DataBreachToday.com

Executives Receiving Ransom Demands of Up to $50 Million, Warns Ransomware Expert
Extortionists are shaking down executives at organizations that use Oracle E-Business Suite, claiming to have stolen their sensitive data and demanding ransoms of up to $50 million, multiple cybersecurity firms are warning. The criminals claim to be associated with the Clop ransomware group.

US Cyber Defense Agency Faces 65% Furlough Rate Amid Federal Shutdown
The U.S. federal government shutdown has slashed staff at the nation's cyber defense agency and other key cyber entities, freezing daily operations, stalling grants and weakening threat coordination as state and local systems brace for lapses in federal support.

Evaluating Tools Saves Money But Requires Technical, Compliance and Business Acumen
Shiny object syndrome is more than a metaphor in cybersecurity. Organizations that chase every new tool often discover that what looked impressive in a demo fails to meet operational needs. The cure for this common malady is a structured tool evaluation process.

Armis CISO Curtis Simpson on Spend Justification, AI Risks, Real-Time Visibility
Curtis Simpson, CISO at Armis, shares how CISOs can frame spend in terms executives value, the underestimated risks of AI and which technology trends will truly reshape enterprise security.

'Success Stories' Social Media Program Impermissibly Disclosed PHI of 150 Patients
A "Success Stories" marketing campaign by a Delaware nursing home that involved posting photos and names of patients on social media resulted in a $182,000 federal fine. Regulators say the company violated HIPAA rules through the unauthorized disclosure of patients' protected health information.

ENISA: Nation-State Hacking 'Steadily Intensified' Over 12-Month Period
Nearly every member government of the European Union experienced a cyberattack from a nation-state hacker in the 12 months ending in July, primarily from Russian and Chinese threat actors who "steadily intensified" hacking, says the European cyber agency.

$7 Billion Illicit Bitcoin Horde: Malaysian National Latest to Plead Guilty
A Malaysian national pleaded guilty Tuesday in an English courtroom to assisting an investment fraud scammer who converted stolen assets into a cryptocurrency treasure trove now worth $7.1 billion, including helping her to evade arrest by lining up assistants and Airbnb rentals in Scotland.

Threat Actor Shifts From Targeting Exchange to Databases
A Chinese cyberespionage threat actor with a history of hacking Microsoft Exchange to spy on geopolitical events including summits in Africa, the Middle East and Asia, has shifted its attention to targeting databases, say researchers.

Medication Tech Firm Says Hacking Incident Contained to One Employee Email Account
A Florida firm that offers medication therapy management services to health plans is notifying nearly 150,000 individuals that their information was potentially compromised in a phishing attack affecting one employee's email account for only about an hour. Why do users still fall for phishing scams?

Public-Private Cyberthreat Sharing at Risk Amid Shutdown, Experts Warn
With a key cyberthreat sharing law expiring Tuesday, analysts tell Information Security Media Group legal protections enabling cyberthreat sharing across the public and private sectors will vanish, raising fears of reduced visibility into critical infrastructure just as federal resources shrink.

A Look at How the 2nd Largest Deal in Cyber History Nearly Fell Apart in the 11th Hour
The second-largest acquisition in cybersecurity history included initial outreach in 2023, the seller nearly walking away and an accelerated announcement timeline due to media leaks. Palo Alto CEO Nikesh Arora first approached CyberArk Chairman Udi Mokady about a potential deal back in May 2023.

Cognex Says It Won't Patch Flaws
Nearly a dozen serious vulnerabilities in a Cognex industrial smart camera will go without a patch because the company says the model is "too old to merit a fix." Industrial security firm Nozomi Networks uncovered nine flaws during a security assessment.

2024 Cyberattack Was One of Several on Other Blood Suppliers in US, UK
OneBlood, which provides blood supplies to 250 hospitals in Florida, Georgia and the Carolinas, will pay $1 million to settle proposed class action litigation filed against the non-profit entity in the wake of a 2024 ransomware attack that compromised the information of nearly 170,000 individuals.