Ransomware DataBreachToday.com

Advisory Warns Iranian Threat Actors Use 'Push Bombing' to Target Critical Sectors
Iranian cyber actors are increasingly using brute force techniques, such as password spraying and multifactor authentication push bombing, to target critical infrastructure sectors, according to a cybersecurity advisory released Wednesday by the Cybersecurity and Infrastructure Security Agency.

Trail Acquisition Brings Enhanced DLP, DSPM Integration, Safeguards Data in Motion
With the $162 million buy of Trail Security, Cyera will offer customers AI-enhanced data loss prevention alongside its DSPM solution. The new platform promises stronger, real-time data protection for sensitive information both in motion and at rest, helping enterprises meet security demands.

Hackers May Have Reverse-Engineered February Patch
Hackers may have circumvented a months-old patch for Fortinet gateway devices leading to a warning from the U.S. federal government over its active exploitation. Some security researchers say a February patch may not have fully squashed a flaw.

Security Teams Need Support, Mental Health Resources and a Focus on Resilience
Managing the aftermath of a cybersecurity incident can be grueling, and the intense pressure placed on these individuals can take a toll. Stress in the cybersecurity field, particularly post-incident, is a well-documented issue that many professionals quietly struggle with.

New Features From Structure101 Simplify Code Structure, Future-Proof Development
Sonar has integrated Structure 101's design expertise into its platform, enhancing code architecture and reducing dependency issues. This update helps developers streamline workflows and minimize long-term software evolution costs, ensuring good code management across multiple programming languages.

FBI Disrupted DDoS Group in March
Two Sudanese brothers are under criminal indictment in the United States for their role in distributed denial-of-service attacks launched under the moniker of Anonymous Sudan. Among the group's targets were a major Los Angeles hospital and Microsoft.

Most IT Restored, But UHG Is Still Catching Up and Aiming to Win Back Clients
UnitedHealth Group has raised its estimates to nearly $2.9 billion for the total costs this fiscal year of the cyberattack on its Change Healthcare IT services unit. UHG said it is also working to catch up with claims processing and to win back clients disenfranchised by the attack.

New NCSC Chief Also Warns of Threefold Increase in Severe Cyberattacks
The U.K. experienced a 50% spike in cybersecurity incidents posing national security risks this year, according to NCSC CEO Richard Horne. Growing advancements in emerging tech are widening the gap between offensive and defensive cyber capabilities, he warned.

Integration of DSPM Firm Dasera Enhances Data Protection Across Cloud Environments
Netskope’s purchase of Dasera enhances its data security posture management capabilities, enabling customers to secure both structured and unstructured data across cloud and on-premises environments. The integration will offer a platform for holistic data protection and security posture management.

Data Regulator Likely Reviewing Insider Threat Case at Intesa Sanpaolo Bank
Intesa Sanpaolo bank of Italy this week told the country's data regulator that an employee - who has since been fired - accessed sensitive banking details of the country's prime minister and other politicians for years. The Italian Data Protection Authority is investigating the data breach.

Nordic Authorities Take Down Sipulitie, Dutch Police Arrest Alleged Bohemia Admins
October has been a good month for European police agencies shutting down darkweb marketplaces, with Dutch, Finnish and Swedish police announcing server seizures and suspect arrests. It's been more than a decade since Ross "Dread Pirate Roberts" Ulbricht initiated an era of online criminal bazaars.

Nearby Texas Tech University Health Sciences Center's IT Systems Also Still Offline
Nearly three weeks after a ransomware attack, UMC Health System has restored electronic health records, but the Texas-based public health system is still working to recover other patient care IT systems. Nearby Texas Tech University Health Sciences Center is still dealing with a related outage.

Lawmakers Demand Answers, Security Overhaul After Chinese Hack of Telecom Networks
Congress is demanding answers from AT&T, Verizon, and Lumen after reports revealed that Chinese hackers breached U.S. telecom infrastructure, targeting systems linked to court-authorized wiretaps, as the FBI and the Cybersecurity and Infrastructure Security Agency investigate the Salt Typhoon group.

Texas-Based Gryphon Healthcare Says an Unnamed Third Party Was at Center of Breach
A Texas-based revenue cycle management firm is notifying about 400,000 individuals of a hacking incident it says originated with another third party. The incident is among a growing list of major breaches implicating vendors and cumulatively affecting tens of millions of patients so far this year.

Sector Uses Multifactor, Eschews Cloud, Can't Afford Cyber Insurance
The oil and gas industry has high levels of cyber awareness and low levels of cyber insurance, says a sectoral assessment from credit rating agency Moody's. The sector has experienced a clutch of high-profile attacks including a high-profile 2021 incident at Colonial Pipeline.

Only Six Nations Have Incorporated NIS2 Into National Statute
Most European countries are set to miss a trading bloc deadline for implementing a key cybersecurity regulation that requires measures such as mandatory security auditing for essential services such as hospitals and banks. Just six countries have integrated the NIS2 directive into national law.

AI Mimics Reasoning Without Understanding, Struggles With Irrelevant Data
Cutting-edge large language models would fail eighth grade math, say artificial intelligence researchers at Apple - likely because AI is mimicking the process of reasoning rather than actually engaging in it. Researchers asked LLMs to solve math word problems.

Also: AI Safety Bill Vetoed, Global Ransomware Response Guide Gets Some Revisions
In the latest weekly update, ISMG editors discussed the implications of the U.S. investigation into Chinese hackers targeting telecom wiretap systems, the catastrophic risks of AI and the recent veto of an AI safety bill in the U.S., and the latest global ransomware response guidance.

Ransomware Gang Could Have Axis Health's Mental Health, Drug Abuse Records
Ransomware gang Rhysida is threatening to dump data on the darkweb that belongs to a Colorado provider of mental health, substance abuse and other healthcare services unless it pays nearly $1.5 million. The group is leaking records it claims to have stolen from a Mississippi nursing home.

Agency Says Cookies Could Help Attackers Find Network Assets, Vulnerabilities
Unencrypted cookies tied to a suite of secure gateway technology from F5 are gateways for hackers to reach internal devices on corporate networks, warns the Cybersecurity and Infrastructure Security Agency. BIG-IP uses persistent cookies as a traffic load-balancing convenience.