Ransomware DataBreachToday.com

UEFI Vulnerability Threatens Systems with Silent Compromise
Hackers could circumvent the protections of Secure Boot by silently disabling it through an attack that potentially affects a wide swath of Windows laptops and servers. Microsoft issued a patch this month and hackers would already need admin access and physical access to a target machine.

Defunct Ransomware Group's Diaspora Includes Hackers With Focus on Microsoft Teams
Based on intelligence gleaned from the leak of Black Basta ransomware messages, researchers are warning organizations to beware phishing attacks launched via Microsoft partner domains and via Teams, as well as the targeting of personal Google accounts accessed via corporate devices.

Opaque Decision-Making, Lack of Guardrails, Poor Auditability are Risks
The dream of replacing burned-out SOC analysts with autonomous AI agents is as premature as it is persistent. Cybersecurity leaders are finding that deploying such tools inside security operations centers may do less to eliminate toil than to shift it.

Ocuco and Episource Breaches Affect Health Sector Clients, Patients
An Ireland-based provider of eye care practice software and a California-based medical coding services firm have reported separate hacking incidents to U.S. and state regulators that have likely affected dozens of their clients and hundreds of thousands of people.

Analysts Warn US Infrastructure May Be Next as Iran Plans Missile Strike Response
Israel's strike on Iranian military and nuclear targets has triggered fears of retaliatory cyberattacks, with analysts warning that Tehran may escalate disruptions against U.S. and Israeli critical infrastructure through proxy campaigns, brute-force attacks or coordinated DDoS strikes.

Startup Boosts AI-Driven Detection, MSP Channel Outreach and Hiring With Series B
Guardz has secured $56 million to deepen AI-powered threat detection and enhance automation for MSPs. The Series B funding will support platform engineering, channel marketing and operational scaling as Miami-based Guardz targets a simplified and consolidated cybersecurity future.

Security Leadership in Focus - From AI Risks to Cloud Responsibility
AI fragmentation, non-human identities and nation-state threats dominated conversations at the Gartner Security & Risk Management Summit. ISMG editors discuss how the event stood out for its vendor-neutral focus and strategic discussions tailored for senior security decision-makers.

Australian Securities Commission Says HSBC Ignored Repeated Internal Warnings
Some lessons come with a price. The recent lawsuit against HSBC by the Australian Securities and Investments Commission claims the bank prioritized profits over customer safety. Despite repeated internal warnings from its own fraud experts, HSBC failed to act.

Hackers Use TeamFiltration Penetration Testing Tool
A threat actor is using the password spraying feature of the TeamFiltration pentesting tool to launch attacks against Microsoft Entra accounts - and finding success. The threat actor has targeted more than 80,000 user accounts across roughly 100 cloud tenants.

300-Person Acquisition Expands Managed Services, Adds Legal and Forensics Expertise
The acquisition of Aon’s 300-person cyber unit enhances LevelBlue’s incident response and managed security services. It brings legal experience, global coverage and new law firm partnerships to strengthen its channel strategy and customer support, said CEO Bob McCullen.

Multi-Line Insurance Company Warns Customers of Potential Scams
Erie Indemnity Company, which offers a wide range of insurance including Medicare supplements and cyber coverage, has notified the U.S. Securities and Exchange Commission that it has been responding to a cyber incident since last weekend. The company is also warning customers of potential scams.

WhatsApp CEO Says UK Request Sets "Dangerous Precedent"
Instant messaging app WhatsApp is seeking to join Apple's legal battle with the U.K. government over end-to-end encryption. Apple is challenging a Home Office order requiring the device maker to provide law enforcement with unencrypted copies of customer data.

Agentic AI Is Creating New Risks, New Career Opportunities for Cyber Professionals
If your AI agent decided to act on its own tomorrow, would your systems know who it was, what it did, and whether it had the right to do it? If the answer is no, it's time to give your new coworker a badge and a policy framework. These non-human identities are creating new career opportunities.

Andrea Isoni of AI Technologies on Certifications, Deepfakes and ISO 42001
AI misuse - from deepfakes to cyber incidents - continues to outpace regulation. Andrea Isoni, chief AI officer at AI Technologies discusses why stronger cyber laws, certification frameworks like ISO 42001 and risk-based prioritization are necessary to manage AI risks safely and compliantly.

VulnCheck's Garrity on the Uncertainty of the CVE Ecosystem and EUVD's Limitations
Funding shortages and incomplete coverage in critical vulnerability databases are increasing the risk for defenders. Patrick Garrity, security researcher at VulnCheck, discusses how data gaps and scoring confusion hinder response strategies for potential cyberattacks.

NextJenSecurity Founder Calls for Global Policy Shifts to Reduce Vulnerabilities
Governments worldwide are shifting from reactive responses to preventive strategies to tackle ransomware attacks. Jen Ellis, founder of NextJenSecurity, stresses the need for vulnerability accountability and secure-by-design policies to tackle systemic cybersecurity flaws.

Also: 5 Guilty Pleas in Cambodia-linked $36.9 Million Scam
Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, charges against a crypto firm founder in a $530M sanctions evasion and money laundering case, guilty pleas in a $36.9M scam, an $8.3M exploit of Alex Lab, and Cetus Protocol relaunched after a $223M hack.

32 Suspects Arrested Across Asia-Pacific During Interpol-Coordinated Crackdown
Interpol on Wednesday unveiled Operation Secure, an information-stealing malware crackdown that it coordinated, resulting in the arrest of 32 suspects and the seizure of over 20,000 malicious IP addresses and 41 servers tied to infostealer-fueled crime.

Researchers Turn to AI to Fix a Zombie Flaw that AI Helped Propagate
Artificial intelligence tools that inadvertently perpetuated a decade-old bug may now also help eliminate it. The path traversal vulnerability became so embedded in developer culture that it found its way into training data for today’s AI models.

Another Top Cybersecurity and Infrastructure Security Agency Official Departs
The U.S. Cybersecurity and Infrastructure Security Agency notched another high-level departure with the departure of Bridget Bean, CISA's acting director since the Trump administration took power in January. The agency lists Madhu Gottumukkala, CISA deputy director, as the new acting director.