BankInfoSecurity.com

Deal to Drive Application Security, Attack Surface Management Fusion for Detectify
With Insight Partners as majority owner, Detectify plans to combine application security and attack surface management capabilities. Insight's purchase supports a renewed focus on R&D and engagement with application security professionals in the U.S. and Northern Europe, Detectify’s core markets.

Also: Truth Terminal Founder Social Media Hack Inflates Fraudulent Token
This week, a Truth Terminal founder hack, U.S. recovered stolen crypto, TeamTNT resurfaced, former FTX exec Nishad Singh avoided prison, a possible SEC's X account hacker plea deal, Tether reported to be under investigation, trends in digital assets enforcement and pending Dutch crypto legislation.

Understanding the Impact of Security on the Business Makes You More Effective
With cybersecurity now embedded across all industries and functions, the importance of aligning security measures with business objectives has never been greater. Here’s why being business savvy is crucial in cybersecurity - and how you can cultivate it to become a more effective professional.

NY AG Action and $1M Fine Follow Back-to-Back Hacks That Affected 224,500 in 2023
An upstate New York-based medical practice must spend $2.25 million to improve its data security practices over the next five years, plus pay state regulators up to a $1 million fine following an investigation into two ransomware attacks days apart in 2023 that affected nearly 224,500 people.

United States’ Top Cyber Defense Agency Mobilizes Nationwide Election Support Hub
The director of the Cybersecurity and Infrastructure Security Agency said Wednesday the agency is establishing an election operations room to help counter foreign interference and support state officials amid escalating cyber and physical threats to the 2024 vote.

Insight Partners-Led Round Boosts US Growth, Fuels Threat Intelligence for Filigran
Filigran’s $35 million Series B funding, led by Insight Partners, positions the company to scale its threat intelligence and proactive security capabilities while expanding its U.S. footprint. Plans include doubling the engineering team and strengthening breach and attack simulation capabilities.

Vendor Blames Delta's Outage Severity on Its 'Own Response and IT Infrastructure'
CrowdStrike has countersued customer Delta Air Lines, accusing the airline of employing a lawsuit and seeking damages in "a desperate attempt to shift blame" for Delta's own IT inadequacies having exacerbated its outage, unlike "other major airlines" that quickly resumed operations.

Russian SVR Targeting Government, Academia, Defense Organizations Globally
A Russian-state hacking group is posing as Microsoft employees and sending malicious configuration files as email attachments to target organizations across the world. The campaign has the hallmarks of a Midnight Blizzard phishing campaign although its use of an RDP configuration file is novel.

New Compliance Tool Say Many AI Firms Fail to Meet Security, Fairness Standards
Large language models developed by Meta and Mistral AI are among a dozen artificial intelligence models that fail to meet the cybersecurity and fairness requirements of the European Union AI Act, which went into effect on Aug. 1, said developers of a new open-source AI evaluation tool.

Normalyze’s AI-Powered DSPM Technology Boosts Proofpoint’s Data Visibility, Control
Proofpoint will acquire DSPM startup Normalyze to strengthen its data security offerings across cloud, SaaS and hybrid environments. The company aims to give security teams enhanced visibility, control and human-centric risk reduction for sensitive data across complex infrastructures.

Foreign Minister Tajani Condemns Conspiracy as 'Threat to Democracy'
The foreign minister of Italy condemned Monday as a threat to democracy the private investigation firm that prosecutors in Milan say illegally accessed government databases for years to assemble illicit dossiers. Four individuals are under house arrest.

Foreign Influence Campaigns Intensify as Experts Tout Election Security Upgrades
More than 50 million votes have already been cast in the 2024 United States presidential elections, but new reports indicate the cyber and physical threats continue to escalate - with potential implications that could extend well beyond Election Day.

Scaling Business Often a Challenge in the Country, Experts Told Lawmakers
Dependence on foreign capital in the United Kingdom for investments into artificial intelligence will stymie British technological progress, a parliamentary committee heard Tuesday. An absence of capital makes it hard for British firms to scale operations, said Michael Holmes, CEO at Scale Space

Strategies for Safeguarding Data and Reputation at Financial Institutions
In today's increasingly digital world, trust isn't always easy to come by. Businesses no longer have complete control over their technology stack. Instead, they rely heavily on third-party solutions, applications and products to keep operations running smoothly. But those third parties pose risks.

When a large hospital in an urban area is shut down by ransomware, the disruption can be significant, but when a rural hospital faces a similar cyber outage, the impact on patient safety and the community can be extreme, said Nitin Natarajan of the Cybersecurity and Infrastructure Security Agency.

Academics Build AI Agent With OpenAI to Execute Phone Scams at Scale
Hackers can use OpenAI's real-time voice API to carry out for less than a dollar deepfake scams involving voice impersonations of government officials or bank employees to swindle victims, said researchers at the University of Illinois Urbana-Champaign.

Forrester's Cody Scott on Why 2025 Will Be Pivotal for Security Leaders
Forrester's 2025 Predictions for Cybersecurity, Risk and Privacy report forecasts that security leaders will scale back generative AI investments by 10%. AI productivity gains have fallen short of expectations, forcing CISOs to reprioritize budgets and reassess gen AI’s role in security operations.