BankInfoSecurity.com

Big Crossover Found Between ClickFix and Adversary-in-the-Middle Infrastructure
Tracking how cybercriminals and their service providers use malicious infrastructure can give defenders an edge for blocking their targeting. New research spotted a massive crossover between IP addresses used for both ClickFix and adversary-in-the-middle attacks.

Also: LastPass Warns of Phishing Campaign, Trump's New CTFC Head Pick
Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, Meteora CEO faced fraud allegations, LastPass warned of a phishing campaign, Trump taps crypto lawyer to lead CFTC, Mt. Gox delayed creditor repayments again and an Indian court blocked WazirX from using customer funds to cover hack losses.

Also: F5 Revenue Dips, Swedish Utility Operator Breached
This week, critical infrastructure breaches in Canada, a Swedish grid operator breached, an Australian guilty of selling cyber exploits, Gmail wasn't breached, F5 projected a revenue dip, PhantomRaven targeted developers, a Pakistan-linked actor targeted India and Dentsu confirmed a data breach.

Series C Funding Fuels Autonomous Agents That Detect and Block Attacks in Real Time
Sublime Security closed a $150 million Series C round to expand its AI-driven agent platform. The Washington D.C.-based company aims to reduce cyber risk and manual workloads for defenders by adapting quickly to novel attacks, especially those using GenAI.

Midsize Businesses Need Skilled Professionals as Threat Actors Shift Their Tactics
As large enterprises continue to strengthen their defenses and reduce ransom payouts, ransomware operators are redirecting their attention toward midsize organizations. This shift has increased the urgency for adaptable, well-trained cyber professionals who can tailor enterprise-grade protections.

2nd Round of Layoffs Since 2022 Comes 2 Months After $150M Email Security Purchase
Varonis cut 5% of its workforce and saw its stock price nosedive after disclosing a sharp drop in renewal rates for its on-premise subscription business. The underperformance of the federal vertical caused a notable headwind for Varonis despite it accounting for just 5% of annual recurring revenue.

Azure Outage Comes a Week After a Cloud DNS Error Disrupted AWS Users
Microsoft's Azure cloud and 365 systems suffered an outage at noon on Wednesday because of a configuration error - hours before its quarterly earnings call and about a week after rival AWS underwent a widespread outage that shut down applications and services for most of the day.

Treasury Yet to Release Sector-Specific Controls and Reimbursement Mechanisms
Australia introduced the world to the first-ever Scam Prevention Framework law that promised to make the country the hardest place on earth for fraudsters. Eight months later, it's trapped in bureaucratic limbo - passed, praised and still waiting to work.

Add-On EMV Features Put Merchants at Risk to High-Charging 'Free Lunch' Crooks
Variations in how EMV ecosystem players implement the standard, as well as a bevy of features they've bolted on - transit modes, offline payment restrictions - have been "overloading" the specification and introducing exploitable vulnerabilities, warn a team of researchers.

Private Equity Firm's $13.05-Per-Share Bid Comes 5 Years After Jamf Went Public
Francisco Partners agreed to purchase Jamf for $2.2 billion just three months after the Apple management and security vendor laid off 6.4% of its workforce. The $13.05-per-share offer will provide Jamf with greater financial flexibility to accelerate growth and expand through innovation and M&A.

US Cites Risk of Treaty Being Weaponized by Authoritarian Regimes, Privacy Concerns
The U.S. declined to sign the new U.N. cybercrime convention despite support from 72 nations and its backing by Russia and China over fears it could be exploited by authoritarian states to legitimize surveillance, censor dissent and pressure cross-border data cooperation.

Agency Warns Vertikal Systems Vulnerabilities Could Help Hackers Access Data
U.S. federal authorities are warning about vulnerabilities in hospital information management systems from Romanian firm Vertikal Systems that could allow hackers to obtain and disclose patient data. The affected systems are used mostly by smaller hospitals and clinics outside the United States.

Staff Allegedly Took Photos, Posted Pics on Social Media Without Patient Consent
A Florida hospital is facing several lawsuits filed by patients who alleged staff members used their personal phones to take and post humiliating photos on social medial of the patients without their consent while they were asleep or medicated, and semi-undressed.

Thousands of Windows Server Update Services Observed Online
Warnings over hackers exploiting a Windows Server Update have compounded since Microsoft rushed out a patch Friday against a flaw allowing unauthenticated attackers to execute arbitrary code.

Nonprofit Foundation Holds Equity, Oversight Around $130B For-Profit Corporation
The nonprofit OpenAI Foundation now controls a $130 billion for-profit arm after a recapitalization process approved by attorneys general in California and Delaware. The nonprofit retains governance authority and will fund global health and AI risk mitigation programs, backed by regulatory approval.

CISA Says Hackers Actively Exploit Manufacturing Operations Management Platform
Software made by a French multinational that's used to manage manufacturing across the globe is under active attack, warned the Cybersecurity Infrastructure and Security Agency in the second such warning in two months. Hackers are exploiting two vulnerabilities in the Delmia Apriso platform.

CEO Nikesh Arora: Next-Generation Security Play Ties Automation to Identity, Cloud
With new products set to launch, Palo Alto Networks is expanding its AI cybersecurity footprint. Chairman and CEO Nikesh Arora introduced the AgentiX platform, a retooled cloud approach, identity enhancements and a deal making Palo Alto the core security provider for Oracle Cloud.