Ransomware DataBreachToday.com

Study Finds Weak Authentication Practices Across AI Agent Servers
Tools developers use to connect artificial intelligence tools with external applications and data sources typically are secured by static credentials such as API keys and personal access tokens, exposing AI agent systems to theft or misuse, research shows.

Eclypsium Researchers Find UEFI Weakness in Framework Laptops and Desktops
Roughly 200,000 laptops and desktops made by modular sensation Framework contain a firmware vulnerability allowing attackers to disable Secure Boot and run unsigned code, say security researchers.

Federal Agencies Ordered to Patch or Decommission F5 Devices Amid Imminent Risk
An advanced nation-state threat actor stole sensitive F5 source code and vulnerability data to craft tailored exploits, prompting an emergency directive amid a U.S. government shutdown that has left cyber defenses strained and federal networks at "imminent risk."

Recent Cybersecurity Conferences Highlight Resilience and Shoring Up Critical Infrastructure Systems
Learn how recent cybersecurity conferences focused on resilience and shoring up critical infrastructure systems spotlight the need for virtual segmentation, OT visibility and zero trust adoption.

Cybereason Deal Bolsters LevelBlue's XDR, DFIR and Global Incident Response Reach
LevelBlue is acquiring Cybereason to enhance its extended detection and response, digital forensics, and global threat intelligence capabilities. The move brings top talent, expands the firm's footprint in Japan and follows LevelBlue's acquisitions of Aon and MDR provider Trustwave.

Cambodian Firm Worked Directly With North Korea, Say US Officials
The U.S. and U.K. imposed sanctions on Cambodia’s Huione Group and 146 affiliates linked to the Prince Group TCO, citing human trafficking, forced labor and over $4 billion in laundered cybercrime proceeds tied to North Korean hacks and Western-targeted scams.

NCSC Chief Says Recent Retailer Hacks Should Be 'Wake-Up Call' for Cyber Defenders
The number of cyberattacks in the United Kingdom surged 50% in the past year, with ransomware continuing to be the top threat. National Cyber Security Centre CEO Richard Horne said recent high-profile hacks at major retailers exposed supply chain vulnerabilities and are a "wake-up call" to defenders.

Researchers Show Minimal Data Poisoning Can Disrupt Large Language Models
Only a couple hundred malicious training documents are needed before a large language model puts out meaningless text when prompted with a specific trigger phrase, say researchers.

3 Private Equity Firms Kick the Tires, But Proposed Price Wasn't to Snyk's Liking
Slowing growth, continued losses and increased competition have turned a Snyk IPO into an increasingly unlikely prospect. The Information reported this month that Snyk has spoken with at least three private equity firms about a potential deal, but has been unable to reach an agreement on price.

Medusa Group Tied to Attack on SimonMed and Threats to Leak Stolen Data
Two radiology practices are notifying nearly 1.5 million people of separate hacking incidents compromising their sensitive health information. Cybercrime gang Medusa claimed credit for attacking Arizona-based SimonMed Imaging in January and threatened to leak the stolen data of nearly 1.3 million patients on the darkweb.

Dutch Ministry Invokes National Security Law to Impose Domestic Control
The Dutch government said it is severing semiconductor chipmaker Nexperia from control by its Chinese parent after invoking a national security law allowing it to impose domestic control. Partially Chinese state-controlled Wingtech Technologies acquired a three quarters stake in Nexperia in 2018.

Today's Hapless Hackers Are Tomorrow's Threat, Warns Forescout
A pro-Russian hacktivist group boasted on Telegram that it hacked a Western water treatment plant - but actually succeeded in attacking a honeypot left by security researchers at Forescout, the firm said. TwoNet appears to have ceased operations on Sept. 30.

EU Justice and Home Affairs Council Halts Voting, Sees Opposition
A European content scanning proposal intended to enhance online child safety stalled after German lawmakers voiced opposition and member states canceled a planned vote on the measure's adoption. The EU Justice and Home Affairs Council was set to vote Tuesday on Chat Control.

Criminals Claim Leak of Customer Data From Six Victims, Including Qantas Airlines
A ransomware group that's been extorting Salesforce customers leaked some stolen data, following the FBI disrupting its shakedown sites. ShinyHunters, part of the rebranded Scattered Lapsus$ Hunters group, after leaking data from six victims, declared its Salesforce customer shakedown over.

In Today's Reality, Zero Trust Principles Matter, Verification Is an Imperative
This month, a judge made history by throwing out an $8.7 million lawsuit after discovering something that had never before appeared in her courtroom: deepfake testimony. But these new legal lessons are already a reality in business: the need for trust, verification and authentic communication.

2 Firms Hit by Separate 2024 Attacks to Pay Total of $6.5M in Class Action Claims
A Nebraska-based revenue cycle management firm and a Swiss-based blood products manufacturer with plasma collection centers in the United States are the latest healthcare sector companies agreeing to pay multimillion dollar lawsuit settlements for two separate 2024 hacks affecting scores of patients.

US Cyber Defense Agency Slammed by Shutdown, Personnel Cuts and Resource Crisis
Facing major turnover, partisan upheaval and a government shutdown, the U.S. cyber defense agency is now operating at a fraction of its strength, leaving states and other entities without federal cyber support or coordination, experts tell Information Security Media Group.

Pete Harteveld Seeks to Strengthen Security Operations With Programmatic Approach
New Exabeam CEO Pete Harteveld emphasizes securing AI agents, minimizing tool sprawl and promoting defined security outcomes. His roadmap builds on recent success and aims to deliver programmatic SIEM and UEBA innovations to improve analyst efficiency and benchmarking.

Attackers Read Server Files and Steal Credentials in Gladinet CentreStack, Triofox
Hackers are exploiting a flaw allowing them to access without authentication document root folder files in file-sharing and remote-access software, where they obtain access tokens and passwords to unlock remote access to corporate file systems, warn researchers.

Medusa Ransomware Group Tied to Exploits of Now-Patched Zero-Day Vulnerability
Recent attacks targeting Fortra's GoAnywhere managed file transfer software exploited a "limited" number of customers who set their on-premises installations to have an administrative console publicly exposed to the internet, which the vendor recommends customers never do.