DataBreachToday.com

Surge in Attack Attempts Spotted After Palo Alto Networks Details and Patches Flaw
Attackers have stepped up efforts to exploit a vulnerability in the software that runs Palo Alto Networks firewall appliances that could give them direct access to the underlying software. Unauthenticated hackers could use PHP scripts to bypass the PAN-OS management web interface.

Sluggish Sales Growth and Lower Relevance in Endpoint Could Make Trend Attractive
Endpoint security vendors are changing up their ownership or business models as Microsoft and CrowdStrike increasingly blot out the sun in this rapidly consolidating market. Reuters said that Advent International, Bain Capital, EQT AB and KKR have expressed interest in taking Trend Micro private.

Lawsuit Alleges Insurer Used AI Tool in Denying Patients Medically Necessary Care
A proposed class action lawsuit against UnitedHealth Group, which claims the company's insurance unit UnitedHealthcare used artificial intelligence tools to deny Medicare Advantage claims for medically necessary care, has the green light to proceed from a federal judge.

Who Are 'Death Clickers,' and How Do They Weaken Company's Cyber Defense?
Employees who repeatedly click on malicious links or "death clickers" are a risk to an organization's cybersecurity. This blog explains how awareness, behavior testing and simulations can help organizations strengthen their cybersecurity culture and manage human risks.

Legal Experts Marian Waldmann Agarwal and Marijn Storm on Impact of AI Regulations
AI regulations are tightening, bringing new compliance challenges, especially for high-risk systems. Morrison Foerster partners Marian Waldmann Agarwal and Marijn Storm explain how EU and Colorado AI regulations are reshaping governance and security requirements for organizations.

Forrester's Thomas Husson on Reactions to DeepSeek, Fears of Overregulation
The AI Action Summit this week came on the heels of the DeepSeek-R1 launch by Chinese AI company, as well as recent enforcement actions of the EU AI Act. A number of leaders from both inside and outside of Europe criticized the EU law, fearing that new regulations will stymie innovation.

President Matt Mills Shares M&A Vision, Machine Identity Security, Market Expansion
SailPoint returns to the public markets, and President Matt Mills discusses the company's SaaS evolution and market expansion plans. He outlines how proceeds from the IPO will be used and highlights new tools for managing the growing risk from unmanaged machine identities.

Emerging Vendors, Consolidation Drive Innovation in Fraud, AML and Scam Prevention
As cybercriminals exploit AI-generated deepfake scams and synthetic identity fraud, financial institutions are investing heavily in fraud detection, anti-money laundering solutions and identity verification to stay ahead. This demand is driving consolidation in the market.

Russian, Iranian and Chinese APTs Among Most Active Ransomware Collaborators
Security researchers are increasingly finding it challenging to attribute cyberattacks due to surging cooperation between nation-state hackers and ransomware groups, especially for espionage purposes. They say it reflects the blurring of the lines between state-directed and criminal activities.

Cuts Hit Duplicative Roles, Positions Rooted in Secureworks Being a Public Company
Sophos laid off 6% of its staff just days after closing its $859 million acquisition of Secureworks. The job cuts will streamline duplicative roles following the Feb. 3 close of the Secureworks deal as well as reduce positions that are no longer needed since Secureworks delisted as a public company.

Could CISA's Uncertain Future Embolden Nation-State Attackers?
As the future of the Cybersecurity and Infrastructure Security Agency becomes increasingly uncertain in the wake of a massive federal overhaul, experts warn that key U.S. infrastructure sectors, including energy, financial services and election infrastructure, are at a heightened risk of cyberattacks and cyberespionage.

Astaroth Kit Offered for $2,000 on Telegram, Intercepts Authentication in Real Time
A new phishing kit called Astaroth bypasses two-factor authentication through session hijacking and real-time credential interception from services like Gmail, Yahoo, AOL and Microsoft 365. Acting as a man-in-the-middle, it captures login credentials, tokens and session cookies in real time.

Telecoms Still Falling to Chinese Nation-State Hacking Group, Researchers Warn
A Chinese cyber espionage group tracked as Salt Typhoon and tied to the mass hacking of telecommunications networks in the U.S. and dozens of other countries has been continuing to seek and hack unpatched equipment, including exploiting two long-patched vulnerabilities in Cisco gear.

Apply These Proven Methodologies to Assess, Prioritize and Act Quickly in a Crisis
Cybersecurity professionals frequently deal with multiple issues - all demanding immediate attention. How can you demonstrate the ability to make sound decisions to advance your career? Decision-making in high-stakes environments demands clear methodologies that promote both efficiency and accuracy.

Executive Order Gives Musk Team Hiring Authority Across Federal Government
President Donald Trump's latest executive order grants hiring authority across the federal government to his billionaire adviser Elon Musk's task force, raising concerns that the move could undermine federal cybersecurity efforts, weaken U.S. cyber defenses and leave key security positions unfilled.

Breach of GoAnywhere File Transfer App at Brightline Affected 1 Million Patients
Virtual mental health provider Brightline has agreed to pay $7 million to settle a proposed class action lawsuit involving a data breach affecting about 1 million individuals stemming from the 2023 hack by ransomware gang Clop on software vendor Fortra's GoAnywhere managed file transfer application.

Chinese State-Sponsored Cyber Group Deploying Fileless Malware to Persist
Chinese state-sponsored cyber group APT40 intensified its attacks on government and critical infrastructure networks in the Pacific region by deploying fileless malware and modified commodity malware, prompting Samoa's cybersecurity agency to issue an urgent advisory.