DataBreachToday.com

Russian, Iranian and Chinese APTs Among Most Active Ransomware Collaborators
Security researchers are increasingly finding it challenging to attribute cyberattacks due to surging cooperation between nation-state hackers and ransomware groups, especially for espionage purposes. They say it reflects the blurring of the lines between state-directed and criminal activities.

Cuts Hit Duplicative Roles, Positions Rooted in Secureworks Being a Public Company
Sophos laid off 6% of its staff just days after closing its $859 million acquisition of Secureworks. The job cuts will streamline duplicative roles following the Feb. 3 close of the Secureworks deal as well as reduce positions that are no longer needed since Secureworks delisted as a public company.

Could CISA's Uncertain Future Embolden Nation-State Attackers?
As the future of the Cybersecurity and Infrastructure Security Agency becomes increasingly uncertain in the wake of a massive federal overhaul, experts warn that key U.S. infrastructure sectors, including energy, financial services and election infrastructure, are at a heightened risk of cyberattacks and cyberespionage.

Astaroth Kit Offered for $2,000 on Telegram, Intercepts Authentication in Real Time
A new phishing kit called Astaroth bypasses two-factor authentication through session hijacking and real-time credential interception from services like Gmail, Yahoo, AOL and Microsoft 365. Acting as a man-in-the-middle, it captures login credentials, tokens and session cookies in real time.

Telecoms Still Falling to Chinese Nation-State Hacking Group, Researchers Warn
A Chinese cyber espionage group tracked as Salt Typhoon and tied to the mass hacking of telecommunications networks in the U.S. and dozens of other countries has been continuing to seek and hack unpatched equipment, including exploiting two long-patched vulnerabilities in Cisco gear.

Apply These Proven Methodologies to Assess, Prioritize and Act Quickly in a Crisis
Cybersecurity professionals frequently deal with multiple issues - all demanding immediate attention. How can you demonstrate the ability to make sound decisions to advance your career? Decision-making in high-stakes environments demands clear methodologies that promote both efficiency and accuracy.

Executive Order Gives Musk Team Hiring Authority Across Federal Government
President Donald Trump's latest executive order grants hiring authority across the federal government to his billionaire adviser Elon Musk's task force, raising concerns that the move could undermine federal cybersecurity efforts, weaken U.S. cyber defenses and leave key security positions unfilled.

Breach of GoAnywhere File Transfer App at Brightline Affected 1 Million Patients
Virtual mental health provider Brightline has agreed to pay $7 million to settle a proposed class action lawsuit involving a data breach affecting about 1 million individuals stemming from the 2023 hack by ransomware gang Clop on software vendor Fortra's GoAnywhere managed file transfer application.

Chinese State-Sponsored Cyber Group Deploying Fileless Malware to Persist
Chinese state-sponsored cyber group APT40 intensified its attacks on government and critical infrastructure networks in the Pacific region by deploying fileless malware and modified commodity malware, prompting Samoa's cybersecurity agency to issue an urgent advisory.

Cybersecurity Officials Launch Major Push for Zero Trust, Secure-By-Design Approach
The Australian Signals Directorate's Australian Cyber Security Center released guidance on proactive cyber defense strategies to help organizations build a modern, defensible network architecture that's resilient to cyberattacks and designed to help minimize impact on critical systems and assets.

US, UK and Australia Target Zservers for Supporting LockBit, Other Cybercrime Groups
A Russian bulletproof hosting service used by cybercriminals including the LockBit ransomware group has been sanctioned by Australian, British and American agencies. Zservers has been advertised in criminal forums as an aid to avoid law enforcement investigations and takedowns.

Chapter 11 Looms as Eric Gan Seeks Custodian and Liberty, SoftBank Block Financing
Cybereason faces a crisis as a boardroom deadlock halts financing efforts. CEO Eric Gan and his family firm seek a custodian to halt the impasse, alleging SoftBank and Liberty Strategic Capital are prioritizing control over the company’s financial stability. Without urgent funding, bankruptcy looms.

New CEO Emphasizes Cryptographic Agility, Aims to Simplify Post-Quantum Migration
Rebecca Krauthamer steps into the CEO role at QuSecure, leading the company’s efforts in post-quantum cryptography. With fresh funding from Two Bear Capital and Accenture, she focuses on cryptographic agility to help organizations transition to quantum-safe encryption and thwart AI-driven threats.

WEF's Akshay Joshi on How Global Instability Is Affecting Cyber Resilience
Nearly 60% of all organizations reported prevailing geopolitical instability has had an impact on their cybersecurity strategies, said Akshay Joshi, head of the Center for Cybersecurity at the World Economic Forum.

Russia, China, Iran and North Korea Tapping Cybercrime Services, Google Says
The cybercrime-as-a-service economy continues to power ransomware and other criminal enterprises, as well as serve as "an accelerant for state-sponsored hacking," collectively posing an increasing risk to Western national security, cybersecurity researchers warn.

Researcher Jason Sinchak on Recent Cyber Warnings About Contec CMS8000 Devices
A hidden reverse backdoor in low-cost patient vital sign monitors used globally is hardcoded with an IP address connecting to a Chinese government-funded education and research network, which poses both privacy and potential safety concerns, said security researcher Jason Sinchak of ELTON.

Europe Must View AI With 'Optimism Rather Than Trepidation,' He Tells Paris Crowd
Europe must view developments in artificial intelligence with optimism, rather than trepidation, U.S. Vice President JD Vance told EU leaders during the AI Action Summit. He said the EU's tendency to overregulate technology is costing American businesses billions of dollars.

Workflow Automation Leader Reaches $1.125B Unicorn Valuation, Eyes AI-Driven Growth
Security automation firm Tines has secured $125 million in Series C funding, pushing its valuation to $1.125 billion. CEO Eoin Hinchy says the company will invest in AI, expand beyond security into IT and infrastructure, and enhance agentic AI capabilities to drive mission-critical automation.