 4.

Race-Condition Bugs in Ubuntu and Red Hat Tools Could Leak Sensitive Memory Data
Hackers could exploit a tool that stores crashed system data in older Linux operating systems to obtain passwords and encryption keys, warn researchers. The flaw lies in the way certain Linux distributions, including Ubuntu, Red Hat, and Fedora, handle application crashes.