The Record

The global average cost of a data breach fell from $4.88 million in 2024, a 9% decrease that now matches numbers seen in 2023.

The Stolichki pharmacy chain, which operates about 1,000 stores across Russia confirmed that a technical failure that halted its operations on Tuesday was caused by a hack.

Silicon Valley-based Palo Alto Networks is acquiring CyberArk, with an eye on improving identity security for AI agents as well as people.

Cybersecurity company Avast released a decryptor for the short-lived FunkSec ransomware and said it is assisting dozens of the gang's targets with the process.

The vulnerability hunters at Google Project Zero want to address what they call the "upstream patch gap," when a vendor has a fix available but the downstream product providers haven't integrated it yet.

Mayor Melvin Carter said during a press conference on Tuesday that the city is most concerned about the data it holds on government employees, arguing that the city does not carry much information on city residents.

The senator’s letter follows revelations in February that the U.K. government had asked Apple for what critics have called a backdoor to view all content Apple users have uploaded to the cloud even when it has been stored using end-to-end encryption.

The latest advisory on Scattered Spider from the FBI and agencies in the U.K., Canada and Australia says the cybercrime group is often looking for Snowflake data storage credentials when it picks a company to attack.

Prime Minister Donald Tusk said the suspects were allegedly recruited to conduct attacks aimed at destabilizing the country.

Customers of French telecommunications provider Orange might see disruptions related to a cyberattack, the company said, without providing further details about the incident or threat actor.

Democrat Maggie Hassan says Starlink should acknowledge the use of its satellite internet tech for scams originating in Southeast Asia and do more to explain its response.

Russian authorities confirmed on Monday that ongoing Aeroflot flight disruptions are due to a cyberattack affecting the nation's largest carrier.

Makers of the app for women called Tea are continuing to respond to an intrusion into a "legacy data storage system" that exposed photos of users, including images of driver's licenses.

A state lawmaker spoke to Recorded Future News about how a multistate group of legislators is working to put regulations on the data broker industry.

Minneapolis-based Allianz Life said “a malicious threat actor gained access to a third-party CRM system” earlier in July, breaching data of a large amount of its customers.

NASCAR warned that a cyberattack that began in March exposed Social Security numbers.

Some crisis pregnancy centers (CPCs) still tell visitors that their data is protected under the HIPAA privacy law — despite guidance to the contrary from the government and CPCs' own umbrella organizations. Data privacy and abortion-rights groups want states to do more to end those claims.

The BlackSuit gang, which is believed to have been operational since April/May 2023, was a private ransomware group that did not license its tooling to other criminals like ransomware-as-a-service (RaaS) schemes.

Prosecutors said Chapman helped the North Korean IT workers obtain jobs at 309 companies, including a major television network, a car maker, a media company, a Silicon Valley technology company and more.

Kim Se Un, Jo Kyong Hun and Myong Chol Min are accused of helping North Korea evade U.S. and United Nations sanctions through an IT worker plot that involved tricking companies into hiring North Koreans using stolen identities.