CampusCoin Student Feed Aggregator

+ White House Moves to Restrict AI Chip Exports—New Export Rules Limit AI Chip Access Globally, Sparking Industry Criticism U.S. export controls slated for publication Monday aim to block foreign a...

+ Chainalysis Expands Fraud Detection With Alterya Acquisition—Alterya's AI-Powered Data Will Combat Scams Across Traditional Financial Ecosystems Alterya's AI agents now power Chainalysis' fraud prevention, inte...

+ Report: Chinese Hackers Breached CFIUS—Cyberespionage Campaign Reached Treasury Office that Reviews Foreign Investment Chinese hackers reportedly breached a U.S. government office responsi...

+ ISMG Editors: The Coming Battle Over Chinese Cyberthreats—Also: Cybersecurity Tech Leader Amit Yoran’s Life, Leadership and Legacy In this week's update, ISMG editors discussed the escalating geopolitical cy...

+ Last-Minute Biden Rules on AI Chips Hits Industry Resistance—Nvidia, Semiconductor Trade Group Push Back Against Reported Chip Restrictions The White House’s reported final push to impose tighter restrictions o...

+ Biden Administration Releases 'AI Strategic Plan' for HHS—Days Are Dwindling, But Biden White House Unveils New AI Roadmap for HHS With 10 days left in office, the Biden administration released an artificial...

+ Live Webinar | 10 Strategies to Tackle Alert Fatigue with Smarter SOC

+ The Future of CISA in Healthcare in the New Administration—Many important efforts by the Cybersecurity Infrastructure and Security Agency to help the healthcare sector and other critical infrastructure sectors...

+ PowerSchool's Breach Fallacy: Paying Criminals for Promises—Cybercrime History Teaches That Paying a Ransom for Data Deletion Is Foolish Data breach victim PowerSchool, maker of a widely used K-12 student info...

+ Final Biden Cybersecurity Order Will Face Political Hurdles—Officials Worry Trump's Cybersecurity Agenda Could Scrap Biden's Final Cyber Orders An executive order set to be published by the Biden administratio...

+ Darktrace Acquires Cado Security as AI Meets Cloud Forensics—Cado Security Deal Brings Enhanced Forensics, Automation, and AI-Powered Analytics By acquiring Cado Security, Darktrace strengthens its ability to s...

+ Florida Firm Fined $337K by Feds for Data Deleted in Hack—Behavioral Health Company Lost Electronic PHI for Nearly 3,000 Patients in Breach A Florida-based behavioral health holding company has paid federal ...

+ Breach Roundup: Finland Detains Tanker Tied to Cable Sabotage—Also, Alleged Gravy Analytics Breach Exposes Location Data This week, a Russian tanker linked to cable sabotage detained in Finland, a claimed Gravy ...

+ Live Webinar | The Perfect Target: How Cybercriminals Use AI to Create Advanced Phishing Attacks

+ Live Webinar | AI in the Spotlight: Exploring the Future of AppSec Evolution

+ Live Webinar | Enhancing SecOps Efficiency: How to Bridge IT and OT Threat Detection & Response Against Threats like VOLTZITE

+ High-Paying Security Career: Choosing a Path, Getting There—Know the Challenges and Opportunities of Working as a CISO, Architect or Pen Tester Cybersecurity jobs typically pay well and they can be personally ...

+ Meta's Fact-Checking Pullback Could Help Scammers Thrive—Facebook Unveils Community Notes Program But Has Done Little to Curb Fraud Meta has decided to end its fact-checking program. Meta CEO Mark Zuckerber...

+ Abandoned Backdoors: How Malicious Infrastructure Lives On—Studying Backdoors in Web Shells, Researchers Find 4,000 Infected Systems How many servers are infected by web shells designed to give attackers remo...

+ 1Password Acquires Trelica to Boost SaaS Access Management—Unified Extended Access Management Platform Gains Key Integrations and Workflows The addition of Trelica allows 1Password to accelerate its extended ...

+ Report: Flaws in Illumina DNA Sequencer Devices Allows Hacks—Eclypsium Report Describes BIOS/UEFI Issues in Illumina iSeq 100 Firmware Certain vulnerabilities in device maker Illumina's iSeq 100 DNA gene sequen...

+ CISA Investigates Chinese Hacking of Treasury Department—US Cyber Defense Agency Confirms Role in Federal Probe Following 'Major Incident' The Cybersecurity and Infrastructure Security Agency is working clo...

+ Staten Island Hospital Notifying 674,000 of May 2023 Hack—Data Theft Incident Also Disrupted IT Systems for Nearly a Month Richmond University Medical Center, a 440-bed teaching hospital on Staten Island, N....

+ Live Webinar | Reducing Risk and Manual Effort in Identity Security Through AI

+ Longtime Tenable CEO, NetWitness Head Amit Yoran Dies at 54—Yoran's Passing Comes 10 Months After Cancer Diagnosis, 1 Month After Taking Leave Amit Yoran - a West Point graduate who founded NetWitness, sold th...

+ Apple Settles 'Hey Siri' Lawsuit for $95 Million—Plaintiffs Sued After Report that Apple Eavesdropped on Intimate Moments Apple agreed to pay $95 million to settle a lawsuit accusing the smart devic...

+ Japanese Businesses Hit By a Surge In DDoS Attacks—DDoS Attacks Primarily Target Logistics, Government and Financial Entities A spate of distributed denial-of-service attacks during the end-of-year ho...

+ US CISA Issues Final Cyber Rules for Restricted Bulk Data—Cyber Defense Agency Aims to Bolster Protections Against Chinese Intrusion The Cybersecurity and Infrastructure Security Agency is issuing final rule...

+ US Sanctions Beijing Company for Flax Typhoon Hacking—Integrity Technology Group Built Botnet for Chinese Hackers, US Treasury Says The Department of Treasury blacklisted Integrity Technology Group, decl...

+ 36 Chrome Extensions Compromised in Supply Chain Attack—Developers Listed as Public Contact Points Targeted in Phishing Campaign A supply chain attack that subverted legitimate Google Chrome browser extens...

+ US CFPB Needs to Look Beyond Zelle to Curb Scams—Ken Palla on Lessons From U.K and Australia to Reduce Fraud and Scams The U.S. Consumer Financial Protection Bureau's decision to file a lawsuit agai...

+ Ex-Terraform CEO Extradited to US Over Crypto Fraud Charges—Do Hyeong Kwon Extradited to US for Allegedly Defrauding Investors Out of Billions Do Hyeong Kwon, former CEO of Terraform Labs, appeared in a Manhat...

+ OnDemand: Securing Data Growth in the Cloud Era: Strategies for Cyber Resilience

+ A Mixed Bag for Cybersecurity Stocks in 2024 as Paths Differ—Data Protection, Firewall Stocks Surge as Vulnerability Management Stocks Struggle Fortunes diverged for publicly-traded cybersecurity companies in 2...

+ Finland Suspects Eight in Deep-Sea Cable Sabotage Incident—Suspect Crew Members of the Eagle S Cannot Leave the Ship Finnish police say they've identified as suspects eight crew members of an oil tanker linke...

+ Breach Roundup: MetLife Denies RansomHub Cyberattack Claims—Also: German Prosecutors Charge Three Alleged Russian Saboteurs This week, MetLife denied a RansomHub cyberattack claim, RI Health System cyberattack...

+ Cryptohack Roundup: Cambodia's New Crypto Directive—Animoca Brands Co-Founder's Social Media Hacked This week, Cambodia introducing new crypto directive, a hacker compromising Animoca Brands co-founder...

+ Patched BitLocker Flaw Still Susceptible to Hack—Researcher Demonstrates Bitpixie Attack Tactics to Extract Encryption Key A previously patched flaw in Windows BitLocker disk encryption feature is s...

+ Under Attack: Preventing Phishing and Ransomware Disasters | Live Webinar

+ Microsoft 2024 Review: Data Integrity, Security, and ESG Reporting in Focus | Live Webinar

+ What's Ahead for Healthcare Cyber Regs, Legislation in 2025?—The first 100 days of the next Trump administration and new Congress will be critical in showing signs of what's potentially in store for the healthca...

+ Addressing Gen AI Privacy, Security Governance in Healthcare—As healthcare entities embrace generative AI tools, it's critical they take a holistic approach addressing privacy and security governance, said Dave ...

+ New Year, New You: Making the Cybersecurity Pivot—Step-by-Step Guide to Rebranding Your Cybersecurity Career With Transferable Skills The start of a new year presents a perfect opportunity to reinven...

+ Chinese Hackers Breach US Treasury in 'Major Incident'—Treasury Tells Lawmakers Chinese Threat Actor Remotely Breached Agency Workstations The U.S. Treasury Department notified lawmakers Friday that the a...

+ Palo Alto Firewalls Backdoored by Suspected Chinese Hackers—Hackers Targeted a PAN-OS Flaw Days After Its Disclosure A suspected Chinese hacking campaign that began in November is exploiting a vulnerability in...

+ A Year of AI Pragmatism and Paradigm Shifts—2025 Is Likely to See Balanced Approach to AI Across Industries The AI landscape is set to transform in 2025 with pragmatic approaches to implementat...

+ Four-Faith Routers Exploited Using New Flaw—Attackers Exploiting OS Command Injection Vulnerability Hackers are exploiting a high-severity command injection vulnerability in Chinese-manufacture...

+ Protecting Highly Sensitive Health Data for Research—Fully homomorphic encryption can safeguard highly sensitive health data related to rare diseases, underserved populations and clinical trials as it is...

+ White House Clears HIPAA Security Rule Update—HHS Proposes Encryption, Security Standards for Healthcare Firms The U.S. Department of Health and Human Services is proposing new rules for healthca...

+ US Finalizes Rule Throttling Bulk Data Sales to China—Rule Aims to Stymie Weaponization of Americans' Data The U.S. federal government finalized Friday regulations throttling the bulk commercial transfer...

+ Feds Identify Ninth Telecom Victim in Salt Typhoon Hack—Officials Say Chinese Hackers Maintained 'Broad and Full' Access to Telecom Systems Federal officials told reporters Friday that ongoing investigatio...

+ Ransomware Group Hits Substance Abuse Treatment Service—American Addiction Centers Says 422,424 Individuals' Private Details Exposed Substance abuse treatment company American Addiction Centers is warning ...

+ Live Webinar | North Korea's Secret IT Army and How to Combat It

+ Wanted: An Incident Repository For Healthcare Nonprofits—Cyber incident details involving non-profit and non-government entities across sectors such as healthcare are not centrally reported and collected, cr...

+ Finland Boards Tanker Suspected of Rupturing Undersea Cables—The 'Eagle S' Forms Part of Sanctions-Busting Russian Shadow Fleet, Says EU Finnish police boarded Thursday an oil tanker suspected of rupturing tele...

+ US Congress Authorizes $3B to Replace Chinese Telecom Gear—Federal 'Rip-and-Replace' Program Gets Funding Boost in Defense Bill The 2025 National Defense Authorization Act includes $3 billion to fund an FCC p...

+ Year In Review: Australia Expands Cyber Regulation—2024 Marked the Government's Increasing Role Mandating Cybersecurity Australia announced a flurry of cybersecurity legislation and regulations in 202...

+ Cryptohack Roundup: FBI Fingers TraderTraitor for $308M Hack—Also: Bitfinex Hacker Lichtenstein's Social Media Post From Prison This week's stories include updates on hackers in the DMM Bitcoin and Bitfnex case...

+ Contingency Planning for Attacks on Critical Third Parties—One of the most important lessons emerging in 2024 for the healthcare sector is that entities should diligently prepare contingency plans for potentia...

+ Demystifying Cyber Resilience: Building a Robust Defense—InfoSec Officer Shervin Evans on Preparing Organizations to Withstand Cyberthreats Cyber resilience takes a broader approach, emphasizing the ability...

+ Cybersecurity Resolutions: Skill Sets to Prioritize in 2025—Key Focus Areas for Cybersecurity Professionals in 2025 As we enter 2025, the cybersecurity landscape demands more than just maintaining the status q...

+ Unpacking OpenAI's Latest Approach to Make AI Safer—New Framework in o3 Models Aims to Better Align With Human Safety Values OpenAI says its latest o3 series is the most advanced and safest of its "rea...

+ Online Extortion Gang Clop Threatens Cleo Hacking Victims—Cybercriminals Say They Hacked 66 Companies The Clop cybercriminal group is threatening to make public the companies swept up by its mass hacking of ...

+ Why Cloud Identity Attacks Outpace On-Premises Risks—Blackpoint Cyber CEO Jon Murchison on MSP Cloud Identity Risks With a 30-to-1 ratio of cloud to on-premises attacks, Blackpoint Cyber CEO Jon Murchis...

+ How Will Health Data Privacy, Cyber Regs Shape Up in 2025?—Washington and Nevada were among states enacting new data privacy laws in 2024, and that trend among states will likely continue into 2025 as the next...

+ US Considers TP-Link Ban After Volt Typhoon Hacking Campaign—Major Chinese Router Manufacturer Facing Increased Scrutiny After Chinese Espionage U.S. authorities have launched multiple investigations while repo...

+ Why Hackers Love Weekend and Holiday Attacks—About 75% of healthcare sector entities that suffered a ransomware attack over the past year were targeted on a weekend or holiday, highlighting the n...

+ Models Can Strategically Lie, Finds Anthropic Study—AI Can Fake Alignment to New Instructions to Avoid Retraining Advanced artificial intelligence models can feign alignment with new training goals whi...

+ Turmoil Besets Phishing-as-a-Service Toolkit Rockstar 2FA—Infrastructure Problems Blamed; Users Appear to Move to Similar FlowerStorm Service As the end of the year approaches, it's out with the old and in w...

+ Why Hackers Love Weekend and Holiday Attacks (Jeff Wichman)—About 75% of healthcare sector entities that suffered a ransomware attack over the past year were targeted on a weekend or holiday, highlighting the n...

+ North Korean Hackers Tied to $1.3B in Stolen Crypto in 2024—Researchers Trace 61% of Known Losses This Year to Pyongyang-Backed Hackers Hackers tied to North Korea's cash-strapped totalitarian dictatorship thi...

+ Companies Race to Use AI Security Against AI-Driven Threats—Palo Alto Networks' Meerah Rajavel on Securing Enterprises With 'Precision AI' Security teams struggle to manage overwhelming data streams from detec...

+ Alleged LockBit Coder Faces 41-Count Indictment in US—US Seeks Extradition of Dual Russian and Israeli Citizen Rostislav Panev from Israel A newly unsealed U.S. federal indictment against Rostislav Panev...

+ Editors' Panel: Cybersecurity 2024 - Thanks for the Memories—Looking Back on the Ransomware Attacks, Resilience Lessons and Tech Trends In the latest weekly update, ISMG editors discussed defining cybersecurity...

+ Federal Cyber Operations Would Downgrade Under Shutdown—Government Shutdown Could See Thousands of Federal Cyber Workers Furloughed A looming shutdown could sharply reduce the Cybersecurity and Infrastruct...

+ Siemens Warns of a Critical Vulnerability in UMC—Heap Overflow Flaw Threatens Industrial Control Systems Globally Siemens issued a security advisory for a vulnerability affecting industrial control ...

+ Managed XDR, AI and SMB Defense: Barracuda CEO Shares Vision—Barracuda CEO Hatem Naguib Shares Strategies for Email Protection, Managed Services With cyberthreats becoming more sophisticated, Barracuda CEO Hate...

+ Live Webinar | Supercharge Your ServiceNow CMDB with Complete and Real-Time Data

+ How Infoblox Streamlines Operations Across Hybrid Settings—Infoblox CEO Scott Harrell Pushes Unified Strategy Amid Hybrid Cloud Convergence Scott Harrell, CEO of Infoblox, explores the convergence of network ...

+ CISA: 2035 Quantum Encryption Deadline Still Achievable—CISA Says 2035 Quantum Deadline Remains Achievable Despite Recent Breakthroughs The federal government’s 2035 mandate to adopt quantum-resistant encr...

+ Crypto Roundup: LastPass Breach Linked to $5.4M Crypto Theft—Also, CoinLurker Malware Steals Data via Fake Updates Every week, Information Security Media Group rounds up cybersecurity incidents in digital asset...

+ HHS Urges Health Sector to Beef Up OT, IoMT Security—Feds Warn That Connected Devices Are Prey for Cyberattackers The security of medical devices has been getting most of the attention from regulators i...

+ UK ICO Criticizes Google Advertising Policy Update—Data Protection Authority Says Change Isn't Green Light for Device Fingerprinting The U.K. data regulator blasted Google Thursday for a changes to po...

+ Critical Flaws Expose 25,000 SonicWall Devices to Hackers—Many SonicWall Firewalls Are Unsupported or Lack Patches for Known Vulnerabilities Thousands of SonicWall network security devices remain exposed wit...

+ Proposed UK White Hat Legal Shield Fails in House of Lords—Amendment to Computer Misuse Act Fails During Bloc Vote A proposed amendment to British anti-hacking law that would have provided a legal shield to w...

+ Opswat Expands Critical Infrastructure Defense With Fend Buy—Data Diodes Enhance Air-Gapped Network Security, Deliver Advanced Network Isolation Opswat's acquisition of Fend integrates advanced hardware-based s...

+ US CISA Endorses Encrypted Apps Amid Chinese Telecom Hack—CISA Recommends Strict Mobile Security Measures Following Salt Typhoon Telecom Hack The Cybersecurity and Infrastructure Security Agency's latest gui...

+ Key Raccoon Figure Receives 60-Month U.S. Prison Sentence—Ukrainian Mark Sokolovsky Pleaded Guilty in October A Ukrainian national who was a key figure in the Raccoon malware-as-a-service criminal operation ...

+ AI, 5G, and Quantum: Innovation and Cybersecurity Risks—New Book by Cyber Expert Chuck Brooks Covers Innovation, Risk, Privacy Challenges Cybersecurity expert and Georgetown University lecturer Chuck Brook...

+ Vulnerabilities in Azure Data Factory Open Door to Attacks—Azure Data Factory's Apache Airflow Integration Flaw Can Expose Cloud Environments Security researchers say now-resolved vulnerabilities in a Microso...

+ Streamlining Retail IT Operations: Protecting Your Brand While Reducing Costs

+ Live Webinar | Transforming SOCs with Speed, Scaling and Security Innovation

+ Attack Exposure: Unpatched Cleo Managed File-Transfer Software—At Least 1,000 Hosts Still Vulnerable as Ransomware Group Claims Mass Exploits More than 1,000 Cleo managed file-transfer hosts remain internet-expos...

+ Live Webinar | Get Ahead and Stay Ahead of Threats with Tanium and Microsoft

+ Live Webinar | From Risky to Resilient: Proactive Strategies for Program De-Risking and Audit Readiness

+ Australia to Phase Out Weak Encryption Algorithms by 2030—Regulators Say NIST's 2035 Deadline for Insecure Encryption Could Be Too Late Australia has rolled out an ambitious roadmap to prepare for future qua...

+ CISA Orders Secure Cloud Configurations for Federal Agencies—Federal Agencies Tasked with Adopting New Cloud Security Policies Beginning in 2025 The Cybersecurity and Infrastructure Security Agency is requiring...

+ Sonar Expands to Third-Party Code Security with Tidelift Buy—Deal Targets Open Source Library Risks in Software Supply Chain, Boosts DevSecOps The integration of Tidelift into Sonar's ecosystem will enhance sof...

+ Espionage Campaign Targets Turkish Defense Industry—APT Group Uses Sophisticated Attack Chain to Deploy WmRAT and MiyaRAT A suspected South Asian threat actor targeted a Turkish defense organization, ...

+ Webinar | AI-Driven Security: Building a Platform-Based Defense Against Evolving Cyber Threats

+ Ransomware Defender Risk: 'Overconfidence' in Security Tools—CISOs at Organizations That Fell Victim Have a Different Story, 451 Research Finds Are your defenses against ransomware good enough to survive contac...

+ Arctic Wolf to Buy Cylance for $160M to Boost AI-Driven XDR—Deal With BlackBerry Integrates EDR for Hybrid XDR Platform for Midmarket Customers Arctic Wolf is acquiring Cylance from BlackBerry for $160 million...

+ Winnti-Like Glutton Backdoor Targets Cybercriminals—Malware Exploits Cybercrime Ecosystem for Profit Hackers are using a variant of a backdoor that's the hallmark of a Chinese threat actor suspected of...

+ CISA Urges Enhanced Coordination in Incident Response Plan—Draft National Response Plan Offers Flexible Coordination Strategies Across Sectors A draft update to the National Cyber Incident Response Plan aims ...

+ European Union Sanctions Russian Malicious Cyber Actors—Trading Bloc Includes Doppelganger Actors and GRU Unit 29155 in Sanctions List The European Union sanctioned Russian intelligence hackers and two Kre...

+ Thousands Affected by Data Theft Hack of Smallest US State—Brain Cipher Gang Claims Credit for Hit on State of Rhode Island's Vendor Deloitte Potentially hundreds of thousands of Rhode Islanders are affected ...

+ German BSI Disrupts Android Malware Infecting IoT Devices—Around 30,000 German IoT Infected from Backdroored Android Applications The German federal information security agency disrupted a botnet that infect...

+ ISMG Editors: CEO Shooting Sparks AI Accountability Debate—Also: How Leading Cybersecurity Firms are Gearing up for 2025 In the latest weekly update, ISMG editors discussed the shooting death of the UnitedHea...

+ Hackers Steal 17M Patient Records in Attack on 3 Hospitals—IT Outage, Downtime Procedures Affecting Services at California Healthcare Provider Cybercriminals claim they stole 17 million patient records from a...

+ Researchers: Iranian Custom Malware Targets Fuel Systems—An Iranian state hacking group is using custom malware to compromise IoT and OT infrastructure in Israel and the United States. An attack wave from Is...

+ Live Webinar | Active Directory Under Attack: How to Build a Resilient Enterprise

+ Crypto Roundup: Crypto Pros Targeted with Fake Meeting Apps—Also, Australian Fines Kraken AU$8 million Over Breaches This week, scammers targeted crypto workers with fake meeting apps, Australia fined Kraken c...

+ Russia Used Borrowed Spyware to Target Ukrainian Troops—Secret Blizzard Used Third-party Amadey Bots to Hack Ukrainian Military Devices A Russian state-backed hacker group used third-party data-stealing bo...

+ US Indicts 14 North Koreans in IT Scam Funding WMD Programs—DOJ Indicts North Korean IT Workers for Using Remote Jobs to Fund Weapons Programs U.S. federal prosecutors indicted 14 North Koreans for a long-runn...

+ New Malware Framework Targets Cleo File Systems—Possible Long-Term Attack by Unknown Hackers Thwarted Hackers exploiting flaws in Cleo Communications software instances had intimate knowledge of th...

+ Unlocking Compliance: The Role of SBOMs in Modern Software Development

+ Checkmarx CEO: Evolving Supply Chain Threats Demand Action—Checkmarx's Sandeep Johri Details Malicious Code, AI Risks in Application Security As software complexities grow, supply chain security is now essent...

+ Hackers Exploiting Cleo Software Zero-Day—Attackers Target Managed File Transfer Software Vulnerabilities File transfer software made by Cleo Communications is under active attack and a patch...

+ Google Gemini 2.0 Introduced With Advanced AI for Developers—Multimodal Agentic AI Delivers Speed, Tools, and Research Prototypes Google's latest AI model can natively process and output text, images and audio ...

+ Ransomware Hackers Exploiting Cleo Software Zero-Day—Attackers Target Managed File Transfer Software Vulnerabilities File transfer software made by Cleo Communications is under active attack and a patch...

+ AI Meets Fraud Prevention in LexisNexis-IDVerse Acquisition—LexisNexis Combines AI-Driven Document Authentication With Its Fraud Solutions To counter AI-driven fraud, LexisNexis acquired IDVerse, a London-base...

+ Clearinghouse Pays $250K Settlement in Web Exposure Breach—Inmediata Health Group Has Paid $2.7M in Fines, Civil Claims for 2019 HIPAA Breach A breach that exposed the personal information of nearly 1.6 milli...

+ Chinese APT Groups Targets European IT Companies—Evidence Mounts for Chinese Hacking 'Quartermaster' A probable Chinese nation-state threat actor compromised Visual Studio Code and Microsoft Azure c...

+ Live Webinar | Exposing the Truth: How Government Agencies are Being Mislead by SASE Capabilities Disinformation

+ Cybersecurity Gadgets to Hack Your Holiday Gift List—Tech and Training Ideas to Help Cyber Professionals Advance Their Skills If you're a cybersecurity professional trying to come up with ideas for your...

+ OpenWrt Update Flaw Exposed Devices to Malicious Firmware—Embedded Device Operating Sytem Had Flaw Allowing Hacers to Bypass Integrity Check A critical flaw in the updating service of a popular Linux operati...

+ US Indicts, Sanctions Alleged Chinese Sophos Firewall Hacker—Tianfeng Guan Allegedly Developed Zero-Day Exploit of Sophos XG Firewall The U.S. federal government rolled out its heavy guns Tuesday against a Chin...

+ Satya Nadella's Vision for Microsoft: AI, AI and AI—Copilot Enhancements and Other Key Announcements From Microsoft Ignite 2024 Advanced AI took the center stage at Microsoft Ignite 2024. Reflecting on...

+ Moody's: Hackers Aim for Big Payouts, Supply Chain Attacks—Big Game Hunting Will Intensify in 2025, Says Credit Rating Agency Improved cybersecurity will result in ransomware hackers targeting larger organiza...

+ Rhode Island Schools Deploy DNS Service to Tackle Ransomware—Rhode Island Becomes First State to Shield Students from Cyber Risks with New Tool Rhode Island will become the first state in the nation to launch a...

+ FDA Urges Blood Suppliers to Beef Up Cyber—Bulletin Comes In Wake of Recent Attacks Disrupting Blood Collection, Supplies The Food and Drug Administration is urging blood suppliers - a recent ...

+ Shaping the Future: How Gen AI Is Transforming 3D Design—Autodesk and AWS Are Driving the Next Generation of AI-Powered Design Innovation At AWS re:Invent 2024, Autodesk unveiled its innovative vision for g...

+ Are We Winning Against Cybercriminals or Losing?—InfoSec Officer Shervin Evans on the State of Cyberdefense, Meeting the Challenges Cybercriminals are launching relentless attacks. The potential for...

+ Previewing Black Hat Europe 2024 in London: 20 Hot Sessions—From Automotive Exploits and Bootloader Bugs to Cybercrime and 'LLMbotomy' Trojans Black Hat Europe returns to London with more than 45 keynotes and ...

+ Live Webinar | The New Data Landscape: Navigating the Shift to AI-Ready Data

+ Spyware Campaign Targets Sino Minority Groups Via WeChat—Possible Chinese State-Sponsored Exploit Kit Using Browser Flaws to Deploy Spyware A possible Chinese state threat group is targeting vulnerabilities...

+ Spyware Campaign Targets Sino Minority Groups via WeChat—Possible Chinese-state sponsored Exploit Kit Using Browser Flaws to Deploy Spyware A possible Chinese-state threat group is targeting vulnerabilities...

+ Insider Breach, Email Attacks Net $1.7M in HIPAA Fines—Incidents at Pain Management Firm, Pediatric Hospital Affect 50,000 People An insider breach at a Florida pain management firm and an email breach at...

+ Trump's AI, Crypto Czar David Sacks Faces Conflict Scrutiny—David Sacks Appointed as Trump's AI and Crypto Czar Amid Growing Industry Concerns President-elect Donald Trump's appointment of former PayPal execut...

+ Dutch Counter-Ransomware Initiative Led to Global Takedowns—Project Mellissa Contributed Toward Disruptive Actions A Dutch public and private sector anti-ransomware initiative has contributed to ransomware dis...

+ Protecting the C-Suite in the Wake of UHC CEO's Murder—The torrents of public hostility directed at health insurers in the aftermath of UnitedHealthCare CEO Brian Thompson's murder are serious signs of int...

+ Here's Where Top Cybersecurity Vendors Stand as 2025 Nears—Palo Alto, CrowdStrike, Zscaler Eye Firewall, SIEM Replacement, Incident Recovery Three of the world's largest pure-play cybersecurity vendors recent...

+ Weaponized AI: Hot for Fraud, Not for Election Interference—FBI Sees Rising AI-Enabled Fraud; Meta Reports Scant Election Interference Use Artificial intelligence: What's it good for? Per the old song about wa...

+ Cryptohack Roundup: Solana npm Package Attack Risks Wallets—Also, Man Who Stole $3.5M of Cloud Computing to Mine $1M in Crypto Pleads Guilty This week, Solana npm package attack, a Brazilian banking giant ente...

+ CEO's Murder Sparks Outcry Over UHC's Coverage Denials—Shell Casing Inscription 'Deny' Points to Potential Motive in CEO's Killing Law enforcement investigating murder of Brian Thompson, CEO of UnitedHeal...

+ Veeam Closes $2B Offering to Boost Data Resilience, Eyes IPO—CEO Anand Eswaran Talks Investors, Innovation and Data Resilience Leadership CEO Anand Eswaran explains how Veeam's $2 billion secondary offering str...

+ Russian Forces Accused of Secretly Planting Spyware on Phone—Russian Activist for Ukraine Claims Spyware Was Installed While in Custody by FSB A Russian activist says security forces covertly installed spyware ...

+ Webinar | The State of Observability in Financial Services

+ How to Take the Complexity Out of Cybersecurity—It goes without saying: Business ecosystems are increasingly complex, and so are the cybersecurity systems and strategies deployed to protect them. Bu...

+ Russian Money Laundering Services Busted in UK-Led Operation—French Police Reportedly Detain Accused Ryuk Money Launder Ekaterina Zhdanova An international investigation led by the United Kingdom busted Russian...

+ Experts Warn DHS Surveillance Tech Lacks Privacy Protections—Privacy Advocates Warn of Risks from Expanding DHS Use of AI and Facial Recognition The U.S. Department of Homeland Security is reportedly expanding ...

+ US FTC Cracks Down Geolocation Data Brokers—Gravy Analytics and Mobilewalla Ordered to Implement Stronger Consent Measures Two data brokers pledged to stop using geolocation data gleaned from s...

+ Police Shutter Largest German-Speaking Criminal Marketplace—Crimenetwork Served as a Platform for Illegal Goods and Services German police arrested the suspected administrator of the largest German-speaking un...

+ Live Webinar | Cyber Incident Response: Recovery and Review

+ OnDemand | How to Build Cyber Resilience with Proactive Incident Response Strategies

+ How Hackers Can Manipulate AI to Affect Health App Accuracy—Hackers can potentially use AI to manipulate data that's generated and shared by some health apps, diminishing the data's accuracy and integrity, said...

+ World Wide Work: Landing a Cybersecurity Career Overseas—Tips for Finding and Getting Security Jobs in a Global Market Organizations ranging from multinational corporations to government agencies and intern...

+ AI in Cybersecurity: Insights from Palo Alto Networks Unit 42®—AI is reshaping the fight against digital threats. Learn how attackers are using AI to supercharge malware and social engineering—and how organization...

+ 'Horns&Hooves' Malware Campaign Hits Over 1,000 Victims—Russian Threat Actor Delivers NetSupport RAT, BurnsRAT via Fake Requests A malware campaign targeting Russian retailers and service businesses aims t...

+ Sixgen's Kyrus Acquisition Boosts National Cybersecurity—Buy of Washington D.C.-Area Firm Adds Reverse Engineering, Data Analytics Expertise Sixgen will enhance its cybersecurity operations through the purc...

+ 16 Zero-Days Uncovered in Fuji Electric Monitoring Software—Flaws in Fuji's Tellus and V-Server Software Pose Risks to Critical Infrastructure Security researchers have uncovered 16 zero-day vulnerabilities in...

+ European Police Disrupts Matrix Encrypted Service—Platform Used for Drugs, Arms trafficking, and Money Laundering French and Dutch police led the takedown of an encrypted messaging platform used in i...

+ New Section 1033 Push Banks to Provide Customers with “Financial SIM Card”—Authored by: Matt Kunkel, CEO, LogicGate The Consumer Financial Protection Bureau (CFPB) recently finalized a set of rules that would bring a similar...

+ Russia Indicts Ransomware Hacker Wanted by the FBI—Suspected LockBit, Babuk Operator Mikhail Matveev Arrested in Russia A prolific ransomware affiliate hacker and developer is facing criminal charges ...

+ Just Like Windows: Linux Targeted by First-Ever UEFI Bootkit - UPDATED—Linux-Targeting Bootkitty Appears More Proof-of-Concept Than Threat, Researchers Say Cybersecurity researchers have discovered the first-ever UEFI bo...

+ Just Like Windows: Linux Targeted by First-Ever UEFI Bootkit—Linux-Targeting Bootkitty Appears More Proof-of-Concept Than Threat, Researchers Say Cybersecurity researchers have discovered the first-ever UEFI bo...

+ Warning: Patch Advantech Industrial Wireless Access Points—Researchers Discover 20 Critical Flaws Attackers Could Exploit in a Variety of Ways Researchers identified 20 critical vulnerabilities in a type of A...

+ EU Nations That Missed NIS2 Deadline Put On Notice—European Commission Opens Infringement Procedures Against 23 EU Member States The European Commission on Thursday opened infringement procedures agai...

+ Privacy Vendor Market Moves From Point to Platform Solutions—PwC's Anirban Sengupta Details Privacy Landscape, Growing Awareness in India Market The privacy vendor market in India is evolving rapidly, as many v...

+ Overcoming Identity and Access Challenges in Healthcare—Third-party access management poses significant cybersecurity risks in healthcare, but continuous identity management and monitoring can help mitigate...

+ The Growing Quantum Threat to Enterprise Data: What Next?—Key Steps for Navigating the Cybersecurity Transition to Quantum-Safe Cryptography As quantum computing continues to evolve, cybersecurity profession...

+ Just Like Windows: Linux Targeted by First-Ever Bootkit—Linux-Targeting Bootkitty Appears More Proof-of-Concept Than Threat, Researcher Say Cybersecurity researchers have discovered the first-ever bootkit ...

+ Breach Roundup: Microsoft Tries Again With Windows Recall—Also: Africa Busts Cybercrime Suspects; Many Smart Devices Lack Update Transparency This week, Microsoft previews its latest attempt to introduce AI-...

+ Cryptohack Roundup: Judge Strikes Down 'Dealer Rule' Change—Also: Python Library Update Steals Credentials; Drug Cartels Launder With Tether This week's cryptohack roundup includes a U.S. federal judge strikin...

+ Trump's Crypto Plans Raise Alarms Over Conflicts of Interest—President-Elect's Crypto Push Fuels Concerns Over Market Stability and Conflicts President-elect Donald Trump's strong cryptocurrency support amid ma...

+ Webinar | The CISO's Guide to a Strong Security Culture

+ A Hacker’s Take on Automated Threats for Code Chaos

+ Exposed on the Web: Thousands of Devices, Medical Records—Thousands of unique IP addresses are potentially exposing medical devices, electronic medical records systems and other sensitive healthcare informati...

+ When Hackers Meet Tractors: Surprising Roles in IoT Security—How to Find a Career in Industrial IoT - on the Factory Floor or in the Cornfield Cybersecurity once conjured images of IT departments, server rooms ...

+ Protecting AI Competitive Advantage: From Development to Deployment

+ New York Fines Geico, Travelers $11.3M for Data Breaches—Fines Tied to Wave of 2021 Driver's License Number Theft New York state authorities fined auto insurance giant Geico $9.75 million for failing to pro...

+ US National Security Officials Brief Telecom Executives—National Security Officials Share Intelligence on a Cyberespionage Campaign The White House on Friday hosted U.S. telecommunications executives to re...

+ OnDemand | The CISO's Guide to a Strong Security Culture

+ Road Blocks in Sustainability Data Management | Live Webinar

+ ISMG Editors: China-Linked Espionage Targets US Telecoms—Also: Highlights from ISMG's Financial Services Summit and Key Insights on AI Adoption On the 200th episode of the ISMG Editors' Panel, the team disc...

+ Haveli Purchases AppViewX to Strengthen Identity Automation—PE Firm Takes Majority Stake to Drive Certificate Lifecycle Management Innovation Private equity firm Haveli has purchased a majority stake in AppVie...

+ ISMG Editors: China-Linked Espionage Targets U.S. Telecoms—Also: Highlights from ISMG's Financial Services Summit and Key Insights on AI Adoption On the 200th episode of the ISMG Editors' Panel, the team disc...

+ North Korean IT Workers Using Fake Sites to Evade Detection—Researches Find Deep Ties to North Korea Among Fake IT Services Firms Websites North Korean state actors are using fake websites of foreign technolog...

+ US Cyber Force Surges Global Operations Amid Rising Threats—US Cyber Command Says National Mission Force was Deployed Over 85 Times in 2024 A secretive U.S. military unit has surged its support to partner nati...

+ Annual Report to Congress on Breaches of Unsecured Protected Health Information—The Department of Health and Human Services' Office for Civil Rights provided a report to Congress on health information breaches from September 2009 ...

+ FFIEC Final Authentication Guidance—The Final FFIEC Guidance has been issued and its main intent is to reinforce the 2005 Guidance's risk management framework and update the Agencies' ex...

+ Accounting of Disclosures Under the HITECH Act—A notice of proposed rulemaking from the HHS Office for Civil Rights that would modify the HIPAA Privacy Rule standard for accounting of disclosures o...

+ ENISA: Software vulnerability prevention initiatives—The European Network and Information Security Agency, ENISA, has compiled a list of existing initiatives focused on finding and preventing software vu...

+ AI-nt Nothing Gonna Break My Defense: Securing Against Automated Attacks

+ Live Webinar | How to Build Cyber Resilience with Proactive Incident Response Strategies

+ Navigating the Unstructured Data Maze: Your Journey Starts Here

+ Live Webinar | Phishing Lessons Learned: Candid Conversation with NCA and CISOs

+ Why Shoring Up Cyber at Rural and Small Hospitals Is Urgent—When a large hospital in an urban area is shut down by ransomware, the disruption can be significant, but when a rural hospital faces a similar cyber ...

+ Unforeseen Risks to Medical Devices in Ransomware Attacks—While ransomware attacks against medical devices don't happen often, disruptive cyber incidents that affect the availability of the IT systems that me...

+ Identity Security: How to Reduce Cyber Risk in Manufacturing—Manufacturing enterprises have more identities than ever to manage - human and non - and face more attacks upon these identities. Manual lifecycle man...

+ Study: 92% of Healthcare Firms Hit by Cyberattacks This Year—Healthcare organizations should rethink some of their approach to security, enhancing focus on insider threats, improving cyber awareness training and...

+ Will Arrests Squash Scattered Spider's Cybercrime Assault?—Members of Loosely Organized Group Recently Tied to Partnership With RansomHub Will the indictment of five alleged members of the loosely affiliated ...

+ Let's Give Thanks for How Far We've Come - and Forge Ahead!—Cybersecurity Training and Education Must Evolve to Keep Pace With the Profession Over the past few decades, cybersecurity has evolved from a niche c...

+ How Advances in Cloud Security Help Future-Proof Resilience—Embracing Zero Trust and AI in Cloud Security Zero trust, artificial-intelligence-driven security and automation tools are reshaping how organization...

+ Cyberstarts Program Sparks Debate Over Ethical Boundaries—Scrutiny Over Ethics of Profit-Sharing Prompts End to Cyberstarts CISO Compensation Allegations of conflicts of interest in Cyberstarts’ Sunrise prog...

As of 1/13/25 8:39pm. Last new 1/13/25 12:34pm.  Score: 387