DataBreachToday.com
AI Rubio Hoax Further Exposes White House Security Gaps
13 hours 49 minutes ago
Impersonation Hoax Leverages Top Officials' Known Use of Commercial Messaging App
Security analysts tell Information Security Media Group more impersonation scams fueled by artificial intelligence - like the recent one involving Secretary of State Marco Rubio - may increasingly target top U.S. officials if the government continues failing to enforce strict security protocols.
Security analysts tell Information Security Media Group more impersonation scams fueled by artificial intelligence - like the recent one involving Secretary of State Marco Rubio - may increasingly target top U.S. officials if the government continues failing to enforce strict security protocols.
You Can't Secure AI You Can't See: Managing Risk in 2025
17 hours 48 minutes ago
AI Is Fueling Innovation and Blind Spots. Deep Observability Helps Close the Gap.
AI is transforming business, but it's also creating new security challenges. With network traffic surging and shadow AI on the rise, visibility is more critical than ever. Learn how deep observability helps close the gaps and defend against AI-fueled threats.
AI is transforming business, but it's also creating new security challenges. With network traffic surging and shadow AI on the rise, visibility is more critical than ever. Learn how deep observability helps close the gaps and defend against AI-fueled threats.
Why Scattered Spider Persists as Major Threat to Insurers
17 hours 48 minutes ago
Cybercrime gang Scattered Spider is the top suspect in several recent cyberattacks in the U.S. insurance sector, and it's likely that threat actors could still be lurking in other insurers' IT environments, said Peter McMurtrie of consulting firm West Monroe.
AI + Zero Trust: The New Path Forward for Secure Access
17 hours 48 minutes ago
Serious Flaws Patched in Model Context Protocol Tools
17 hours 48 minutes ago
Always Secure MCP Servers Connecting LLMs to External Systems, Experts Warn
Warning: Popular technology designed to make it easy for artificial intelligence tools to connect with external applications and data sources can be turned to malicious use. Researchers discovered two separate vulnerabilities tied to tools in the ecosystem around model context protocol, or MCP.
Warning: Popular technology designed to make it easy for artificial intelligence tools to connect with external applications and data sources can be turned to malicious use. Researchers discovered two separate vulnerabilities tied to tools in the ecosystem around model context protocol, or MCP.
AI Models' Potemkin Comprehension Problem
17 hours 48 minutes ago
Research Shows How Large Language Models Fake Conceptual Mastery
MIT, Harvard and University of Chicago researchers say models suffer from "potemkin understanding," referring to an illusion where models ace conceptual tests but fail real-world application. Their paper warns this undermines benchmarks and points to gaps in genuine AI comprehension.
MIT, Harvard and University of Chicago researchers say models suffer from "potemkin understanding," referring to an illusion where models ace conceptual tests but fail real-world application. Their paper warns this undermines benchmarks and points to gaps in genuine AI comprehension.
From VPN to Hyperscale: Island Reimagines the Browser
17 hours 48 minutes ago
Island CEO Mike Fey on Drivers for SASE, Identity Features in Enterprise Browser
Island co-founder and CEO Mike Fey outlines how the enterprise browser is evolving through AI, SASE and hyperscaler investments to enhance governance, reduce backhaul traffic and support secure access across diverse industries such as healthcare and finance.
Island co-founder and CEO Mike Fey outlines how the enterprise browser is evolving through AI, SASE and hyperscaler investments to enhance governance, reduce backhaul traffic and support secure access across diverse industries such as healthcare and finance.
Spyware Campaign Hits Russian Industrial Firms
17 hours 48 minutes ago
Phishing Emails Disguise Malware as Contract Files
A Russian cybersecurity company is warning that hackers are targeting Russia's industrial sector using a previously undocumented spyware, reeling them in with contract-themed emails lures. Kaspersky dubbed the spyware "Batavia." but doesn't attribute the campaign to a threat actor.
A Russian cybersecurity company is warning that hackers are targeting Russia's industrial sector using a previously undocumented spyware, reeling them in with contract-themed emails lures. Kaspersky dubbed the spyware "Batavia." but doesn't attribute the campaign to a threat actor.
Looking Tough: Russia Trumpets Pro-Ukraine Hacker Arrests
1 day 6 hours ago
Officials Look for Positive PR Stories as Putin's War Drags On
Russian authorities regularly trumpet the arrest and sentencing of citizens who offer hacking support to Ukrainian forces. Experts say the extent to which official crime reports can be trusted remains unclear, especially as officials need to look tough on the "Ukrainian threat."
Russian authorities regularly trumpet the arrest and sentencing of citizens who offer hacking support to Ukrainian forces. Experts say the extent to which official crime reports can be trusted remains unclear, especially as officials need to look tough on the "Ukrainian threat."
Mental Health Provider Fined $225K for Lack of Risk Analysis
1 day 6 hours ago
Settlement Follows Federal Investigation Into Data Leak and Ransomware Attack
A Texas mental healthcare provider's failure to conduct a comprehensive risk analysis resulted in a $225,000 federal fine after regulators investigated a data leak followed by a ransomware attack in 2023. Deer Oaks Behavioral Health also must implement a corrective action plan.
A Texas mental healthcare provider's failure to conduct a comprehensive risk analysis resulted in a $225,000 federal fine after regulators investigated a data leak followed by a ransomware attack in 2023. Deer Oaks Behavioral Health also must implement a corrective action plan.
Hg Purchases A-Lign to Accelerate Cyber Compliance Growth
1 day 6 hours ago
Cybersecurity Compliance Vendor A-Lign Plans Global Expansion With Backing From Hg
Cybersecurity compliance firm A-LIGN has received a majority investment from Hg, a top tech-focused private equity firm. The deal supports A-LIGN's global ambitions to deliver SOC 2 and other compliance audits and leverages Hg’s expertise in scaling data and AI-driven services.
Cybersecurity compliance firm A-LIGN has received a majority investment from Hg, a top tech-focused private equity firm. The deal supports A-LIGN's global ambitions to deliver SOC 2 and other compliance audits and leverages Hg’s expertise in scaling data and AI-driven services.
Chinese Data Leak Reveals Salt Typhoon Contractors
1 day 6 hours ago
China's Hack-For-Hire Scene Disgorges Another Leak
The Chinese nation-state threat actor tracked as Salt Typhoon is operated by a clutch of private firms whose clients include multiple Chinese government agencies, finds analysis of leaked data by Spy Cloud. Researchers found a spreadsheet listing buyers, sellers and financial transaction details.
The Chinese nation-state threat actor tracked as Salt Typhoon is operated by a clutch of private firms whose clients include multiple Chinese government agencies, finds analysis of leaked data by Spy Cloud. Researchers found a spreadsheet listing buyers, sellers and financial transaction details.
Cybersecurity Operations and AI Carry Hidden Climate Costs
1 day 20 hours ago
Crypto Defense, Data Centers, Monitoring Systems Strain Global Energy Use
As security monitoring, crypto mining protection and data centers fuel cybersecurity's energy demands, new regulations, such as Australia's National Greenhouse and Energy Reporting Act 2007, signal a global shift toward holding the industry accountable for its environmental impact.
As security monitoring, crypto mining protection and data centers fuel cybersecurity's energy demands, new regulations, such as Australia's National Greenhouse and Energy Reporting Act 2007, signal a global shift toward holding the industry accountable for its environmental impact.
Enterprises Are Prioritizing Generative AI Spending in 2025
1 day 20 hours ago
Firms Adding Chief AI Officer to C-Suite to Lead Integration, Value Creation
Generative AI is now a top budget priority over security for many enterprises, but AI talent gap continues to hinder progress on AI projects. A recent AWS report recommends redefining AI leadership roles and strengthening third-party partnerships to unlock gen AI's full potential.
Generative AI is now a top budget priority over security for many enterprises, but AI talent gap continues to hinder progress on AI projects. A recent AWS report recommends redefining AI leadership roles and strengthening third-party partnerships to unlock gen AI's full potential.
Why SEC, SolarWinds Agreed to Settle Cyberfraud Lawsuit
2 days 9 hours ago
Proposed Deal Could End Precedent-Setting SEC Case Over Cybersecurity Misstatements
The SEC and SolarWinds told a federal judge they've reached a tentative agreement to resolve a first-of-its-kind fraud case over cybersecurity disclosures. Federal regulators alleged that SolarWinds misled investors about its cybersecurity, and the settlement hinges on SEC commissioner approval.
The SEC and SolarWinds told a federal judge they've reached a tentative agreement to resolve a first-of-its-kind fraud case over cybersecurity disclosures. Federal regulators alleged that SolarWinds misled investors about its cybersecurity, and the settlement hinges on SEC commissioner approval.
Will AI Gut the Cybersecurity Talent Pipeline?
2 days 16 hours ago
Automation Saves Time But Risks Hollowing Out Critical Early-Career Roles
Time travel can seem like an unofficial requirement for cybersecurity job seekers, with would-be employers demanding mid-tier chops for entry-level positions. Come back in a few years, they say, after you've gained experience. But organizations can't assume the pipeline will fix itself.
Time travel can seem like an unofficial requirement for cybersecurity job seekers, with would-be employers demanding mid-tier chops for entry-level positions. Come back in a few years, they say, after you've gained experience. But organizations can't assume the pipeline will fix itself.
Attackers Actively Exploit 'Citrix Bleed 2' Vulnerability
2 days 16 hours ago
Citrix Issues Patches to Counter Active Attacks Against Two Critical Vulnerabilities
Administrators of Citrix Netscaler devices are being urged to immediately patch their devices to fix two actively exploited vulnerabilities. One, dubbed Citrix Bleed 2, can be abused by hackers to bypass multifactor authentication, hijack user sessions and gain unauthorized access to the equipment.
Administrators of Citrix Netscaler devices are being urged to immediately patch their devices to fix two actively exploited vulnerabilities. One, dubbed Citrix Bleed 2, can be abused by hackers to bypass multifactor authentication, hijack user sessions and gain unauthorized access to the equipment.
Ransomware Attack Halts Ingram Micro Operations
2 days 16 hours ago
SafePay Ransomware Blamed for Prolonged System Outage
Global tech distributor and service provider Ingram Micro confirmed days after a widespread IT outage that a ransomware attack disrupted internal systems. The firm disclosed the incident following reports that extortion demands associated with SafePay ransomware appeared on employee devices.
Global tech distributor and service provider Ingram Micro confirmed days after a widespread IT outage that a ransomware attack disrupted internal systems. The firm disclosed the incident following reports that extortion demands associated with SafePay ransomware appeared on employee devices.
Hacks Lead Health Data Breach Trends So Far in 2025
2 days 16 hours ago
345 Major HIPAA Breaches Reported to Feds So Far This Year, Affecting 29.9 Million
Midway through 2025, the federal website listing major health data breaches in the U.S. shows a familiar scene: Many hacking incidents including ransomware, dozens of third-party vendor incidents, and millions of individuals affected by compromised personal data.
Midway through 2025, the federal website listing major health data breaches in the U.S. shows a familiar scene: Many hacking incidents including ransomware, dozens of third-party vendor incidents, and millions of individuals affected by compromised personal data.
Checked
2 hours 48 minutes ago
DataBreachToday.com RSS News Feeds on data breach today news, regulations, blogs and education
DataBreachToday.com feed