DataBreachToday.com

Norwegian Man Tells OpenAI: I Didn't Kill My Children
A Norwegian man is peeved that a chatbot hallucinated a violent backstory for his life after seeing that ChatGPT apparently believes he's a child killer spending decades inside prison. "The fact that someone could read this output and believe it is true is what scares me the most," he said.

Health ISAC, AHA Bulletin Urges Entities to Bolster Physical, Cyber, Preparedness
Threats transmitted on social media intimating coordinated terrorist attacks on hospitals in mid-tier U.S. cities have industry authorities warning the healthcare sector to shore up physical and cyber security, as well as emergency management response plans.

Experts Weigh the Advantages and Risks of Generative Adversarial Networks
With traditional rule-based fraud detection systems and even conventional machine learning models struggling to identify these highly deceptive fraud patterns, financial institutions are exploring generative adversarial networks to enhance fraud detection.

Executive Order Shifts Cyber Responsibilities to States, Sparking Security Concerns
The White House is shifting cybersecurity risk management from the federal government to states and local agencies, marking a pivot in how Washington supports the protection of elections and critical infrastructure. Many states lack their own national security and cyberthreat intelligence centers.

'Real Danger' Alert for Unpatched Veeam Servers Attached to a Production Domain
Widely used Veeam Backup & Replication software has been patched to fix a critical vulnerability that could be abused to remotely exploit malicious code. Security experts recommend rapid patching, given ransomware and other groups' repeated targeting of the software.

Also: OKX Temporarily Suspends Services to Prevent Funds Laundering
This week, $6.1M Wemix theft, OKX suspended services, Vermont dropped Coinbase case, new RAT-targeted crypto wallet extensions, TJ Stone got prison time, Nebraska's new crypto ATM rule, Trezor disclosed a potential bug and British prosecutors charged a former police officer for 50 Bitcoin theft.

Attorney Jonathan Armstrong on AI Security, Legal Risks Related to EU AI Act
AI regulation is evolving fast, and many businesses may already be violating key provisions without realizing it. Jonathan Armstrong, partner at Punter Southall Law, warns that companies may be using high-risk AI applications without security teams even knowing.

Cyber Agency Urges Critical Infrastructure Operators to Migrate Within the Deadline
The British cybersecurity agency urged critical infrastructure operators to adapt to post-quantum cryptography by 2035 as it and other government agencies prepare for the inevitability of quantum computers capable of breaking current encryption algorithms.

Get the Most Out of Your Event by Planning, Networking and Following Up
Conference season is upon us, and there's no better time to work on your career at one or more of the major cybersecurity conferences in the United States this spring and summer. These conferences do cost money, but with a bit of preparation, you can invest in your career.

Paste-and-Run Schemes Trick Users Into Running Attacker-Provided Malicious Code
Social engineering tactics designed to trick users into installing malware, oftentimes by "fixing" a fake problem, are growing more common. Experts say a majority of these ClickFix - aka ClearFix or paste-and-run - attacks now lead to information-stealing malware infections.

Why Are Facilities Caring for the Elderly 'Targets of Opportunity' For Cybercrime?
More than a half dozen nursing homes and rehabilitation centers have reported an assortment of major hacks in the last month affecting a total of more than 130,000 individuals. What makes facilities caring for elderly and disabled patients an attractive and vulnerable target to cybercriminals?

Over 10K Exploit Attempts Recorded in a Week From a Single Malicious IP
Hackers are exploiting a vulnerability in ChatGPT's infrastructure to redirect users to malicious websites, with security researchers recording more than 10,000 exploit attempts in a week from a single malicious IP address. The financial sector has borne the brunt of the attacks.

'Dogequest' Site Provided Tesla Owners Addresses, Names and Phone Numbers
The White House slammed a website that purported to reveal the names, addresses and phone numbers of Tesla owners - unless they showed proof of selling their vehicles made by Elon Musk's car company - amid growing criticism over his efforts to sharply reduce the size of the federal government.

Agency Official Says Ex-DOGE Staffer's Data Breach Violated Security Policy
An ex-Department of Government Efficiency staffer violated Treasury rules by sending unencrypted personal data to two senior Trump administration officials without approval, raising concerns about the task force’s apparent disregard for or lack of knowledge about critical data security policies.

As uncertainty mounts about the range of cyber resources the federal government will continue to offer healthcare and other critical infrastructure sectors during the Trump administration, states will need to step up their support, said Mike Hamilton, field CISO of cybersecurity firm Lumifi Cyber.

Malicious Code Injected in reviewdog Just Hours Before tj-actions Backdoored
Just days after researchers discovered an attack that subverted a widely used tool for software development platform GitHub, they discovered a second, prior attack, as part of what one expert said may be "a chain of supply chain attacks eventually leading to a specific high-value target."

Largest Security Deal Ever Aims to Boost AI-Driven Multi-Cloud Solutions
Google Cloud plans to acquire cloud security leader Wiz for $32 billion, integrating its AI-powered security capabilities to better protect companies across multiple cloud environments. The deal reinforces protections across multi-cloud environments, including AWS, Microsoft Azure and Google Cloud.

Researchers Detail AI's Fabricated Facts in Healthcare, Discuss Solutions
Hallucinations in artificial intelligence foundation models are pushing healthcare professionals and technologists to rethink how practitioners can safely use AI. Hallucinated lab result or an erroneous diagnostic recommendation could lead to harmful interventions or missed treatments.

Doppelganger Unsuccessfully Attempted to Distort Election, UK Minister Said
A Russian government-directed foreign influence campaign unsuccessfully attempted to disrupt the 2024 U.K. elections, a British security minister told a parliamentary committee. The government identified disinformation networks linked to Russian influence campaign widely tracked as Doppelganger.