Ransomware DataBreachToday.com

Spy Agency Says Taiwanese Defense Ministry Is Trying to Disrupt Chinese Politics
China's Ministry of State Security has accused a Taiwanese government agency of waging cyberattacks on the mainland's digital assets across multiple organizations and running disinformation campaigns on social media to disrupt the political system and sow social discord.

Series C Funding to Fuel Generative AI Integration and AI-Powered Threat Detection
The funding will enhance generative AI technologies that streamline security operations and provide autonomous threat investigation, alongside plans for broader U.S. and European market penetration.

Lehigh Valley Health Network Will Pay 134,000 Victims of Ransomware Attack and Leak
A Pennsylvania-based healthcare system that was hacked by ransomware group BlackCat in 2023 and extorted over stolen exam photos of breast cancer patients posted to a data leak site has agreed to pay $65 million under a proposed settlement of a lawsuit affecting 134,000 patients and employees.

Attackers Could Shut Down Operations Or Cause Physical Damage
A severe vulnerability in Rockwell Automation software used to configure programmable logic controllers could allow attackers to remotely execute malicious code. The vulnerability is rated 8.8 on the CVSS v4 scale. The U.S. Cybersecurity and Infrastructure Security Agency advised immediate patching.

Austria, Estonia, Lithuania and the Netherlands Join the Coalition Formed in March
Four more European Union nations have joined a United States government-led initiative lanched in March to tackle spyware misuse globally. The move came amid growing criticisms of the European Commission's failure to curb the EU's prolific spyware market.

Embattled CEO Pavel Durov Says Telegram Will Released IP Addresses, Phone Numbers
Embattled Telegram CEO Pavel Durov signaled a more cooperative relationship with law enforcement, telling users Monday the messaging service will provide IP addresses and phone numbers "in response to valid legal requests." Durov faces criminal charges in France.

Why Cybersecurity Is a Public Imperative
Data is one of the most valuable assets in today's digital age. Cyberthreats come in many forms, such as phishing attacks, ransomware, data breaches and malware infections, and failing to protect your data can cause severe financial, reputational and operational damage.

It's yet to be determined whether a handful of states or the federal government will lead the charge in adopting comprehensive regulations involving the use of artificial intelligence in healthcare, said regulatory attorney Betsy Hodge, a partner in law firm Akerman.

Not Yet Compatible: Many Third-Party Endpoint Security, Authentication, VPN Tools
Multiple makers of third-party Apple security tools, including CrowdStrike and SentinelOne, are warning users not to upgrade to the new macOS 15 Sequoia, pending needed OS bug fixes. Users have also reported seeing problems with third-party VPNs crashing and single sign-on tools failing.

CyberEdBoard Members and ISMG Editors on Incident Response, AI and Defense Trends
This week, CyberEdBoard members Jon Staniforth and Helmut Spöcker joined ISMG editors to unpack the hot topics at ISMG's London Cybersecurity Summit 2024, including ransomware lessons learned, AI trends and the growing importance of continuous learning and resilience in the cybersecurity industry.

Hacktivists Are Likely to Increasingly Adopt Cybercrime Tactics, Report Says
Ransomware hacks and self-declared hacktivist denial-of-services attacks were the most prolific threat to European Union members over the 12-month period ending in June, the EU cyber agency warned, adding that the nexus between nation-state hackers and hacktivist groups poses an emerging threat.

Experts Say Feds May Face Cost and Timeline Challenges in Quantum Readiness
The United States is preparing for an age of quantum computing as federal agencies roll out initiatives designed to boost "quantum readiness" and as experts warn the government may face issues that delay its ability to defend against a future of advanced threats enabled by the emerging technology.

Also: A Phishing Network Takedown, Another Ivanti Critical Flaw and Meta Bans RT
Munich Re said it can't insure cyberwar, it was Rhysida that hit the Seattle airport, Meta banned RT, Ivanti disclosed a flaw, hackers exploited construction software, AT&T settled with FCC, Transport of London is checking users, web servers pose big risk, and police disrupted a phishing network.

Microsoft Says Russia-Linked Cyber Actors Are Supporting Trump by Attacking Harris
Microsoft warned the Kremlin is targeting the 2024 presidential election campaign of Vice President Kamala Harris with its wide-ranging election interference operations. Russian groups likely aligned with the Kremlin have shifted their focus to the Harris campaign in recent months.

Riverwood Capital Leads Investment in Security Validation Firm to Grow in Americas
Picus Security has received $45 million in funding led by Riverwood Capital. The investment will accelerate product development in exposure management, including attack surface management and automated pen testing. The company plans to expand further in the Americas, targeting key growth areas.

German Law Enforcement Reportedly Deanonymized Tor User in 2021
The Tor Project on Wednesday reassured users that they will remain anonymous after media reported that German police successfully used Tor to trace the alleged administrator of a child pornography site. Tor users can continue to use the browser "securely" and the "Tor Network is healthy," it said.

No OpSec Measure Is Bulletproof to the Effects of a Corrupted Supply Chain
Secure communications in an age of network insecurity has focused mostly on encryption and fears of surveillance tracking. But as this week revealed to the dismay of terrorists and criminals alike, no OpSec measure is bulletproof to the effects of a corrupted supply chain.

As threat actors continue to evolve their attacks to circumvent security measures, cyber insurers are raising the bar for prospective healthcare security clients. Underwriters are increasing their scrutiny and adding new coverage requirements, said Chris Henderson of cybersecurity company Huntress.

Essen Health Care's Hiren Dave Makes the Case for Integration of CIO-CISO Roles
As cloud computing, DevOps and automation continue to evolve, the lines between IT functions are fading, making security integral to these processes. Hiren Dave, CIO and CISO at Essen Health Care, shares how combining the roles of CIO and CISO improves risk management and communication.

EVP Johan Gerber on How Threat Intelligence Can Prevent Fraud, Protect Payments
Mastercard's proposed purchase of Recorded Future for $2.65 billion will bring advanced threat intelligence into its payment systems. EVP Johan Gerber explains how this move improves fraud detection and prevention and strengthens Mastercard's cybersecurity in an evolving digital payments landscape.