DataBreachToday.com

Cybersecurity Firm Finds Rash of Apps Coded With Microsoft .NET MAUI
Cybercriminals are using a Microsoft cross-platform app development framework to create Android malware that bypasses security measures, evades detection and steals user data. Malicious apps spotted by McAfee researchers aren't traditional Android malware.

'Encryption Can't Protect You From Stupid,' Says Leading Cryptographer
We're all human. Who among us hasn't lost a thumb drive or added a journalist to a consumer-grade encrypted app group chat devoted to White House war planning and military operations? Still, some accidental data breaches pose a bigger risk than others.

ARC-AGI-2 Measures AI's Ability to Problem Solve With Fewer Resources
A new benchmark to evaluate artificial general intelligence has leading artificial intelligence models stumped. The Arc Prize Foundation's ARC-AGI-2 test presents puzzle-like challenges that require AI models to analyze visual patterns from multicolored square grids and generate solutions.

'Weaver Ant' Used Web Shell Tunneling and Hacked Routers to Evade Detection
An apparently Chinese cyberespionage operation lurked inside the network of an Asian telecom for four years, camouflaging its presence through nested encryption and lightweight web shells. Chinese hackers have been uncovered on the inside of telecom networks spanning the globe.

Settlement Is 5th HIPAA Enforcement Action Under HHS's OCR Risk Analysis Initiative
An Illinois-based firm that provides fitness and wellness plans to clients throughout the U.S. has agreed to pay federal regulators a settlement of nearly $228,000 and implement a corrective action plan following an IT misconfiguration incident that caused several breaches in 2018 and 2019.

Audits Focus on HIPAA Security Rule Provisions Related to Ransomware, Hacking
Federal regulators have quietly resumed compliance audits of HIPAA-regulated organizations. With the surge in ransomware and other hacks reported in recent years, the focus of the audits are on provisions of the HIPAA Security Rule most relevant to these attacks, said a government official.

Large Health Data Breach Started With Phishing Lure in Employees' Email
Tennessee-based Numotion, one of the largest U.S. providers of wheelchairs and other health-related mobility products is notifying nearly 500,000 people of a 2024 email hacking incident that potentially compromised their personal and health-related information.

Cunningham and Daniel Warn That Poor Leadership, Cuts Are Hurting US Cyber Posture
In the latest "Proof of Concept," Michael Daniel of the Cyber Threat Alliance and former Forrester analyst Chase Cunningham joined editors from Information Security Media Group to examine how fractured leadership, shifting responsibilities and declining federal support are eroding U.S. cyber defenses.

Cooperation Deal With Jana Expands Rapid7 Board to 11, Tightens Governance Controls
Rapid7 struck a truce with Jana Partners, agreeing to hand the activist investor three board seats in exchange for cooperation until early next year. The deal will boost Rapid7's board size from eight to 11, adding former Forescout CEO Wael Mohamed and former Imperva and Gigamon CFO Michael Burns.

California Alerting Consumers to Delete Data, Samples Shared With Firm
Genetics testing firm 23andMe has filed for Chapter 11 bankruptcy protection and says it is looking to sell the company. But what does that potentially mean for the firm's trove of highly sensitive health and ancestry information pertaining to millions of consumers?

What Do You Mean, Hospital-Targeting Sociopath Ransomware Wielders Continue to Lie?
A ransomware group reusing the Babuk ransomware brand claims to have stolen data from the likes of Amazon, Delta and US Bank. Just one problem: Security experts found a startling overlap between its claimed victims and previous attacks scored by the likes of Clop, LockBit and RansomHub.

Supposed Taiwanese State Hackers Unmasked by China's Ministry of State Security
Nothing beats messing with your adversaries' heads than taking a page from their psychological operations playbook. Witness China's Ministry of State Security unmasking four Taiwanese government hackers in a move borrowed from the U.S. government's playbook.

Researcher Found Unsecured Database Server Containing 1,864 GB of OrthoMinds' Data
An orthodontic practice software vendor is notifying an undisclosed number of patients that their data was exposed to the internet for 10 days last November. The security researcher who discovered the data leak said the incident appears to have lasted longer and affected more than 200,000 patients.

UAT-5918 Breaches Taiwan's Critical Sectors Using N-Day Flaws for Cyberespionage
Hackers with ties to China-based hacking groups including Volt Typhoon are breaching Taiwan's critical infrastructure by exploiting unpatched web and application servers as entry points for a cyberespionage campaign. Cisco Talos threat hunters identified the new threat actor as UAT-5918.

Dave DeWalt's NightDragon and HSBC to Back New Product Rollouts and Global Growth
Dataminr received $85 million in convertible pre-IPO funding from Dave DeWalt’s NightDragon and HSBC. The investment will support the rollout of context agents and pre-generative AI capabilities, and enable the company to scale internationally ahead of its planned initial public offering.

'Wave of Ransomware Attacks' Hitting FortiOS and FortiProxy Devices, Warn Experts
Cyber defenders said they're seeing a "wave of ransomware attacks" unleashed by attackers who gain initial access by targeting two known vulnerabilities in Fortinet FortiOS and FortiProxy devices. Hackers sometimes patch the devices to hide their persistent remote access.

Also: Trump's Cybersecurity Shake-Up, IBM's X-Force Event Highlights
In this week's update, ISMG editors explore Google's record-breaking $32B Wiz acquisition and its impact on cloud security, the shake-up in Trump's cybersecurity leadership team amid budget cuts, and key takeaways from the IBM X-Force Cyber Range cyber response event.