DataBreachToday.com

CyberEspionage 'Salt Typhoon' Operation Infiltrated Telcos' Infrastructure
The impact of a major U.S. national security breach attributed to China reportedly continues to expand, as investigators probe the infiltration of telecommunications infrastructure and eavesdropping on national security and policymaking officials' mobile phone communications.

Former President’s Win Could Bring Major Changes to U.S. Cyber Policy, Experts Say
Republican Donald Trump's return to the White House in January could bring significant changes to technology and cybersecurity policy in the United States, potentially reshaping federal approaches to AI regulation, industry investment and national security against rising digital threats.

Key Steps for Healthcare Organizations to Safeguard Sensitive Data
Cyber risk reduction is critical as the healthcare landscape has undergone dramatic shifts - a significant portion of the workforce has transitioned to remote work and digital services have surged, breeding new cybersecurity threats and vulnerabilities.

3 Countries Taking Different Approaches to Accountability and Victim Compensation
Governments globally are intensifying anti-scam measures, introducing new guidelines to banks, telecom providers and other key sectors to bolster security controls and mitigate fraud risks for consumers and businesses. Some new frameworks threaten to levy stiff penalties for non-compliance.

Medicare 2025 Pay Rule for Physicians Hints of Possible New Cyber Expectations
Federal regulators are again signaling that stronger cybersecurity practices could be tied to financial incentives for doctor offices that participate in Medicare. The regulatory lever may be the Centers for Medicare and Medicaid Services Merit-based Incentive Payment System.

Russian Threats Aim to Disrupt Nationwide Voting as Americans Flock to the Polls
U.S. intelligence agencies warned that Russian interference efforts are escalating on Election Day as millions of Americans cast their ballots nationwide. The Cybersecurity and Infrastructure Security Agency said it was not tracking significant threats to the vote.

CEO Rod Schultz Aims to Bridge External, Internal Data Challenges, Eyes CISO Bonds
New Bolster CEO Rod Schultz shares his priorities in combating AI-based fraud, underscoring the potential of internal data security solutions. Schultz sees Bolster’s established brand protection tools as a foundation for addressing broader enterprise data security needs and better engaging CISOs.

French Ministry Says Talks Are Ongoing to Acquire Cybersecurity Unit
French IT consultancy Atos on Tuesday announced the sale of a power grid consulting and engineering services unit days after some French lawmakers pushed for nationalizing the beleaguered company. The French government considers the company strategically important.

Nov. 7 Summit to Confront the Next Generation of Financial Cyber Risks
ISMG’s 2024 Financial Services Cybersecurity Summit kicks off Thursday in New York City, bringing together industry leaders and cyber experts to explore critical defense strategies, including digital identity protection, SecOps transformation and realistic threat simulations.

Assess Your Organization's Needs for Manageability and Efficiency Features
Choosing the right enterprise browser requires evaluating its security, productivity, manageability and efficiency features to ensure that it meets your enterprise's needs on all these dimensions. Part 1 addresses security and productivity, and Part 2 covers manageability and efficiency.

Incident Responders Say Disruptions Help, See No Spike in Median Ransom Payments
For anyone dreaming of law enforcement agencies arresting ransomware bigwigs, or intelligence agencies taking them out with drone strikes, keep on hoping. But here's good news: ransom payments haven't skyrocketed, as disruptions by law enforcement appear to be having an impact.

Testimony Request Targets Cybersecurity Concerns Raised by Ex-SolarWinds Engineer
In its fraud case against SolarWinds, the SEC is pursuing testimony from former SolarWinds engineer Robert Krajcir - who lives in the Czech Republic - to address claims of lax cybersecurity practices. SolarWinds - which is also representing Krajcir - has until Friday to respond to the SEC's motion.

Proof of Concepts Available for Cylon Aspect Energy Management Software
Vulnerabilities in a smart building energy management system including an easily exploitable, two-year-old flaw that hasn't been widely patched could let hackers take over instances misconfigured to allow internet exposure. The flaws affect Cylon Aspect software from electrical engineering firm ABB.

US Cyber Defense Agency Dismisses Claims of Fraud and Assures Secure Election Day
The director of the Cybersecurity and Infrastructure Security Agency said Monday the agency has not seen any evidence of material threats that could sway the nationwide results, despite escalating claims of fraud from the Republican presidential nominee.

Regulator Tells Regulators to Enhance Third-Party Service Security
British financial institutions must ensure by this spring that they could reasonably weather a third party tech outage on the scale of July's global meltdown of 8.5 million computers triggered by a faulty update from cybersecurity firm CrowdStrike.