DataBreachToday.com

AI Tool Streamlines Clinical Workflows at WellSpan With Microsoft's Dragon Copilot
WellSpan Health deploys Dragon Copilot, blending voice dictation and ambient listening to ease clinician burnout. It streamlines tasks with generative AI as part of an ecosystem shift, offering hope amid high burnout rates and workforce shortages.

Chris Krebs and SentinelOne Targeted as Trump Still Trumpets 2020 Election Lies
The White House said President Trump has ordered a probe into former Cybersecurity and Infrastructure Security Agency Director Chris Krebs' government service, revoked any security clearances he holds and suspended security clearances issued to his employer, SentinelOne.

Also: PoisonSeed Phishing Campaign, FTX Clients Face Reimbursement Hurdle
This week, Trump administration disbanded a Justice Department crypto unit, the U.S. Securities and Exchange Commission will review crypto guidance, Usual pledged up to $16M in bug bounties, a PoisonSeed phishing campaign, FTX repayment plan troubles and a Coinbase 2FA error.

Emerging AI Tools Can Transform SOC Analysts' Jobs But Require New Sets of Skills
In a job market known for its talent shortage and skills gap, the shift to AI-based solutions represents both an opportunity and a call to action. While AI can tackle grunt work with remarkable accuracy, it also demands a new set of skills from the cybersecurity workforce.

Largest Palo Alto Purchase Since 2020 Would Aid AI Model Security and Governance
Palo Alto Networks is eyeing its largest startup deal since December 2020, with the platform giant targeting Protect AI, a startup that offers AI scanning, LLM security and gen AI red teaming. Palo Alto Networks is prepared to pay between $650 million and $700 million for Protect AI, Globes reported.

Tech Giant Says Threat Actors Are Exploiting a Flaw in Widely-Targeted Windows Tool
Ransomware threat actors are exploiting a zero-day vulnerability discovered in a highly targeted Windows logging system tool in a campaign in part targeting U.S. IT and real estate sectors, Microsoft confirmed in a Tuesday blog post urging customers to apply available patches.

Academics Map Out Holistic Cyber Education for Future Defenders in the Age of AI
Cybersecurity education can't be built on tools alone. It must prepare students to think critically, navigate complex systems and address the human dimensions of security. That's the vision behind the new textbook "Cyber Security Foundations: Fundamentals, Technology and Society."

OT Operators Can't Count on Isolation to Protect Network
Rare is the OT environment truly isolated from a business network. Experts say real-time, contextual threat intelligence is now essential for securing OT systems, enabling faster detection, more accurate responses and coordinated action across IT and OT teams.

Sen. Mark Warner Says Talk of Oracle's Involvement Worrisome Due to Recent Breaches
Speculation about software giant Oracle being a top contender to take over social media platform TikTok from China-based ByteDance is especially concerning considering Oracle's two recent data breaches, said the co-chair of the Senate Intelligence Committee in a letter to the Trump administration.

Microsoft Reportedly Alerted Office of the Comptroller of the Currency to Breach
For nearly two years, hackers reportedly spied on 150,000 "highly sensitive" emails sent and received by America's banking regulator, the Office of the Comptroller of the Currency. The OCC said it's continuing to probe the "major information security incident."

University of Maryland Medical Center Said FBI Is Also Investigating Case
An academic medical center is facing a class action lawsuit alleging one of its pharmacists installed keylogging software on 400 computers over a decade to spy on the personal lives and intimate moments of coworkers. The pharmacist is also facing a criminal investigation, the hospital said.

Espionage Campaign Mainly Targeted European Organizations
A Russian nation-state threat actor exploited "lesser known" features of Microsoft Windows remote desktop protocol to target European organizations for espionage. Hackers used RDP to deploy a malicious application and access data from victims.

AI Leaders Call for Proactive US Response Amid Chinese Technology Breakthroughs
The United States risks losing the so-called "AI Cold War" against China unless it abandons traditional containment strategies and adapts to Beijing's advances, panelists told lawmakers Tuesday. "I'm as stunned as all of you about just how fast China has caught up," said Adam Thierer.

Zero Trust Network Access Firm Plans to Enhance Platform and Grow Revenue Faster
Tailscale has landed $160 million in Series C funding to scale its platform and meet growing demand from AI and enterprise firms. The networking company will invest in engineering to support multi-cloud and identity-based networking features.

How CIOs and CISOs Can Navigate With Balance
Tariff wars may hit technology leaders hard in 2025 as the Trump administration's 10% import tax, plus reciprocal tariffs, spikes costs. CIOs and CISOs face supply chain disruption and heightened cyber risks. But they can adapt with cloud shifts, smart deals and better advocacy.

Rising Attacks Mask Lowering Profits, Attention Economy Competition
Ransomware groups' collective power to command victims' attention and compel extortion is waning, notwithstanding the disruption and chaos that continues to be their hallmark. The criminal underground powering ransomware is a world in flux where old, established groups are giving way to new brands.

Gartner's Pete Redshaw on Why the CISO or CRO Should Take the Lead
Cybersecurity, IAM, fraud and compliance will converge across financial institutions in the next five to six years. This transformation will follow a phased path, beginning with data integration, followed by tool alignment and eventually team restructuring.

Hoxhunt Predicts Phishing-as-a-Service Will Adopt AI Spear Phishing Agents
AI surpassed human red teams in crafting phishing attacks, at scale and with alarming success, asserts research from cybersecurity training firm Hoxhunt. The company's proprietary AI spear phishing agent, outperformed human counterparts by 24%, a turnaround from a31% deficit in 2023.

Analysts Praise FedRAMP's Speed Goals, but Worry About Unclear Execution Details
The General Services Administration is aiming to speed up cloud approvals by automating security assessments for FedRAMP, but experts tell Information Security Media Group that key questions remain on its execution, with concerns over vague directives and the impact on existing processes.