Ransomware DataBreachToday.com

Apple, US Took Hard Line Against British Demand
The U.K. government is reportedly set to reverse course on requiring smartphone giant Apple to give police access to device data stored as backups in the California company's cloud service. "The Home Office is basically going to have to back down," a British official said.

Ball to Succeed Todd Wilkinson, Expand Digital Identity Strategy, Tech Integration
Tony Ball, the incoming CEO of Entrust, plans to shift the company's digital identity strategy beyond onboarding to support full life cycle use cases. He also plans to expand Entrust's post-quantum efforts and streamline customer delivery under one platform.

Researchers Find Flaws in Tridium Niagara Framework
Vulnerabilities in Honeywell smart building middleware could allow hackers to manipulate physical systems or disable security alarms, warn security researchers. Hackers would already need access to the network. An attack would also depend on the Tridium Niagara customer not encrypting Syslog data.

Huntress's Kyle Hanslovan Warns of MFA Bypass, Rogue Apps, Fake Device Enrollments
Cybercriminals are bypassing MFA using session tokens and rogue app access, with shadow workflows enabling persistent inbox theft against SMBs. Huntress offers behavioral training and managed identity response to SMBs for real protection not just more alerts, says CEO Kyle Hanslovan.

Early Hacktivists Laid the Blueprint for Chinese Hacking
There's a reason why many of the same tools appear time and time again in Chinese nation-state hacking: A first-generation of hackers who grew up together online and continue to swap techniques to this day. A report shows the influence of the so-called "Red 40".

Alpha Wellness Says 'Devastating' Incident Forced Closure of Georgia-Based Center
Another small medical care provider has shut its doors forever as the result of a recent "devastating" cyberattack. Georgia-based Alpha Wellness & Alpha Medical Centre has permanently pulled the plug on its operations following a data theft attack by cybercriminal gang RansomHub.

Experts Say Critical Infrastructure Sectors Have Made Little Cybersecurity Progress
Panelists told the House subcommittee on cybersecurity and infrastructure protection that U.S. critical infrastructure sectors have made few cyber improvements over the last 15 years despite fears of retaliation following digital and physical attacks on Iranian nuclear sites.

But Hacking Groups of All Stripes Now Have Access to Exploit Code, Researchers Warn
Microsoft said an attack campaign targeting zero-day vulnerabilities in on-premises SharePoint servers appears to have begun by July 7, tied to three Chinese hack groups. With proof-of-concept exploit code now in the wild, security experts said hackers of all stripes have joined the fray.

Labour Government Also Backs Ransomware Payment Clearance and Reporting
The British government vowed Tuesday to proceed with a proposed ransomware payment ban for critical infrastructure organizations such as the National Health Service and to press forward on a mandate for other businesses to notify authorities in advance of paying out a ransom.

Report Urges Indo-Pacific Cyber Shield Strategy Amid Increased Nation-State Threats
A Center for a New American Security study found China and North Korea are accelerating cyberattacks, influence operations and infrastructure breaches across the Indo-Pacific, as researchers urge the U.S. to help develop a regional cyber shield, and deploy forward cyber teams.

Cierant Corp. Says Cleo MFT Zero-Day Exploit Compromised Health Plan Client Data
A Connecticut-based firm that provides print and electronic document management services to health plans has reported to regulators that an exploit of a vulnerability in file transfer software from third-party vendor Cleo has resulted in a health data compromise affecting nearly 233,000 people.

Startup Mira Security Will Offer Insights on Encrypted Network Traffic, Decryption
Darktrace purchased a network traffic visibility startup to get insights from encrypted network traffic and decryption for customers in regulated industries. Mira Security will provide organizations with deeper, more comprehensive visibility across on-premises, cloud and hybrid environments.

As Agentic AI Takes Over Workflows, Traditional Authentication Practices Fall Short
The explosion of agentic AI and autonomous bots to orchestrate cross-system tasks is turning MFA into a brittle defense. Non-human identities often bypass human-centric security controls, operating with static credentials and undefined ownership, creating exploitable identity risks.

Traditional security testing tools can’t keep pace with modern threats—or prove which vulnerabilities truly matter. Discover how Adversarial Exposure Validation (AEV) bridges the gap by continuously simulating real-world attacks to reveal exploitable exposures, prioritize risk, and empower smarter security decisions. Learn why AEV is the missing link in your CTEM strategy and how BreachLock is leading the way.

PoisonSeed Threat Actor Uses Cross-Device Login Feature and QR Code to Trick Users
Expel researchers have found a novel adversary-in-the-middle phishing technique used by PoisonSeed, a cybercrime group previously tied to large-scale cryptocurrency thefts, to sidestep one of the most secure forms of multifactor authentication - FIDO2 physical keys.

House, Senate Versions of 2026 NDAA Offer Competing Approaches to Cyber
Washington is wagering that future conflicts will unfold as much in cyberspace as on the battlefield, with House and Senate lawmakers unveiling dueling drafts of a nearly $900 billion defense bill that spotlights needs for cybersecurity and artificial intelligence technology.

Cybercrime Group Bian Lian Claimed Responsibility for Attack Last Year
A Texas-based firm that conducts workplace drug and alcohol testing for private employers and for compliance with state and federal agencies, including the Department of Transportation, disclosed to regulators that a July 2024 hacking incident affected nearly 750,000 people.

Hackers Using Amadey Bot to Drops Payloads From Fake GitHub Accounts
Threat actors are using public GitHub repositories to host and distribute malware through the Amadey botnet in an ongoing campaign linked to a broader malware-as-a-service operation, Cisco Talos said in a report published Thursday.

New Working Group Launched After Two Failed Attempts to Resolve AI Training Impasse
The U.K. government on Wednesday began its latest round of talks between creative owners and the artificial intelligence sector to work out a potential deal on the use of copyrighted content to train AI models. The discussions follow two previous failed attempts.