Ransomware DataBreachToday.com

Chinese Hacking Group Reportedly Behind the Hack
A top-ranking U.K. government official said that hackers targeted the government's foreign relations ministry but dismissed media reports that the attackers stole a large trove of data. "We managed to close the hole, as it were, very quickly," said Trade Minister Chris Bryant.

Widely Used ukr.net Is a Repeat Focus for APT28 Cyberespionage Operations
Don't expect cyber spies to respect distinctions between military and civilian networks, especially in times of war, warn researchers tracking persistent Russian military intelligence credential-harvesting attacks against users of Ukraine's popular, commercial UKR.NET webmail platform.

Chainalysis Data Shows Access-Driven Attacks Reshaping Risk
Hackers stole more than $3.4 billion in crypto this year. Losses were driven by a small number of high-impact breaches. Chainalysis data shows how North Korea actors, centralized platforms and expanding retail adoption reshaped where crypto risk accumulated.

Also: Terra Founder Do Kwon Sentenced to 15 Years in Prison
This week, SantaStealer resurfaced as an infostealer, police took down a crypto platform accused of money laundering, Terra founder Do Kwon sentenced, Bitcoin Rodney faced fraud and money laundering charges. The United Kingdom may regulate crypto by 2027 and Binance warned of fake listing agents.

Precision Agriculture Boost Yields but Opens Farmers to Cybersecurity Risk
Precision agriculture is transforming U.S. farming with sensors, drones and automation, boosting productivity yields. But growing digital dependence is also expanding the attack surface, exposing farms to ransomware, disruption and rising cybersecurity risk.

Also: macOS Naughty or Nice, Cybercrime Karma, Spoofing Legacy Rail Infrastructure
London in December: Early to dark, quick to rain but also festive - and a mecca for cybersecurity researchers there for the annual Black Hat Europe conference. This year's event featured nearly 50 briefings that touched on everything from hardware hacking to combing infostealer logs for hidden gems.

Security Needs to Document Risks and Push Back Against Retroactive Accountability
A recent CISO resignation letter exposes a structural flaw in how organizations manage cyber risk. It shows what happens when risk is accepted quietly and accountability is enforced retroactively, and it's a cautionary tale about why CISOs need to actively manage their careers.

More Dry Powder Will Help Cyera Compete Against Proofpoint, Rubrik in AI Agent Era
Cyera in just four years has raised $1.3 billion, the second-largest venture haul for any cyber startup behind only Wiz. The company set its sights even higher in 2026, with media reports that Cyera is set to receive another $400 million - this time from Blackstone - at a valuation of $9 billion.

Practical Steps That Effectively Strengthen Security and Resilience
Cyberattackers know SMBs think they're "too small to be a target" - and they're acting on it. Learn why small businesses are increasingly targeted and the five foundational steps that can significantly reduce cyber risk.

Ink Dragon Compromised IIS Networks to Relay ShadowPad Malware
A Chinese hacking group is using compromised European government networks as relay nodes to route commands and support other hacking operations. Security firm Check Point attributed the campaign to a Chinese espionage group it tracks as "Ink Dragon."

Experts Say AI Is Already Enabling Faster and Harder-to-Detect Attack Campaigns
Artificial intelligence-fueled malware and automated cyber tools are enabling faster, more adaptive attacks at scale, with experts warning Congress that adversaries are now leveraging AI and quantum advances to outpace defenders and bypass outdated security architectures.

Push Comes as HHS Steps Up Enforcement of Data-Sharing and Record Access Regs
A privacy-minded senator is pressuring U.S. health tech companies to give patients more control over where their patient data goes, framing the matter as a matter of national security as well as privacy. Regulators have ramped up enforcement of rules that promote the interoperability.

Deal Would Move ServiceNow's Cybersecurity Ambitions From the Shadow to Spotlight
ServiceNow's security business has long been a sleeping giant inside the workflow orchestration behemoth's portfolio that in recent months appears to have awoken. With the buy of Armis possibly imminent, ServiceNow's security ambitions appear to be moving from the shadows to the spotlight.

2 More Vulnerabilities Need Patching in React Server Components, Warns Vercel
Mass exploitation of the "React2Shell" - CVE-2025-55182 - vulnerability remains underway by nation-state hackers tied to China, North Korea and Iran, as well as financially motivated cybercriminals running everything from cryptomining malware to DDoS services, security experts warn.

ServiceNow's Neeraj Jain on Risk Mitigation and Real-Time Data Access for AI Agents
Enterprises that embed governance from intake to deployment scale AI faster than those that bolt it on afterward. Clear frameworks mitigate risk, ensure compliance and increase operational efficiency, says Neeraj Jain, director of product management, hyperscalers and multi-cloud at ServiceNow.

National Accident Health Says Breach Exposed Medical Info of 181,000 People
A Maine-based third-party administrator that handles healthcare claims involving day care centers, youth sports and NCAA athlete accidents is notifying more than 181,000 individuals that their medical information and personal identifiers may have been accessed or stolen in a hacking incident.

Black Hat's Jeff Moss: 'We're in a Political Situation, Whether You Like It or Not'
Technology doesn't exist in a vacuum, and by extension neither does cybersecurity. But in recent years, Black Hat founder Jeff Moss said he's been "struggling" with the "uncomfortable truth" that unlike the largely risk-free early days of hacking, today "all tech is political."

Defense Bill Expands Cyber Authorities, Tech Adoption and Talent Pipeline
Congress advanced a $15.1 billion military cyber budget in the fiscal year 2026 National Defense Authorization Act, boosting core operations, workforce recruitment and tech modernization as civilian cyber teams face sharp staffing losses and budget constraints.

Companies Are Among the Latest HIPAA Business Associates Revealing Recent Hacks
New York-based medical supply fulfillment company Fieldtex is notifying its clients and more than 274,000 people about an August hack. Meanwhile, revenue cycle software firm TriZetto is also contacting its customer and patients about its own hacking incident.

Also: Australia's AI Policy Backtrack, Legal Protections for White Hat Hackers
In this week's ISMG Editors' Panel, four editors explored Australia's shift in artificial intelligence regulatory policy, a resurgence of white hat hackers in the news and the shadow Telegram market of Russian fraudsters who are selling identities of former U.S. immigrants for $1,000 a person.