Ransomware DataBreachToday.com

Zero Trust Creator John Kindervag on Barriers to Security Success Beyond Tech
Growing executive engagement with zero trust signifies a change from technical discussions to strategic business focus. Boards now view cybersecurity as fundamental to operations and seek solutions beyond products, said John Kindervag, creator of zero trust and chief evangelist, Illumio.

HIPAA Protected Health Information Among Data Stolen in Nov. 2023 Attack
The City of Long Beach, Calif. is notifying nearly 260,000 individuals that their protected health information was potentially stolen in a November 2023 hack that also disrupted IT systems for several weeks. The city has added $1 million to its cybersecurity budget since the incident.

Salt Typhoon Exposed Major Flaws in Telecom Networks. Few Changes Have Been Made
After China's Salt Typhoon breach of U.S. telecom networks, federal experts told Congress on Wednesday the nation remains dangerously exposed to another attack - despite warnings, investigations and interagency coordination, all of which have yet to produce systemic cyber defense improvements.

Although the National Institutes of Health appears to have scaled back plans to build a national registry to track individuals with autism, the agency's research project still poses critical data privacy concerns, said Ariana Aboulafia and Andrew Crawford of the Center for Democracy and Technology.

Capitol Meridian Partners' Razi on Smarter AI Use, Strong Leadership and Diversity
Many AI models prioritize speed over security, exposing organizations to significant risks. Niloofar Razi, operating partner at Capitol Meridian Partners, stressed the need for companies to evaluate models carefully before adoption.

Energy Department Disputes Nuclear Access Breach Claims in Latest DOGE Controversy
Department of Government Efficiency staffers gained access to accounts on classified networks storing some of the nation's top nuclear secrets according a report published concurrently with a lawsuit arguing the task force is unconstitutional and lacks congressional approval.

Hot Topics Also Include Quantum Computing, Blockchains, Artificial Intelligence
Cryptocurrencies have dramatically failed to live up to their promise, to the extent that the "world would be better" without them, said cryptographer Adi Shamir at this year's RSAC Conference, during an expert panel that touched on artificial intelligence, quantum computing, blockchains and more.

Panel Discusses Views on Cryptocurrency, OT Security and Data Sovereignty
ISMG editors share highlights from Day 2 of the RSAC Conference 2025 in San Francisco, including insights from the cryptographers' panel, operational technology security awareness at the board level, and the growing focus on securing both public and private AI models.

Morgan Stanley's Keith Weiss on Economic Pressure Impact on Security Budgets
Tight budgets and data challenges are driving enterprises away from best-of-breed security solutions toward more consolidated platforms. Consolidation offers streamlined security and better data visibility and integration, said Keith Weiss, head of U.S. software research at Morgan Stanley.

New Zealand Model Brings Cyber and Fraud Teams Together to Defend Against Scammers
To help financial institutions counter crime, the FS-ISAC earlier this month introduced a major initiative: the Cyberfraud Prevention Framework. This new initiative is designed to unify cybersecurity and fraud prevention teams to more effectively protect customers and secure the enterprise.

Cyera CEO Yotam Segev on Data Security Risks From Copilot, ChatGPT, Other AI Bots
Artificial intelligence tools such Microsoft Copilot, ChatGPT and Cortex AI offer enterprises incredible gains in workplace productivity and automation, but they also pose new risks to data security to the business, said Yotam Segev, co-founder and CEO of Cyera.

Panel Shares Latest Buzz on Agentic AI, Deepfakes and Rise of Machine Identities
ISMG editors share highlights from Day 1 of the RSAC Conference 2025 in San Francisco, including the state of the economy, trends around M&A, artificial intelligence and agentic AI, deepfakes, data security posture management, enterprise and consumer browsers, and machine identities.

Analyzing Measuring What Matters, Not What Models Practice
In the frenzy to top leaderboards, AI teams optimize for benchmarks rather than genuine progress, and as a result, scores on static tests tell us more about a model's memorization tactics than its ability to navigate real world environments.

Unauthenticated Hackers Exploit CVE-2025-31324 to Upload Webshells
Threat actors are exploiting a zero-day flaw in a partially deprecated SAP tool still widely used by governments and businesses. On Friday, SAP's security division, Onapsis, disclosed that CVE-2025-31324 is "actively exploited in the wild."

Co. Is Already Facing Several Lawsuits Based on Its Much Lower Victim Estimates
Employee benefits administrator Verisource Services Inc. has told regulators that a hack discovered in February 2024 has affected 4 million individuals, up significantly from initial estimates reported last summer. The company already faces several lawsuits involving its earlier lowball estimates.

4-Day Cybersecurity Event Covers Emerging Tech, Latest Cyberthreats
ISMG Editors convened in San Francisco for coverage of RSAC Conference. Panelists shared an overview of opening-day speakers and hot topics, including the growth of AI, uncertainties in the global threat landscape, the Innovation Sandbox contest and Cryptographers' Panel session.

US Cyber Agency Denies Looming Deadlines Amid Reports of Expanded Workforce Buyouts
The U.S. Cybersecurity and Infrastructure Security Agency on Friday dismissed as false reports of a looming buyout deadline and expanded resignation offers, calling them misinformation. There is no Monday deadline, a spokesperson said.

Company Eyes Product Innovation and Strategic M&A After Rapid 30x ARR Growth
CEO Varun Badhwar says Silicon Valley-based Endor Labs will use its $93 million Series B funding to build AI-powered code security tools, boost community outreach and target key acquisitions, helping enterprises secure faster, AI-assisted software development.

Challengers Include Ex-OpenAI Staff, Geoffrey Hinton, Margaret Mitchell
A coalition comprising AI experts and former OpenAI staffers urged regulators to halt the artificial intelligence giant's plan to convert into a for-profit corporation. They contend that handing over full operational reins could dismantle safeguards to ensure AI serves humanity, not shareholders.

Tests Suggest OpenAI's Latest Model May Not Meet Alignment Expectations
OpenAI touted GPT-4.1's debut earlier this month as a landmark in instruction-following finesse, but independent testers have discovered errors that its predecessor GPT-4o appeared to handle better. The company rolled out GPT-4.1 without its customary deep-dive safety dossier.