BankInfoSecurity.com

Attacks on RMM Tools Surged in 2025, With 51 Solutions Flagged as Targets
Cybercriminals are hijacking trusted remote monitoring and management tools to bypass defenses, gain persistent access and quietly stage ransomware attacks. Experts warn MSPs and enterprises that supply chain exposure amplifies the scale of these intrusions.

Deal Would Boost Veeam's Cyber Footprint as Data Protection Vendor Valuations Surge
Bloomberg reported that data protection and ransomware recovery giant Veeam is in advanced talks to buy DSPM and AI security vendor Securiti for $1.8 billion, with an announcement coming as soon as this week. The deal would accelerate Veeam's pivot from backup and disaster recovery to cybersecurity.

The Edmund Group's Adler on Managing Third- and Fourth-Party Risk in Healthcare
Healthcare organizations face growing risks from data distribution, vendor dependencies and global instability. Steven Adler, partner at The Edmund Group, discusses practical steps to strengthen vendor oversight and resilience.

Manufacturer Resumes Operations at Wolverhampton Unit
British car maker Jaguar Land Rover began on Monday a phased restoration of operations following a month of cyberattack-induced idleness. Fears of large-scale job losses at the car manufacturer and its extensive network of suppliers led the U.K. government to guarantee a 1.5 billion pound loan.

2020 Hack Has Cost EyeMed About $12.6M in Multiple Regulatory Fines, Settlements
Benefits provider EyeMed Vision Care has agreed to pay $5 million and improve its security practices to settle class action litigation involving a 2020 phishing breach. The incident has been the subject of previous multimillion dollar settlements and enforcement actions by multiple state regulators.

Proliferating Age Verification Systems a Hacker Target
A vendor breach linked to Discord exposed government ID uploads used in age verification, raising alarms among privacy experts who warn that third-party data collection systems are becoming high-value targets amid rising legislative mandates for online age checks.

A Proven Fractional CISO Can Help Close Leadership Gaps and Strengthen Resilience
Hiring a fractional CISO gives your business the executive security leadership it needs - without the full-time cost. But not all providers are equal. Knowing how to evaluate talent, provider stability and delivery is key to ensuring lasting value, trust and resilience.

Financial Institutions Break Down Silos to Combat Faster, AI-Powered Threats
Banks face AI-powered fraud attacks and stricter compliance demands. Unified platforms that integrate security, fraud detection and compliance help institutions respond faster while empowering human analysts to focus on strategic decisions.

What's Left After Raking In Millions From Other People's Blood, Sweat and Tears?
Things that continue to elude scientific observation: the Loch Ness Monster, Bigfoot and the ransomware hacker who voluntarily chose retirement. "There's no such thing as 'retirement' in cybercrime," despite some ransomware hackers dangling promises to leave the field.

Pentesting Tools Uncover Vulnerabilities but White Hat Skills Are Still in Demand
Automated pentesting tools offer faster visibility and robust integration with daily security operations, but automation doesn't eliminate the need for humans in the loop. Automation raises the baseline for vulnerability management and changes what white hat hackers need to know to stay relevant.

Evaluating Tools Saves Money But Requires Technical, Compliance and Business Acumen
Shiny object syndrome is more than a metaphor in cybersecurity. Organizations that chase every new tool often discover that what looked impressive in a demo fails to meet operational needs. The cure for this common malady is a structured tool evaluation process.

Recent advisories from U.S. federal authorities on vulnerabilities in certain operational technology devices underscore the potential security risks that many healthcare providers frequently underestimate, said Sila Özeren, a security research engineer at Picus Security.

Default credentials, weak passwords, misconfigurations and a variety of other security shortcomings are exposing millions of medical devices and their data on the internet, said Soufian El Yadmani, CEO and co-founder of Modat, who shared recent research findings.

New Texas health information legislation that began to go into effect on Sept. 1 includes several noteworthy provisions including requirements related to health record data storage and artificial intelligence, said regulatory attorney Rachel Rose. Rose explains the significance of the new state law.

A new AI-powered clinical decision support system developed by Google and NASA aims to help astronauts diagnose and treat medical issues during space missions - even when real-time communication with Earth is unavailable, said Chris Hein, field CTO of Google Public Sector.