DataBreachToday.com

FPT's Leonard Bertelli on the Shift From Reactive Monitoring to Predictive Insight
Observability has now become a mission-critical capability for enterprises operating complex, distributed and AI-driven systems. Leonard Bertelli, senior vice president at FPT Americas, shares how observability is changing and why both culture and technology must align to move enterprises forward.

AI Giants Evaluated Each Other's Newer Models for Safety Risks
OpenAI and Anthropic evaluated each other's AI models in the summer, testing for concerning behaviors that could indicate misalignment risks. Both companies released their findings simultaneously: no model was severely problematic, but all showed plenty of troubling behavior in testing scenarios.

Oslo University Hospital CSO Torkel Thune on Nordic Threat Landscape
Torkel Thune, head of the department for architecture, operational IT security and chief security officer at Oslo University Hospital, discusses how global shifts are affecting cybersecurity for the Nordic region, and how healthcare is especially vulnerable.

CISO Tammy Klotz Discusses the Value of Peer Support in Advance of ManuSec 2025
Manufacturers face many challenges in securing OT and IT systems, from legacy technology to managing vulnerabilities. Tammy Klotz, CISO at Trinseo and last year's ManuSec Summit event chair, discusses the value of sharing firsthand insights with a cybersecurity community.

Senate HELP Committee Leaders Ask Insurer: What Went Wrong in the Cyberattack?
A U.S. Senate committee is demanding details from insurance giant Aflac about the company's recent cyberattack that compromised the personal and health information of a yet undisclosed number of Americans. Senators last year gave the same scrutiny to the Change Healthcare mega-breach.

Also: DSLRoot Turns Homes Into Proxies, Cyberattack Disrupts Swedish Towns
This week: TransUnion incident affects 4.5 million, DSLRoot residential proxies, Operation Serengeti 2.0, ZipLine campaign exploits contact forms, a cyberattack disrupts 200 Swedish municipalities, Maryland Transit Administration hit by ransomware, TAG-144 escalated attacks in South America.

US Cyber Defense Agency Deploys Support to Nevada Following Ransomware Incident
The Cybersecurity and Infrastructure Security Agency and FBI are aiding Nevada after a cyberattack disabled state services, exposing how local governments - amid surging ransomware, IT shortfalls and federal funding cuts - are increasingly reliant on strained national cyber defense resources.

Buying Spanish Startup Brings Real-Time Data Pipeline Tech to Boost SOC Efficiency
CrowdStrike announced plans to acquire Spanish startup Onum Technology for $290 million. The move brings advanced data pipeline tools into its Falcon platform, speeding up threat detection and consolidating SOC workflows for customers leaving legacy SIEMs.

Concerns About Enterprise AI Are Opening New Opportunities for Problem-Solvers
Some organizations are hesitant about implementing artificial intelligence tools in their enterprises because of accuracy, security and privacy concerns. That hesitation creates opportunities for professionals who can bridge the gap between technical potential and practical deployment.

Threat actors now use AI for scaling organized retail crime and to make bot detection more difficult. How can defenders use AI to respond? Jackie Deloplaine of RH-ISAC and Derek Dykens of Splunk share insight and optimism on the use of AI to detect and combat ORC.

US and Allies Warn About Persistent and Long Term Access to Network Equipment
The Chinese hackers responsible for breaking into telecom networks across the globe capitalize on already documented vulnerabilities, principally in Cisco routing equipment, warn a slew of national cybersecurity agencies. Hackers use publicly known vulnerabilities with CVE designations.

HHS Shifts 42 CFR Enforcement Duties to Office of Civil Rights Amid Massive Reorg
The U.S. Department of Health and Human Services has put its Office for Civil Rights in charge of investigating and penalizing organizations that breach the confidentiality of substance abuse disorder records. Some fear the agency doesn't have the bandwidth to enforce both HIPAA and 42 CFR Part 2.

Class Action Litigation Accused Mt. Sinai of Sending Patient Info to Facebook
A New York City healthcare system has agreed to pay nearly $5.3 million to settle a proposed class action lawsuit alleging that the hospital's use of online tracking tools in its patient portal and website sent patient information to Facebook without their knowledge or consent for years.

Deal Ends Suit Alleging Microsoft's Message Encryption Tool Violated Virtru Patents
After three years of litigation, Virtru and Microsoft have settled a patent infringement case involving the tech giant’s email encryption product. The suit claimed Microsoft's technology infringed Virtru’s patented identity-driven encryption method for seamless, credential-free data access.

Citrix Publishes Patches After Attackers Exploit Memory Overflow Vulnerability
NetScaler customers of virtualization giant Citrix once again should patch immediately to stymie the hackers exploiting a zero-day. Citrix warned Tuesday that hackers are using a memory overflow vulnerability now tracked as CVE-2025-7775. The vulnerability carries a CVSS score of 9.2.

Just-in-Time, Database, Kubernetes Access Fuel Privileged Access Startup M&A
By acquiring startup Axiom Security, Okta aims to enhance privileged access by offering broader coverage of sensitive assets like Kubernetes containers and databases. The company says the move accelerates value delivery and complements Okta's existing privileged access capabilities.

Department of Government Efficiency Staffers Created 'Live Replica' of SSA Data
The Social Security Administration's chief data officer is warning in a whistleblower complaint that DOGE created a cloud replica of the Social Security database without proper authorization or oversight, potentially exposing the personal data of 300 million Americans.

Pakistan-Linked Threat Actor Targets Indian Linux Operation System
Pakistan-linked hackers are targeting an Indian Linux-based operating system by tricking government employees into clicking malicious files that look like PDFs. When opened, the files install spyware, giving attackers long-term access to sensitive government systems.