Ransomware DataBreachToday.com

Hacking Group UNC6148 Steals Credentials With New OVERSTEP Rootkit, Google Says
A cybercrime group used a backdoor in a fully patched SonicWall appliance to steal credentials and may have sold the stolen data to ransomware groups as part of an ongoing campaign, Google Threat Intelligence Group found. The firm attributed the campaign to a cybercrime group it tracks as UNC6148.

Hacker Claims to Have Exploited Flaw in Oracle WebLogic Server, Sold Stolen Data
Seychelles Commercial Bank is warning customers that a hacker stole their personal information - but no money - from their accounts after breaching its systems. The hacker involved claims to have stolen and sold two gigabytes of customer data from the bank, which paid no ransom.

Attackers Can Upload Malware in System Management Mode and Disable Secure Boot
Multiple high-severity vulnerabilities in Gigabyte's UEFI firmware could enable attackers to execute arbitrary code within System Management Mode, granting persistent and nearly undetectable control over affected systems, cybersecurity researchers reported.

Analysts Warn White House Chip Reversal Threatens US AI Dominance
President Donald Trump has reportedly reversed a U.S. policy restricting Nvidia chips critical to artificial intelligence technology development from being exported to China in a move that experts say could undercut the U.S. lead in the burgeoning emerging technology market.

Escalating Geopolitical Tensions Could Increase Hacks by 2030, Government Warns
France has identified Russia as the primary threat to national security in the coming years. The French government recommends adopting measures to strengthen its cybersecurity defenses in anticipation of increased hacks from Moscow-aligned attackers driven by geopolitical tensions.

US Authorities Say Daniil Kasatkin, 26, Worked as Negotiator for Ransomware Group
A Paris criminal court on Tuesday held an extradition hearing for a Russian professional basketball player who U.S. authorities say worked as a negotiator for an undisclosed ransomware group. French police on June 21 arrested Daniil Kasatkin, 26, at Charles de Gaulle Airport.

Experts Warn Federal Cyber Cuts Are Hindering Public-Private Threat Sharing Efforts
The White House has continued to sharply reduce the size of cybersecurity teams across the federal government while cutting information technology budgets and funding for key programs. Experts warn public-private information sharing around critical cyberthreats has slowed.

CEO Doug Merritt: GenAI, Workload Sprawl Raise Zero Trust Stakes for Aviatrix
Aviatrix is addressing cloud network security gaps with its new Cloud Native Security Fabric. CEO Doug Merritt says companies need zero trust across ephemeral workloads, especially with agentic AI multiplying data pathways. The company’s pivot includes a new C-suite and product strategy overhaul.

Remote Code Execution Flaw Affects More Than 5,000 Servers
Threat actors are actively exploiting a critical vulnerability in a server file transfer solution. Researchers say the flaw in Wing FTP Server could allow threat actors to execute system-level commands remotely, using null byte and Lua injection without authentication.

Smaller and rural hospitals and clinics, as well as federally qualified health centers, are constantly battling cybersecurity resource constraints, and especially serious workforce shortages, said Jennifer Stoll of OCHIN, a nonprofit provider of health IT services and products.

Attackers Can Trick Gemini Into Displaying Deceptive Messages, Researchers Warn
Attackers can hide malicious instructions inside emails to trick Google's Gemini into delivering falsified summaries with deceptive messages to end users, researchers warn. Google said it's continuing to put multiple defenses in place to combat these types of prompt injection attacks.

Bluetooth Flaws in Car Software Could Enable Hijacking of Infotainment Systems
A set of critical Bluetooth flaws in software that helps cars connect to phones and other devices could enable attackers to remotely take control of car infotainment systems used by major automakers including Mercedes-Benz, Skoda and Volkswagen, new research shows.

Rural hospitals and small medical practices must be creative and open-minded in when it comes locking down their digital footprint, said Jim Roeder, vice president of IT at Lakewood Health System. There's help from the private- and public-sectors and open source tools.

Also: SolarWinds Case Nears Quiet Settlement; Securing Agentic AI Requires Layers
In this week's edition, Information Security Media Group editors discussed Russia’s cyber treason arrests, the A U.S. Securities and Exchange Commission legal settlement with SolarWinds - and its impact on security leaders - and how organizations are working to secure agentic AI.

Cohesity CEO Sanjay Poonen Says Unified Platform Offers Faster, Smarter Recovery
Cohesity’s Sanjay Poonen says customers increasingly demand AI-powered data security and sovereign cloud options. The acquisition of Veritas' data protection business has expanded product reach, accelerated engineering output and enhanced security for on-prem and multi-cloud workloads.

Virtru Targets AI-Driven Control of Unstructured Data With Iconiq-Led Funding Round
Virtru raised $50 million, doubling its valuation to $500 million. The funding will expand the company’s capabilities in AI governance and multi-party analytics through continued investment in its trusted data format as a foundation for managing sensitive data across enterprises and governments.

Britain's Tax Collector HMRC Lost $63 Million to Fraudsters Wielding Taxpayer Data
Police on Thursday arrested 13 individuals in Romania and one in England on suspicion of engaging in a massive tax fraud scheme against Britain. The arrests appear to be tied to a gang that used phishing attacks against British taxpayers to steal $63 million via fraudulent tax claims.

As healthcare providers and their vendors develop and implement agentic artificial intelligence and other AI tools, they need to throughly understand data privacy risks under HIPAA and other laws, said attorney Jordan Cohen of law firm Akerman LLP.

AI Models Mostly Fail in Full Track of Vulnerability Research to Exploit
The rise of code-illiterate but AI-enabled script kiddies able to wreak havoc by weaponizing software vulnerabilities into automated exploits, thanks to expert-level assistance from large language models, remains but a future possibility, based on exploit-writing tests of 50 LLMs.

Also, US Sanctions North Korean IT Worker Scammers and More Paraguay Hacks
This week, McDonald's password mishap, North Korean IT worker sanctions, a wormable Microsoft flaw, Qantas update. Monzo fined, Flutter data breach and CyberTeam again targeted Paraguay. Anatsa Trojan reappeared, DoNot targeted a European ministry. Academics sneaked prompt injections into papers.