Ransomware DataBreachToday.com

Hackers Use Stolen Certificates to Bypass Endpoint Detection and Response
A Russian-speaking ransomware group has been deploying a malicious Windows PE driver that imitates a legitimate CrowdStrike Falcon driver to bypass endpoint security, warn researchers. The driver disables endpoint detection and response software by stripping process protections.

Cunningham and Daniel Warn That Poor Leadership, Cuts Are Hurting US Cyber Posture
In the latest "Proof of Concept," Cyber Threat Alliance's Michael Daniel and former Forrester analyst Chase Cunningham joined editors from Information Security Media Group to examine how fractured leadership, shifting responsibilities and declining federal support are eroding U.S. cyber defenses.

Cooperation Deal With Jana Expands Rapid7 Board to 11, Tightens Governance Controls
Rapid7 struck a truce with Jana Partners, agreeing to hand the activist investor three board seats in exchange for cooperation until early next year. The deal will boost Rapid7's board size from eight to 11, adding former Forescout CEO Wael Mohamed and former Imperva and Gigamon CFO Michael Burns.

California Alerting Consumers to Delete Data, Samples Shared With Firm
Genetics testing firm 23andMe has filed for Chapter 11 bankruptcy protection and says it is looking to sell the company. But what does that potentially mean for the firm's trove of highly sensitive health and ancestry information pertaining to millions of consumers?

Crossley of Schneider Electric Urges Supplier Scrutiny and Continuous Risk Review
To strengthen defenses, organizations must adopt secure-by-design practices, select mature open-source components and embed risk awareness throughout development, according to Cassie Crossley, vice president, supply chain security, cybersecurity and product security office, Schneider Electric.

Not Every New Generation of LLM Needs Exponentially More Chips, Says Tencent Exec
Chinese tech giant Tencent reported a slowdown in GPU deployment, attributing it to a prioritization among Sino tech companies of chip efficiency over raw numbers, a strategy made clear internationally by artificial intelligence firm DeepSeek.

Dave DeWalt's NightDragon and HSBC to Back New Product Rollouts and Global Growth
Dataminr received $85 million in convertible pre-IPO funding from Dave DeWalt's NightDragon and HSBC. The investment will support the rollout of context agents and pre-generative AI capabilities, and enable the company to scale internationally ahead of its planned initial public offering.

What Do You Mean, Hospital-Targeting Sociopath Ransomware Wielders Continue to Lie?
A ransomware group reusing the Babuk ransomware brand claims to have stolen data from the likes of Amazon, Delta and US Bank. Just one problem: Security experts found a startling overlap between its claimed victims and previous attacks scored by the likes of Clop, LockBit and RansomHub.

Supposed Taiwanese State Hackers Unmasked by China's Ministry of State Security
Nothing beats messing with your adversaries' heads than taking a page from their psychological operations playbook. Witness China's Ministry of State Security unmasking four Taiwanese government hackers in a move borrowed from the U.S. government's playbook.

Google Aims to Match Microsoft Defender With $32B Buy of Wiz's Cloud Security Tech
Google's plan to buy cloud security firm Wiz for $32 billion highlights its drive to compete with Microsoft Defender and expand multi-cloud protection, and will put pressure on AWS to respond. Forrester Analyst Andras Cser says Wiz will likely remain independent for now, easing integration hurdles.

Open Power AI Consortium Members Include Nvidia and Microsoft
Tech giants and utility providers on Thursday formed an alliance to harness artificial intelligence for a more resilient power grid. More than two dozen organizations are participating in the Open Power AI Consortium led by the Electric Power Research Institute.

Researcher Found Unsecured Database Server Containing 1,864 GB of OrthoMinds' Data
An orthodontic practice software vendor is notifying an undisclosed number of patients that their data was exposed to the internet for 10 days last November. The security researcher who discovered the data leak said the incident appears to have lasted longer and affected more than 200,000 patients.

UAT-5918 Breaches Taiwan's Critical Sectors Using N-Day Flaws for Cyberespionage
Hackers with ties to China-based hacking groups including Volt Typhoon are breaching Taiwan's critical infrastructure by exploiting unpatched web and application servers as entry points for a cyberespionage campaign. Cisco Talos threat hunters identified the new threat actor as UAT-5918.

Major Competitive, Regulatory, Economic and Technological Changes Fueled This Deal
The fact a $32 billion acquisition agreement between Google and Wiz was reached speaks to major changes that have occurred in the market around the competitive landscape, the regulatory environment, the macroeconomic environment, customer buying behavior, and the technology itself.

Norwegian Man Tells OpenAI: I Didn't Kill My Children
A Norwegian man is peeved that a chatbot hallucinated a violent backstory for his life after seeing that ChatGPT apparently believes he's a child killer spending decades inside prison. "The fact that someone could read this output and believe it is true is what scares me the most," he said.

Health ISAC, AHA Bulletin Urges Entities to Bolster Physical, Cyber, Preparedness
Threats transmitted on social media intimating coordinated terrorist attacks on hospitals in mid-tier U.S. cities have industry authorities warning the healthcare sector to shore up physical and cyber security, as well as emergency management response plans.

Experts Weigh the Advantages and Risks of Generative Adversarial Networks
With traditional rule-based fraud detection systems and even conventional machine learning models struggling to identify these highly deceptive fraud patterns, financial institutions are exploring generative adversarial networks to enhance fraud detection.

Executive Order Shifts Cyber Responsibilities to States, Sparking Security Concerns
The White House is shifting cybersecurity risk management from the federal government to states and local agencies, marking a pivot in how Washington supports the protection of elections and critical infrastructure. Many states lack their own national security and cyberthreat intelligence centers.

'Real Danger' Alert for Unpatched Veeam Servers Attached to a Production Domain
Widely used Veeam Backup & Replication software has been patched to fix a critical vulnerability that could be abused to remotely exploit malicious code. Security experts recommend rapid patching, given ransomware and other groups' repeated targeting of the software.

Also: OKX Temporarily Suspends Services to Prevent Funds Laundering
This week, $6.1M Wemix theft, OKX suspended services, Vermont dropped Coinbase case, new RAT-targeted crypto wallet extensions, TJ Stone got prison time, Nebraska's new crypto ATM rule, Trezor disclosed a potential bug and British prosecutors charged a former police officer for 50 Bitcoin theft.