DataBreachToday.com

Fortinet's Vincent Hwang on Addressing Security, Compliance Gaps
According to Fortinet's 2025 State of Cloud Security Report, 76% of organizations have a shortage of cloud security expertise, compounding cloud adoption and security challenges. How should organizations address the skills gap? Vincent Hwang of Fortinet shares analysis and advice.

Exploring New Ways to Deliver and Measure Cybersecurity Awareness Programs
Regulations such as GDPR, HIPAA and CMMC have made security awareness training a staple of corporate security programs. But compliance is only part of the story. Organizations face an even deeper challenge: influencing employee behavior in ways that create a truly secure workplace.

7 Texas Health and Human Services Workers Fired in Incident Affecting 61,000 people
Authorities in Texas are investigating an insider incident at the Texas Health and Human Services Commission that led to the firing of seven employees, an investigation into hundreds of thousands of dollars in stolen funds and notification of a breach of personal information affecting 61,000 people.

HHS' Privacy Rule Update Limits Use, Disclosure of Reproductive Health PHI
A Biden administration HIPAA Privacy Rule, which went into effect last June to restrict the disclosure of reproductive health information, is being challenged in federal court by the attorneys general of 15 states. The AGs are asking a Tennessee federal court to overturn the rule.

House Committee on Homeland Security Mulls Response to Volt Typhoon, Future of CISA
The United States needs to respond more aggressively to nation-state hacking, members of Congress heard Wednesday against a backdrop of changes - actual and planned - at the primary federal civilian cyber defense agency. "We need to call them out for this," said Rep. Michael McCaul, R-Texas.

Rao Replaces Bryan Palma, Who Combined McAfee Enterprise, FireEye to Form Trellix
Symphony Technology Group tapped Vishal Rao to take over as CEO of Trellix while continuing to serve as chief executive of sister company Skyhigh Security. The San Jose, California-based security vendor tasked longtime Cloudera and Splunk leader Rao with accelerating Trellix's market share.

President Fulfills Campaign Promise to Pardon Ross Ulbricht, Blames DOJ Abuse
On his second day in office, U.S. President Donald Trump pardoned Ross Ulbricht, founder of Silk Road, an online marketplace tied to over $200 million in illegal bitcoin transactions. Ulbricht has been in federal prison since 2015, sentenced to life with no possibility of parole.

Murdoc Botnet Uses Over 100 Distinct C2 Servers to Manage Infected Devices
A new variant of the Mirai malware is exploiting vulnerabilities in cameras and routers to infiltrate devices, download payloads and integrate them into an expanding botnet. Qualys tracked over 1,300 active internet protocol addresses linked to the Murdoc Botnet since its emergence in July 2024.

'Humphrey' Set to Help Civil Servants Streamline Work Across Whitehall
The British government on Tuesday launched artificial intelligence-powered tools intended to help civil servants offer improved public service in a first step toward implementing a plan meant to transform the United Kingdom into a world AI leader.

Initiative Aims to Bolster Security of EU Member Hospitals, Healthcare Providers
The European Commission has a new action plan to strengthen cybersecurity of hospitals and other healthcare providers in the European Union amid rising cyberthreats and attacks. The plan includes a cybersecurity support center to offer guidance and other resources to the EU's health sector.

Series B Funding Round to Drive European Expansion, R&D and Automated Remediation
Mitiga, a cloud security firm, has secured $30M in Series B funding to expand its solutions for detecting and responding to threats in public cloud and SaaS environments. Funds will support European market entry and R&D into automated remediation tools, boosting security operations globally.

Trump Has Pledged to 'Support AI Development' but not yet Shared Specifics
President Donald Trump on the first day of his second term fulfilled a campaign promise to rescind a 2023 Biden executive order designed to curb the risk posed by artificial intelligence models to consumers and national security. The Trump administration has not yet previewed any replacement.

Creating 'Schedule F' Is a Stated Trump Priority
Newly sworn in President Donald Trump's plan to revive policy from his first term that eases the firing of federal employees could disrupt workforce stability, with federal unions and experts warning that weakening federal civil service protections could weaken national security.

In First Pure-Play Cybersecurity IPO Filing Since '21, SailPoint Talks Channel Ties
SailPoint became the first pure-play cybersecurity company to pursue an initial public offering since 2021, revealing increased sales, improved losses and a heavy reliance on channel partners. Some 80% of its new customer transactions involved technology partners, system integrators, VARs or MSPs.

Researchers Uncover Three Vulnerabilities, Urge Firmware Update
Attackers could chain critical vulnerabilities in industrial network switches to gain remote control to compromise automation systems, IoT devices and surveillance networks. Claroty's Team82 uncovered three flaws in WGS-804HPT switches manufactured by Planet Technology.

Elizabeth Warren Letter Probes Kennedy on His Plans if Confirmed as HHS Secretary
Senate confirmation hearings have not yet been set for President Donald Trump's pick to lead the U.S. Department of Health and Human Services. But that hasn't stopped at least one lawmaker from already firing off an extensive list of questions to Robert F. Kennedy Jr., including about HIPAA.

Hackers Using Valid Customer Credentials to Re-Encrypt S3 Objects
Amazon is urging its customers to deploy additional security measures to secure S3 buckets following reports of ransomware attacks targeting the platform. The company said mitigations prevented "a high percentage of attempts from succeeding."