DataBreachToday.com

Demand for Cloud Security Skills Is Growing, Offering Good Pay and New Challenges
Cloud services support a wide range of applications from finance to healthcare systems and have become prime targets for cybercriminals, making cloud security a major concern for cybersecurity organizations. The need to secure the cloud is driving demand for skilled cloud security specialists.

New Pentagon CISO Appointed as Pentagon Budget Cuts Loom
The White House appointed a Trump ally and former Department of Defense cybersecurity official as DOD CISO, an unexpected return to the Pentagon for an official previously removed under a cloud of security concerns. Arrington returns to the Pentagon just as it faces budget cuts.

DOJ Says Contractor Falsely Claimed to Meet Critical Cyber Requirements
A military health benefits administrator has agreed to pay $11.2 million to settle allegations that the company falsely certified compliance with cybersecurity requirements - including patch management - for three years in a contract with the U.S. Department of Defense.

Regulators Cite Privacy Concerns Over DeepSeek's Data Collection Practices
The Personal Information Protection Commission, South Korea's data protection regulator, has directed Chinese artificial intelligence company DeepSeek AI to withdraw its chatbot application from official app stores pending an inquiry into the chatbot's compliance with data protection rules.

Private Equity Firm Says It'll Take Several Weeks to Pinpoint Scope of Jan. 16 Hack
An unauthorized third-party accessed certain information systems last month from Insight Partners through a sophisticated social engineering attack. Insight said it'll take the next several weeks to determine the scope of the Jan. 16 incident with the support of third-party cybersecurity experts.

Thinking Machines Lab Looks to Build Multimodal, Safe AI
Former OpenAI CTO Mira Murati launched a new artificial intelligence startup with an aim to bridge the gap between rapidly advancing AI technologies and the public's understanding of them. The startup is an attempt to create AI systems that can adapt to individual user needs.

Tokenization Goes Beyond Fraud Prevention, Boosting Profits and Customer Experience
Fighting fraud is a compelling reason for network tokenization. But the business case now goes well beyond security. Tokenization can also boost authorization rates and drive sales, ultimately improving merchants' bottom lines - if card issuers can overcome the hurdles to implement it.

Mustang Panda Uses MAVInject to Evade Antivirus Detection
A Chinese state-sponsored hacking group is abusing a legitimate Microsoft tool to evade security and install backdoors on government systems in the Asia-Pacific region. The threat actor uses MAVInject.exe to inject malware into waitfor.exe.

Google Expects Tactics to Spread; Global Targets and Other Services at Risk
Russian nation-state hackers are using phishing attacks to target Ukrainian users of the chat app Signal, say security researchers. Rather than circumventing Signal's end-to-end encryption via a cryptographic attack, attackers use malicious prompting to prod victims into exposing messages.

Researcher Says Firm Failed to Secure Sensitive Health Data From Survey Forms
An unsecured database containing 2 terabytes of data allegedly exposed more than 1.6 million clinical research records to the internet, including sensitive personal and medical information of patients, said the security researcher who discovered the lapse. Why does this keep happening?

'Marstech1' Malware Targets Developers Through GitHub Repository
New North Korean malware is targeting crypto wallets with an unconventional command-and-control infrastructure and through malware embedded into a GitHub repository that's apparently the account of a Pyongyang hacker. The implant appears to have emerged late last December.

Investment Led by Bain Capital to Enhance Predictive Threat Detection Capabilities
Dream raised $100 million in Series B funding from Bain Capital on a $1.1 billion valuation to enhance its proprietary Cyber Language Model and expand globally, with a focus on U.S. market entry to address growing national security threats through AI-driven cybersecurity and predictive solutions.

Court Clears Way for Musk's DOGE Team to Continue Accessing Sensitive Federal Data
A federal judge has ruled against a lawsuit from 14 state attorneys general requesting a temporary restraining order against Elon Musk and the Department of Government Efficiency amid controversy surrounding the billionaire's access to sensitive government systems.

Flurry of Arrests a Potential Prelude to Russia-Ukraine Peace Negotiations
Even before Donald Trump took office on Jan. 20, there were signs that Russian President Vladimir Putin ordered cybercriminals operating inside his country's borders to be reined in, potentially as a bargaining chip in negotiations over Russia's stalemated war of conquest against Ukraine.

States will increasingly be stepping up to fill gaps in the healthcare sector with new cyber legislation and requirements as the Trump administration promises to roll back regulations, predicts attorney Amy Magnano of the law firm Morgan Lewis' healthcare practice.