Ransomware DataBreachToday.com

Unauthenticated Bugs Allow Full Remote Code Execution
Unauthenticated attackers could remotely hijack Dahua Hero C1 smart cameras by exploiting firmware vulnerabilities, Bitdefender warned in a coordinated disclosure published Wednesday. Dahua Technoloy released patches on July 7. The company is on a number of U.S. federal blacklists.

Palo Alto Has Always Shied Away From Identity and Expensive M&A. What Changed?
Less than five months after Google agreed to spend $32 billion on red-hot cloud security startup Wiz, Palo Alto Networks is on the precipice of paying more than $20 billion for PAM goliath CyberArk, The Wall Street Journal reported Tuesday. Here's why the deal represents a major pivot for Palo Alto.

145 Organizations Compromised by China-Linked Ransomware Hackers and Others
Nearly 150 different organizations' on-premises SharePoint servers have been exploited by attackers targeting the zero-day vulnerabilities now tracked as ToolShell, researchers warn. Early attacks have been attributed to China-linked groups, in some cases leading to Warlock ransomware infections.

Brazil-Targeting Malware Exploits Windows UIA to Evade Detection
A banking Trojan long confined to Brazil has become the first known malware to exploit Microsoft's UI Automation framework to extract credentials, signaling a new tactic that may evade conventional detection. Akamai's findings point to a growing trend of attackers using legitimate system features.

At Least 410,000 Patients Reported Affected, But Likely Even More Victims
Months after news first broke that a hacking incident compromised legacy patient data hosted by Cerner electronic health record servers that were set to migrate to parent company Oracle's cloud environment, data breach reports related to the hack are still slowly trickling in to regulators. What's taking so long?

New UK Law Requiring Age-Verification Measures on Porn Sites Causes VPN Use to Soar
Free virtual private network services are soaring to the top of the app charts in the United Kingdom after a new law went into effect Friday requiring platforms that contain adult content - including sites like X and Reddit - to confirm users' ages through "robust" verification measures.

Healthcare Faces Rising App-Based Ransomware Threats and Urgent Compliance Demands
Ransomware is evolving and healthcare is in the crosshairs. As apps and APIs become critical to patient care, they also open new threat vectors. Compliance alone isn't enough - organizations must act fast to close security gaps and defend against app-based attacks.

Operation Checkmate Disrupts One of the Large Russian-Speaking Ransomware Groups
An international law enforcement operation has disrupted BlackSuit, a ransomware group tied to hundreds of victims and ransom demands that exceeded half a billion dollars. The takedown occurred as security experts tracked the rise of a new group called Chaos, which may be a BlackSuit rebrand.

Attackers Stole US Customer Data Using Social Engineering
A malicious actor breached a customer relationship management platform used by Allianz Life Insurance of North America on July 16 and stole personally identifiable information of most of its 1.4 million U.S. customers, financial professionals and some employees, the company said.

Lawsuit Claims BJC Health Shared Patient Info From MyChart Portal Without Consent
A Missouri healthcare system has agreed to pay up to $9.25 million to settle a proposed class action lawsuit alleging that its use of online tracking tools in its patient portals transmitted sensitive patient information to third-party firms without the patients' knowledge or consent.

SaaS Enhancements Aim to Boost Network Detection, Response for Small Security Teams
Corelight's SaaS platform Investigator is designed to bring scalable network detection and response to smaller security teams. CEO Brian Dye says generative AI workflows and enriched network context help defenders identify threats faster and with greater confidence than ever.

Hacking Tactics Linked to Retail, Airline Compromises
The loosely connected band of adolescent cybercriminals tracked as Scattered Spider has joined the VMware hypervisor hacking bandwagon, pivoting into virtual servers through corporate instances of Active Directory. vSphere integration with Active Directory adds a yet another layer of insecurity.

State Seeks Public Input on New Reporting Rules and Regulations for Water Sector
New York State has unveiled a comprehensive set of water and wastewater cybersecurity regulations aimed at bolstering defenses for the vulnerable critical infrastructure sector, in addition to a new competitive investment program to help modernize under-resourced entities.

CEO Omer Smadari: AI Agents Now Resolving Threat Cases at Scale with Accuracy
With its Revrod acquisition, Torq is pushing deeper into autonomous threat response. CEO Ofer Smadari outlines how AI-runbooks and autopilot tech such as Socrates are reducing human workloads and helping security teams scale amid rising alert volumes and phishing attacks.

Tech Standards, Regulatory Levers Have Removed Barriers. What's Still in the Way?
Patients these days have an easier path to securely accessing their electronic health information, thanks in large part to advancements in certain technology standards and a big push by federal regulatory policies in recent years. But obstacles still remain.

OT Experts Advocate for Collaboration and "Adversary-Hostile" National Defenses
OT environments have long been bereft of their traditional shelter from cyberattacks made from hacker ignorance or disinterest. Industrial environments are forefronts for nation-state hacking, the risk heightened by global tensions and the convergence of operational technology with IT counterparts.

2021 Pysa Hack Compromised PHI of Nearly 25,000 Patients
A HIPAA breach investigation into a 2021 attack involving a variant of Pysa ransomware resulted in a $250,000 fine for an upstate New York specialty surgery practice, which also agreed to a corrective action plan that will be monitored by federal regulators for the next two years.

Also: Clorox Sues IT Vendor Over Password Blunder
This week, XSS forum admin arrested, Clorox sued Cognizant, Lumma Stealer is back, NY regulates water, U.S. maritime cybersecurity rules in effect, new Coyote banking Trojan, a hacker nabbed details of Mexico City auxiliary police, Latin America cyberattacks, and World Leaks stole synthetic data.

Sean Plankey Dodges Election Security Questions in Senate Confirmation Hearing
Sean Plankey, a former Energy Department and National Security Council cybersecurity official, faced tough questions from lawmakers about President Donald Trump's false claims of voting machine vulnerabilities and election fraud in the 2020 election during his Thursday confirmation hearing.

CEO Hitesh Sheth: New AI Offerings Boost Efficiency, Address Modern Network Needs
President and CEO Hitesh Sheth details how Vectra AI uses triage, stitching and prioritization agents to enhance SOC performance and curb alert fatigue. The network detection and response vendor is expanding AI Analyst via AWS Bedrock and integrations with Zscaler and CrowdStrike.