DataBreachToday.com

Reports: Cyber Command Ordered to Halt Offensive Operations Against Russia
Russia won't have the United States to worry about in cyberspace in an apparent concession to Moscow meant to grease talks between the two capitals over the fate of Ukraine. Defense Secretary Pete Hegseth ordered U.S. Cyber Command to halt offensive cyber operations against Russia.

AI-Driven Incident Response, Observability Boost SolarWinds' Operational Efficiency
SolarWinds' acquisition of Squadcast strengthens its IT management portfolio with AI-powered incident response. Customers report faster remediation, reduced noise and improved resilience. The integration promises a smarter, more efficient approach to IT operations.

Committee Witnesses Favor Resilience Over Bans
The British government should focus on building operational resilience rather than imposing ransom payment bans, security experts told a parliamentary committee. The British government in January floated a ban on the public sector and critical infrastructure owners paying digital extortion.

Gartner MQ for Cyber-Physical Security Details Pros, Cons of Pure-Play Approach
Pure-play OT specialists Claroty, Nozomi and Dragos were joined by asset management expert Armis and behemoth Microsoft atop Gartner's first-ever ranking of cyber-physical systems vendors. Historically, a wide range of vendors were grouped together under the broad umbrella of OT security.

After Disrupting Ascension Health, Black Basta Forecast Reprisals From FBI, Moscow
"We are pentesters, not murderers," ransomware group Black Basta claimed in its negotiations with victim Ascension Healthcare in May 2024, after its attack led to widespread disruptions and patient safety alerts. Leaked chat logs reveal the group feared resulting reprisals from the FBI and Moscow.

Also: U.S. Health Data Privacy Crackdowns, Reality vs. Hype of LLMs in Security
In this week's update, four editors with ISMG explore the crumbling state of ransomware group Black Basta and implications for other cybercrime gangs, the expanding impact of U.S. health data privacy laws, and whether large language models are truly what they seem.

Researchers: Ransomware Group Emerged Last Fall; Variant of Babuk Malware
A new ransomware gang, Termite, has started leaking on the dark web samples of sensitive data stolen in an attack on Australian fertility clinic Genea. A court has issued a restraining order in hopes of preventing the threat actor or others from further disseminating, using or publishing the data.

Model Appears to Be a Way Station on the Road to Something Greater
OpenAI on Thursday released its latest generative AI model, but don't call it the next big thing just yet. More thoughtful, persuasive and emotionally intelligent, GPT-4.5 aims to feel less like an algorithm and more like a conversation partner.

Current and Former Officials Express Optimism, Concerns Over Cyber Leadership Picks
Top leadership at the U.S. Cybersecurity and Infrastructure Security Agency may be coming into view as the Trump administration has begun attaching names to senior positions. Karen Evans will be executive assistant director for cybersecurity.

Health Industry Associations Complain That Proposed Cyber Mandates Are 'Staggering'
Seven major healthcare industry groups are urging the Trump administration to rescind a proposed update to the HIPAA Security Rule issued at the end of the Biden administration. The costs and regulatory burden to comply would be "staggering" to the healthcare sector, they said.

Trump's Procurement Tracking Directive Could Expose Vast Government Data to Threats
The White House is mandating federal agencies to track and justify every procurement, a move aimed at transparency but one that experts warn could expose troves of sensitive financial data to hacking, nation-state cyberthreats and potential supply chain vulnerabilities across government systems.

Approach Aims to Scale AI Models by Making Them Smarter Instead of Bigger
Scaling AI models in size has hit a plateau. One possible solution is test-time compute, which dynamically allocates extra computational resources during inference - or the thinking phase - to refine answers. Test-time compute lets AI models allocate resources based on the problem's complexity.

Series A Investment Expands AI-Driven Cybersecurity and Threat Detection
Mimic got $50 million in Series A funding to expand its ransomware defense solutions. Backed by Google Ventures and Menlo Ventures, the company will enhance AI-driven threat detection, automate security for proprietary apps and grow internationally to protect enterprises from ransomware attacks.

DeepSeek's Reasoning AI and Inference Scaling Drive Massive Demand for Compute
AI's shift to reasoning models such as DeepSeek is pushing compute demand to unprecedented levels, says Nvidia CEO Jensen Huang. Blackwell chips are designed to handle inference scaling, where complex models consume 100x more compute than traditional AI. He predicts strong data center growth in 2025.

Recent Upheavals in Job Market Underscore the Need for a Security-Minded Culture
Technology and training are key components of a strong insider risk program, but in times like these, the real key to success lies in your organization's culture. Do your employees feel valued? If the answer is no, your insider threat level could be off the charts.

Vendor Providing Employee Screenings Across Multiple Sectors Reports Cyber Incident
DISA Global Solutions, a third-party administrator of background checks and drug and alcohol testing for employers in multiple industries, said 3.3 million individuals are affected by a data theft incident that happened a year ago. The firm is already facing several lawsuits involving the breach.