DataBreachToday.com

Russian Hybrid Warfare Illuminates Debate Over Defending Cyber Poor Operators
A spate of pro-Russian hacktivists attacks against Polish water facilities have illuminated a debate about the best way to defend water utilities and other critical service providers below the cyber poverty line, meaning they face a threat that they cannot afford to defend against.

Josephine Wolff on Why Healthcare Must Scrutinize Cyber and AI Coverage
Healthcare organizations face growing pressure to reassess cyber insurance policies as cyberattacks disrupt patient care and AI tools introduce new liability risks. Josephine Wolff of Tufts University discusses how exclusions, compliance demands and AI-related uncertainty shape insurance decisions.

Frame's AI Models Build Contextualized Security Lessons Automatically in Minutes
Frame Security, founded by former Wiz product and sales leader Tal Shlomo, emerged from stealth with $50 million to build AI-generated cyber training and simulations designed to prepare employees for phishing, deepfakes, voice cloning and other personalized social engineering attacks.

Agency Grants Routers a 18-Month Reprieve From Obsolesce
The U.S. Federal Communications Commission extended through Jan. 1, 2029, a waiver allowing foreign-made routers already approved for use in the United States to continue receiving updates. The agency earlier this year instituted a ban on foreign-made consumer routers, citing national security concerns.

Kernel Privilege Escalation Has One Linux Maintainer Contemplating a 'Kill Switch'
Back-to-back kernel vulnerabilities in Linux has defenders scrambling to apply defenses in the age of quick turnaround time for hackers to exploit nascent flaws. "Dirty Frag" and "Copy Fail" kernel privilege escalation vulnerabilities became public knowledge within two weeks of each other.

Patching Workflows Built for Weekly Cycles Can't Survive an Era of Hourly Exploits
AI is shrinking the window between vulnerability disclosure and active exploitation from weeks to hours. But remediation workflows haven't kept pace. Security teams need real-time intelligence, unified IT and security operations, and automated remediation to close the gap before attackers do.

In the face of relentless cyberattacks that threaten patient safety, hospitals must strengthen their resilience, with clinical continuity, secure backups and coordinated recovery emerging as critical strategies, said John Riggi of the American Hospital Association and Josh Howell of Rubrik.

Internal Communications Dumped Online, Revealing Fresh Victims, Repeat Tactics
Ransomware group The Gentlemen, a relative newcomer to the cybercrime scene, suffered a leak of its internal communications, revealing previously non-public victims, a variety of tactics, techniques and tools, and a relentless focus on popping backup and storage infrastructure.

ICO Warns Key Security Gaps Led to Exposed Data of Over 630,000 People
A British regulator said a major water sector organization failed to use establish cybersecurity safeguards to secure sensitive data, allowing hackers to use a phishing campaign to gain persistence, steal records and expose more than 630,000 sensitive records.

Cloud Connectivity, Security Operations Providers Reportedly Chop 20%, 7% of Staff
Cloudflare cut more than 1,100 workers from its 5,483-person staff, saying the layoffs will align Cloudflare's operations with AI-driven workflows and productivity gains. And Arctic Wolf laid off 250 workers from its estimated staff of 3,402 to free resources for investment in AI initiatives.

An On Demand video from ID Dataweb
Scattered Spider continues to evolve, and organizations across financial services, healthcare, insurance, telecommunications, and other sectors are strengthening defenses against increasingly sophisticated identity-driven threats.

Coerced Labor in Scam Compounds Is Reshaping How Enterprises Face Fraud Risks
Fraud operations in Southeast Asia increasingly rely on trafficked workers forced into scams. This reality challenges assumptions about threat actor behavior, complicates attribution and negotiation, and demands that enterprises rethink fraud prevention and disruption strategies.

Also: Washington's AI Policy Divide, FDA's Push for AI-Driven Clinical Trials
In this week's panel, four ISMG editors discussed the battle over who gets to access powerful AI cybersecurity models, policy issues unfolding in Washington over AI-driven cyber defenses, and how the FDA is beginning to test AI-supported real-time clinical trials to speed up drug development.

State Insurance Officials Seeking Details About Service Firm's Mega Data Breach
Missouri regulators are widening their investigation into the 204 hacking incident at Conduent Business Services, alleging that the company has stonewalled the state's attempts to obtain information about the data breach, which is estimated to affect more than 25 million people nationwide.

Top Democrat Warns States Are Losing Federal Cyber Defense Support
A top U.S, Senate Democrat decried shrinking federal support for election security ahead of the November midterms, warning that cuts to the Cybersecurity and Infrastructure Security Agency could leave states without cyber defense or threat intelligence capabilities

AI-Developed Attack Tooling Generated 'High-Volume, Noisy Workflows'
A hacker used Claude and Chat GPT in a cyberattack against a municipal water and sewage utility's operational technology systems in Mexico in January, according to forensic analysis by OT security firm Dragos. The tools "leveraged known techniques and existing vulnerability knowledge."