DataBreachToday.com

2025 Is Likely to See Balanced Approach to AI Across Industries
The AI landscape is set to transform in 2025 with pragmatic approaches to implementation replacing the experimental fervor. This shift will span industries and developer ecosystems. Technologies will ride on the transformative power of AI and the responsibility that comes with it.

Hackers Targeted a PAN-OS Flaw Days After Its Disclosure
A suspected Chinese hacking campaign that began in November is exploiting a vulnerability in Palo Alto firewalls to install a custom malware backdoor for espionage. UNC5325 activity aligns with the Chinese hacking strategy of targeting edge devices.

Treasury Tells Lawmakers Chinese Threat Actor Remotely Breached Agency Workstations
The U.S. Treasury Department notified lawmakers Friday that the agency was the victim of a major cyberattack in which Chinese-linked hackers gained access to unclassified documents after gaining access to remote workstations through a third-party software provider, BeyondTrust.

HHS Proposes Encryption, Security Standards for Healthcare Firms
The U.S. Department of Health and Human Services is proposing new rules for healthcare organizations that aim to bolster protections for Americans by requiring companies to encrypt sensitive patient data and conduct routine compliance evaluations amid increased threats targeting the sector.

Cyber incident details involving non-profit and non-government entities across sectors such as healthcare are not centrally reported and collected, creating gaps for researchers, IT experts and others seeking to analyze trends in their industries, said Stanley Mierzwa of Kean University.

Mirari and Kaiten Botnet Variants Exploit Unpatched Routers
Attackers exploiting nearly decade-old D-Link router vulnerabilities drove a sharp rise in botnet activity in 2024 through variants of the Mirari and Kaiten taking advantage of unpatched devices. Operators of botnets known as Ficora and Capsaicin exploit nearly decade-old flaws.

American Addiction Centers Says 422,424 Individuals' Private Details Exposed
Substance abuse treatment company American Addiction Centers is warning nearly half a million patients that ransomware-wielding attackers stole their personal details, including names and Social Security numbers. The Rhysida ransomware operation claimed to perpetrate the attack.

Officials Say Chinese Hackers Maintained 'Broad and Full' Access to Telecom Systems
Federal officials told reporters Friday that ongoing investigations into the Salt Typhoon cyberespionage campaign have identified a ninth victim company affected by the attack, in which hackers maintained "broad and full" access to vulnerable communications infrastructure across the country.

Rule Aims to Stymie Weaponization of Americans' Data
The U.S. federal government finalized Friday regulations throttling the bulk commercial transfer to China and Russia of data pinpointing Americans' location, their health data, or biometric and genomic identifiers. The rule implements a February executive order from President Joe Biden.

One of the most important lessons emerging in 2024 for the healthcare sector is that entities should diligently prepare contingency plans for potential cyberattacks that seriously disrupt their critical third-party vendors, advises regulatory attorney Betsy Hodge of the law firm Akerman.

Also: Bitfinex Hacker Lichtenstein's Social Media Post From Prison
This week's stories include updates on hackers in the DMM Bitcoin and Bitfnex cases, South Korea sanctioning North Korean hackers, Trump naming an exec director for Digital Assets Council, Craig Wright's prison sentence and the Interpol's red notice for Hex founder.

2024 Marked the Government's Increasing Role Mandating Cybersecurity
Australia announced a flurry of cybersecurity legislation and regulations in 2024, spotlighting the government's intent to fortify the nation's cybersecurity in the wake of the Medibank and Optus incidents. The government vowed to transform the country into the world's "most cyber-secure."

Federal 'Rip-and-Replace' Program Gets Funding Boost in Defense Bill
The 2025 National Defense Authorization Act includes $3 billion to fund an FCC program aimed at replacing Chinese-made telecommunications equipment across the country amid heightened threats from Beijing following the discovery of the Salt Typhoon cyberespionage campaign.

The 'Eagle S' Forms Part of Sanctions-Busting Russian Shadow Fleet, Says EU
Finnish police boarded Thursday an oil tanker suspected of rupturing telecommunications and electricity cables running beneath the Baltic Sea in a Christmas Day incident. They escorted the tanker, the Eagle S, into Finnish waters as part of a criminal investigation into damage caused on Wednesday.

Key Focus Areas for Cybersecurity Professionals in 2025
As we enter 2025, the cybersecurity landscape demands more than just maintaining the status quo. New threats, evolving technologies, and heightened regulatory scrutiny require professionals to set clear resolutions that sharpen their abilities and expand their impact.

InfoSec Officer Shervin Evans on Preparing Organizations to Withstand Cyberthreats
Cyber resilience takes a broader approach, emphasizing the ability to withstand, recover and adapt to cyber incidents. The article explains the key components of cyber resilience, its importance and how organizations can implement it to build stronger defenses.

Washington and Nevada were among states enacting new data privacy laws in 2024, and that trend among states will likely continue into 2025 as the next presidential administration comes into office promising to reduce federal regulations, said attorney Melissa Crespo of law firm Morrison Foerster.

Blackpoint Cyber CEO Jon Murchison on MSP Cloud Identity Risks
With a 30-to-1 ratio of cloud to on-premises attacks, Blackpoint Cyber CEO Jon Murchison stresses the importance of enhanced identity detection and AI-driven solutions. He also outlines strategic moves for managed service providers to align with Microsoft’s ecosystem.

Cybercriminals Say They Hacked 66 Companies
The Clop cybercriminal group is threatening to make public the companies swept up by its mass hacking of managed file-transfer software built by Cleo Communications. In a Dec. 24 update to its dark web leak site, Clop asserted it has "data of many companies who use Cleo."