DataBreachToday.com

Deal Targets Open Source Library Risks in Software Supply Chain, Boosts DevSecOps
The integration of Tidelift into Sonar's ecosystem will enhance software supply chain security by leveraging human-verified insights from maintainers of popular open source libraries. Developers can expect comprehensive tools to address vulnerabilities in first-party, AI-generated, and third-party code.

Federal Agencies Tasked with Adopting New Cloud Security Policies Beginning in 2025
The Cybersecurity and Infrastructure Security Agency is requiring federal agencies to adopt secure cloud configurations, integrate monitoring tools and report cloud systems starting in 2025 as part of an effort to address vulnerabilities in part exposed by the SolarWinds attack.

Regulators Say NIST's 2035 Deadline for Insecure Encryption Could Be Too Late
Australia has rolled out an ambitious roadmap to prepare for future quantum-enabled cyberattacks. Regulators are ready to set an end date for several existing encryption algorithms in 2030 - five years earlier than the deadline set by National Institute of Standards and Technology in the U.S.

Trading Bloc Includes Doppelganger Actors and GRU Unit 29155 in Sanctions List
The European Union sanctioned Russian intelligence hackers and two Kremlin officials responsible for digital disinformation campaigns in an action the European Council said marked its first ever imposition of restrictive measures against Russian actors for hybrid activities

Draft National Response Plan Offers Flexible Coordination Strategies Across Sectors
A draft update to the National Cyber Incident Response Plan aims to enhance federal coordination with both the public and private sectors to better address significant cyber incidents, establishing clear roles for federal cyber entities and emphasizing efficient threat response measures.

Malware Exploits Cybercrime Ecosystem for Profit
Hackers are using a variant of a backdoor that's the hallmark of a Chinese threat actor suspected of ties to Beijing in order to target the cybercriminal underground. The malware t "shares near-complete similarity" with the a backdoor exclusively used by the Winnti Group.

Deal With BlackBerry Integrates EDR for Hybrid XDR Platform for Midmarket Customers
Arctic Wolf is acquiring Cylance from BlackBerry for $160 million to integrate its AI-driven EDR technology into a hybrid XDR tool. The move aims to streamline cybersecurity for midmarket companies by combining services with product offerings, cutting operational complexity and boosting scalability.

An Iranian state hacking group is using custom malware to compromise IoT and OT infrastructure in Israel and the United States. An attack wave from Islamic Revolutionary Guard Corps-affiliated "CyberAv3ngers" swept up fuel management systems made by U.S.-based firm Gilbarco Veeder-Root.

IT Outage, Downtime Procedures Affecting Services at California Healthcare Provider
Cybercriminals claim they stole 17 million patient records from a southern California regional healthcare provider that is still struggling with IT and phone systems outages that have been disrupting patient care since the organization was hit by a ransomware attack on Dec. 1.

Also: How Leading Cybersecurity Firms Are Gearing Up for 2025
In the latest weekly update, ISMG editors discussed the shooting death of the UnitedHealthcare CEO and its wider implications for AI-driven decision-making, market strategies for the top cybersecurity companies in 2025, and how these strategies reflect industry trends.

Around 30,000 German IoT Devices Infected From Backdoored Android Applications
The German federal information security agency disrupted a botnet that infected thousands of backdoored digital picture frames and media players made with knockoff Android operating systems shipped from China. The agency identified at least 30,000 infected devices.

Open Questions: What's Next Killer Use Case? Can Output Be Better Validated?
The topic of AI reality versus hype, as well as what the next killer use cases might be, dominated the wrap-up "Locknote" panel at this year's annual Black Hat Europe in London, comprised of conference Review Board members detailing this year's hot topics, with AI taking top place.

Also: Australia Fines Kraken AU$8 Million Over Breaches
This week, scammers targeted crypto workers with fake meeting apps, Australia fined Kraken crypto exchange operator Bit Trade, a Los Angeles federal court ordered five individuals to pay $5 million, Polish police detained a Russian former exchange operator and FTX debtors clawed back more cash.

Cybersecurity Experts Push for Clearer Mission, Expanded Authority, More Resources
Cybersecurity experts are urging a revamp of the Office of the National Cyber Director. The Center for Cybersecurity Policy and Law says the office needs a clearer mission, more resources and the authority to lead cybersecurity policy for other government agencies to bolster U.S. cyber defenses.

Possible Long-Term Attack by Unknown Hackers Thwarted
Hackers exploiting flaws in Cleo Communications software instances had intimate knowledge of their internals and deployed a previously unknown family of malware, security researchers from Huntress said Thursday. Cleo published a patch Wednesday evening.

DOJ Indicts North Korean IT Workers for Using Remote Jobs to Steal Sensitive Info
U.S. federal prosecutors indicted 14 North Koreans for a long-running IT scam generating $88 million by exploiting remote work with U.S. firms, a scheme prosecutors say is tied to DPRK-controlled companies that fund weapons programs through stolen identities, data theft and extortion.

Secret Blizzard Used Third-Party Amadey Bots to Hack Ukrainian Military Devices
A Russian state-backed hacker group used third-party data-stealing bots and possibly a backdoor used by another Russia-based threat group to infiltrate and spy on devices used by frontline Ukrainian military units, according to a report from the Microsoft threat intelligence team.

Multimodal Agentic AI Delivers Speed, Tools and Research Prototypes
Google's latest AI model can natively process and output text, images and audio in the search giant's push toward more autonomous reasoning, planning and action. The company said Gemini 2.0 is designed for applications ranging from development and gaming to research and everyday assistance.