Ransomware DataBreachToday.com

Russia, Iran and China Investing in Cyber Ops, Warns MI5 Director Ken McCallum
Nation-state actors are investing aggressively in advanced cyber operations to target government information and technology in a bid to sow "mayhem on British and European streets," warned a top British intelligence official. Russia, Iran and China are using proxies and hacking agencies.

Kivera Integrates Controls Into Cloudflare One to Prevent Cloud Misconfigurations
With the acquisition of New York-based startup Kivera, Cloudflare will enhance its Cloudflare One platform, adding proactive controls that secure cloud environments, prevent misconfigurations and improve regulatory compliance for businesses using multiple cloud providers.

Russian Nationals, Agencies Engaged in Cyberattacks, Misinformation to be Targeted
The European Council on Tuesday introduced a new sanctions framework to target Russian nationals and organizations engaged in malicious cyber activities such as election misinformation and disruptive cyberattacks. It seeks to address activities such as influence operations and hacking.

Healthcare organizations should rethink some of their approach to security, enhancing focus on insider threats, improving cyber awareness training and securing mobile applications and devices, said Ryan Witt, vice president of industry solutions at Proofpoint, discussing findings of a new study.

Parties Vow to Continue Negotiations
Time ran out for a non-binding takeover bid from the French government for the cybersecurity business of beleaguered Parisian IT consultancy Atos. Among the world's largest managed security service providers, the financially struggling firm is strategically important to the French government.

DHS Says Adversaries May Stoke Voter Fraud Fears Long After Election Day
The latest Homeland Security threat assessment lists this year’s election cycle as a top concern for 2025 and a potential trigger for domestic terrorism. The agency says foreign adversaries and violent extremists may take advantage of the outcome to further sow discord in the United States.

Settlement Addresses Claims of False Revenue Forecasts, Investor Misrepresentation
IronNet and several former executives agreed to a $6.6 million settlement, ending a class action lawsuit accusing the company of misleading investors with inflated revenue projections. The settlement aims to provide relief for investors misled by allegedly inaccurate revenue projections.

Mark Sokolovsky Admits to Felony Conspiracy Charge in US Federal Court
A Ukrainian national pleaded guilty Monday in U.S. federal court to one count of conspiracy to commit computer intrusion in connection with his role in the Raccoon malware-as-a-service info stealer criminal operation. Dutch authorities extradited him in February after arresting him in March 2022.

European Court of Justice Says Meta May Not Indefinitely Retain User Data
Targeted advertising may face additional restrictions following a ruling by the top European Union court that social media giant Meta cannot indefinitely retain user data. Nor can it use data for advertising "without distinction as to type of data," the European Court of Justice said Friday.

Illumio, Akamai Stay Atop Forrester Wave, While ColorTokens, Cisco Join Leaderboard
Illumio and Akamai remained atop Forrester's microsegmentation rankings, while ColorTokens and Cisco climbed into the leader space.The microsegmentation market has expanded beyond traditional on-premises networks to address modern public cloud workloads.

US-Sanctioned Crypto Exchange Founder Sergey Ivanov Included in Sweeping Arrests
Russia’s primary federal investigative agency announced a rare and sweeping investigation into the United States-sanctioned cryptocurrency exchange Cryptex and other platforms used to carry out illegal transactions and launder millions from ransomware groups.

Company Has Long Running Fight Against Fare Scrappers
The Irish data regulator launched an investigation into Dublin-based ultra low-cost carrier Ryanair to identify potential privacy violations related to the company's use of third-party facial recognition technology, stepping into a running fight Ryainair has fought against online ticket sellers.

FSB Hackers Stripped of 107 Domains Used to Steal Credentials
The U.S. Department of Justice and Microsoft seized more than 100 websites allegedly used by a Russian intelligence cyberespionage operation with a fondness for spear phishing. Targets include the national security apparatus and journalists, think tanks, and non-governmental organizations.

CorrectCare to Settle Lawsuit After 'Inadvertently' Exposing PHI on Web for Months
A misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records.

Also: Prison Sentences for BEC Scammers and a West African Cybercrime Crackdown
This week, AI nudify sites spread malware, BEC scammers head to prison, London man charged with hacking, and a Spanish insurance company with a breach. Also, a North Korean hacking group and a West African crackdown on online scammers. And, a Schrödinger Windows vulnerability: Is it real?

US Cyber Defense Agency Plans to Review Updated Implementation Plans in November
A top official from the U.S. Cybersecurity and Infrastructure Security Agency said Thursday the agency is planning to review updated federal implementation plans and ensure agencies are aligning with zero trust security objectives and addressing any funding gaps or technical challenges.

A 2023 Breach Exposed Personal Details of All PSNI Officers and Staff
The U.K. data regulator the Police Service for Northern Ireland 750,000 pounds following a 2023 data breach that exposed personal details of the entire workforce. The U.K. Information Commissioner's Office determined the breach occurred when police attempted to respond to two open records requests.

Naming and Sanctioning Cybercrime Syndicate Members Has Repercussions, Police Say
Western law enforcement may not be able to bust every last Russian cybercrime suspect, but newly revealed efforts against Evil Corp and LockBit reveal suspects arrested while on vacation, as well as the psychological fallout criminal syndicates face when members get named, indicted and sanctioned.

Data Leak Preceded Law Enforcement Crackdown on Group That Targets Health Sector
A clinic in Hawaii is notifying 124,000 patients that their health data was potentially compromised in a May hack. Lockbit 3.0 claims to have published the stolen records on its data leak site in June - months before global authorities this week disclosed a crackdown on the cybercrime gang.

Thrive Capital, Microsoft, SoftBank, Nvidia Reportedly Lead OpenAI's Latest Funding
OpenAI’s new $6.6 billion round of funding has nearly doubled its valuation to $157 billion. With investments from Thrive Capital, Microsoft, SoftBank and Nvidia, OpenAI plans to expand its AI research while facing pressures around executive turnover and its transition away from a nonprofit model.