Ransomware DataBreachToday.com

Majority of Attacks Target Operational Technology Networks
Exploitation attempts against a severe vulnerability in a runtime system widely deployed in operational technology environments spiked globally in the days after open-source maintainers of the Erlang/OTP project published a patch. Attackers could take full control of systems.

Coinbase's Philip Martin on How Attackers Are Spending Months on Crypto Exploits
"The attackers are willing to invest time, effort and expense in attacking cryptocurrency companies because that's where the money is," says Philip Martin, chief security officer at Coinbase, warning that defenders must stay agile to counter increasingly targeted and sophisticated threats.

City Refuses to Pay Ransom; Employees Report to Arena to Reset Passwords in Person
The Minnesota city of St. Paul continues to respond to a ransomware attack, with the mayor saying it will pay no ransom. Instead, it's restoring systems from backups and verifying employees' identity at a centralized location before resetting their passwords.

Philippe Laulheret of Cisco Talos on Vulnerabilities in ControlVault Firmware
Security flaws in Dell's ControlVault firmware allowed attackers to run code on the chip, extract stored secrets and alter its behavior. By chaining these exploits, they could send malicious data to Windows components, said Philippe Laulheret, senior vulnerability researcher at Cisco Talos.

Honeywell's DeLuccia Offers Practical Steps to Address Barriers to AI Adoption
Organizations struggle to implement AI at enterprise scale because of basic fears that extend beyond technical issues. It often comes down to fundamental questions about the nature of AI and organizational accountability. "If I turn it on, am I liable for it?" asks Honeywell's James DeLuccia.

Midnight Blue's Jos Wetzels on TETRA's Design Flaws and Probable Attacks
Researchers found encryption weaknesses and design flaws in TETRA, the radio system used by law enforcement and critical infrastructure, that allow interception and malicious traffic injection. Midnight Blue's Jos Wetzels says exploiting these flaws could disrupt essential services.

$2,700 Is the Average Price for Initial Access to a Victim, Plus Privileges
Why hack, when hackers are willing to sell guaranteed access to breached networks? More and more cybercrooks agree they'd rather outsource than bother with the tedium of actual network penetration, leading to a flourishing initial access market.

Clinical Diagnostics Lab Hack Among Latest Recent Cyberattacks in the Netherlands
A Dutch population health research agency is notifying 485,000 participants of a cervical cancer screening program of a hacking incident at a clinical diagnostics laboratory that potentially compromised patients' personal and health information, including lab test results.

RomCom Group Deployed SnipBot, RustyClaw and Mythic Agent Variants
A Russian speaking hacking group is exploiting a zero-day flaw in WinRAR, a sign of the group's growing sophistication and evolution from a cybercrime outfit into a cyberespionage operation. The campaign exploited a vulnerability now tracked as CVE-2025-8088, a path traversal vulnerability.

NIST's Apostol Vassilev Explains Need for Dynamic Response, Not Static Testing
As AI models grow in scale and power, leading to even more unpredictable outcomes, security teams are grappling with how to defend technologies that some experts can't begin to fully comprehend. Cyber response teams are exploring the practice of continuous red teaming, said NIST's Apostol Vassilev.

Tokio Marine HCC Targets Vulnerabilities Before They’re Exploited
With ransomware incidents at record highs, Tokio Marine HCC integrates dark web monitoring, vulnerability scanning and incident data into its underwriting process to help clients close gaps and lower the chance of costly breaches.

At Least 918K Affected in 2024 BianLian Data Theft Attack
A New York-based pediatric practice and its managed services vendor have agreed to pay $5.15 million to settle a proposed class action lawsuit stemming from a 2024 data theft attack affecting more than 918,000 people and allegedly carried out by cybercrime gang BianLian.

NCSC-NL Says Hack of Citrix NetScaler Flaw Also Targeted Critical Infrastructure
A preliminary assessment by the Dutch NCSC into a suspected Russian hacking campaign has concluded that more than one group likely carried out the May breach of the country’s law enforcement network. Investigators say hacks of Citrix NetScaler flaw also targeted critical infrastructure.

What Makes Timely and Accurate Breach Reporting So Difficult for Some Organizations?
An Illinois-based brokerage firm that works with employers, businesses and consumers to obtain various types of insurance coverage is notifying nearly 156,000 people that their protected health information was compromised in a data theft hack that occurred more than a year ago. Why the delay?

ENISA's Laura Heuvinck Shares Index Findings, Implications for EU Cybersecurity
In the latest EU Cybersecurity Index, member states scored an average of 64.51 out of 100, reflecting a moderately strong level of preparedness for cyber incidents. ENISA's Laura Heuvinck breaks down the findings and key areas for improving Europe's cybersecurity posture.

Telecom May Face Up to $2.22 Million Per Violation in Fines
The Australian privacy watchdog sued Optus, saying the country's second largest telecom failed for years to protect sensitive customer data breached during a September 2022 incident affecting nearly 10 million people. The regulator said Optus faces a potential fine of up to AU$21.9 trillion.

CEO Nick Schneider Says Cylance Integration Expands Security Platform Value
Roughly half of clients adopting Aurora endpoint security are replacing older, legacy endpoint solutions, while the other half are swapping out or augmenting next-gen endpoint tools, said CEO Nick Schneider. Arctic Wolf's security operations in Cylance's technology has created a unified platform delivering more than standalone endpoint protection.

CEO Yevgeny Dibrov Says Otorio Acquisition Positions Armis for Strong Growth
Armis CEO Yevgeny Dibrov outlines how the Otorio acquisition is driving OT security advances, enabling on-prem deployments and secure remote access. He also details AI's role in defense, Nvidia collaborations and upcoming products to expand the cyber exposure management suite.

Also: US Cyber Grants Are Dwindling; Hybrid Threats Renew Focus on OT Resilience
In this week’s update, four ISMG editors examined the voice phishing attacks linked to the Google and Cisco breaches, the funding gap in U.S. cybersecurity support for local governments and the implications of hybrid warfare on operational technology resilience.

Firm Says Latest Model Hallucinates Less, Scores Better on Benchmarks
OpenAI's unveiling of its latest and newest model arrived wrapped in the big-claim language now standard in the generative artificial intelligence race. The company calls GPT-5 its "smartest, fastest, most useful model yet," but in 2025, those superlatives are table stakes.