Ransomware DataBreachToday.com

Despite Cisco's Cyber Struggles, the Perks of Offering Asset Management Are Clear
Cisco is eyeing what would be its third-largest cybersecurity acquisition ever, Calcalist reported: a $2 billion buy of New York-based asset management vendor Axonius. The Israeli business publication said Sunday the two sides are in advanced negotiations. Axonius denied the Calcalist report.

More Than 100,000 Affected by Hack Detected on Dec. 30
The New Zealand government is probing a year-end ransomware hack of private healthcare service provider Manage My Health that impacted thousands of patients. Digital extortion group Kazu has claimed responsibility and threatened to leak the data on Jan. 15 unless it receives a $60,000 ransom.

Paper Traces Pandemic-Era Spike in Attacks
One way to look at the novel coronavirus pandemic: A societal experiment in how an oft-overlooked yet essential element of secure networking would stand up to an exploding user base. Unsurprisingly, the rapid uptake of virtual private networks by companies suddenly managing a remote workforce came with significant security costs.

Ransomware Gang Qilin Had Claimed It Stole 852 GB of Health System's Data
Nearly half a million patients of a Catholic healthcare network that serves New England and parts of Pennsylvania began the new year by receiving notifications that hackers may have stolen their health information in a May 2025 hacking incident.

Experts Say Grid Disruption Amid Venezuela Operation Signals Cyber's Expanding Role
Uncertainty surrounds a Caracas blackout that coincided with a U.S. raid to capture Venezuela President Nicolas Maduro, with analysts weighing the plausibility of U.S. forces using cyber as a tool in layered, covert action amid the historic operation.

Cyber Command Involved in Strikes on Caracas
Here's what we don't know: Whether the Caracas grid outage triggered by the U.S. incursion was caused - or at least aided - by a cyberattack. A coordinated attack involving a cyber component against an adversarial electrical grid wouldn't be unprecedented.

Investors Increasingly See Each Security Technology Category as Winner-Take-All
The chasm between the cyber "haves" and cyber "have nots" widened in 2025, with most large security companies recording stock price gains while smaller companies logged losses. Of the 11 public cyber vendors with valuations exceeding $14.9 billion, the stock price rose for nine of those companies in 2025.

Visibility Gaps Increase the Risk of Certificate-Driven Outages
Moving to 47-day TLS and SSL certificate renewal cycles by 2029 will turn certificate management into an enterprise risk. "Automation and crypto-governance are now board-level imperatives. Enterprises can prepare for continuous renewal cycles without losing resilience," says Sectigo CEO Kevin Weiss.

Also: Leadership Decisions Shaping Cybersecurity in 2026
Security leaders are heading into 2026 facing growing pressure from AI-driven risks, limited resources and an increasingly complex threat landscape. Sean Mack, who leads ISMG's CXO Advisor practice, joined ISMG editors to discuss how these forces are reshaping security.

Insurer's Hack Could Rank as Largest US Health Data Breach Reported in 2025
Supplemental health insurer Aflac is notifying 22.65 million people whose sensitive health and personal information, including Social Security numbers, was potentially compromised in a June data theft incident. The incident will likely rank as the biggest U.S. health data breach reported in 2025.

The Campaign Compromises Open-Source Vulnerability to Hack IoT Devices at Scale
Security firm CloudSEK has uncovered a botnet campaign that is exploiting the React2Shell vulnerability in the Meta-developed, open-source React framework across a variety of devices since December. The security firm attributed the campaign to RondoDox.

Systems Thinking, Not Tools, Increasingly Separates Senior Talent From Peers
The Six Degrees of Kevin Bacon game shows how quickly distance disappears once connections are traced. Cybersecurity careers work the same way. Advancement depends on understanding how your work connects to indirect risk, supply chain failures and business outcomes beyond your role.

Ransomware Attackers Grabbed Customer Data Stored by Marquis Software Solutions
More financial services firms are reporting breaches of customer data that trace to an August ransomware attack against Marquis Software Solutions, which provides marketing and compliance software used by over 700 banks and credit unions. At least 1.4 million consumer appear to be affected.

Experts on Cyberattacks, Deepfakes, AI and Geopolitical Strife in the Year Ahead
Cyberattacks, nation-state hacking and geopolitical shifts dominated 2025, but the year will also be remembered as a turning point - where AI blurred the lines between real and fake and AI agents introduced new enterprise risks. Our panel of experts discusses the top 10 trends to watch in 2026.

Finnish Border Guard Seize Cargo Ship Suspected of Causing Disruption
Finnish police on Wednesday seized a cargo ship sailing from Russia suspected of rupturing an undersea telecommunication cable connecting Helsinki to Estonia, a region of the Baltic Sea that is the site of a slew of suspected Russian cable sabotage incidents.

A Look Back at 3 Key Identity Fraud Trends in 2025
Fraudsters stick to the basics, because the basics work. Synthetic identities, fake accounts and tried-and-tested account takeovers still work, even in an age of artificial intelligence-related threats. Scammers are happy to keep on stealing the old-fashioned way.

Large language models have a well-earned reputation for making things up. But for AI cybersecurity architect Erica Burgess, rather than being a bug, GPT hallucinations can be a threat-modeling feature. "I like to think of the hallucinations as just ideas that haven't been tested yet," she said.

Jason Rolleston: Unified Agent and AI Aim to Boost Midmarket Security Capabilities
Broadcom's integration of Symantec and Carbon Black promises a unified single-agent framework and AI-enhanced threat detection to help small and mid-market businesses defend against sophisticated cyberthreats with limited resources, said Broadcom's Jason Rolleston.

Patches Issued for MongoBleed as Ransomware Groups Target Flaw to Steal Data
Tens of thousands of internet-exposed MongoDB databases are at risk as attackers actively target a critical vulnerability in the software to steal sensitive data, with ransomware groups having joined the fray, researchers warn. MongoDB has issued patches and mitigation advice.

Americans Extorted at Least 5 Firms, Earning $1 Million From a Medical Device Maker
Two American cybersecurity professionals who moonlighted as BlackCat ransomware gang affiliates pleaded guilty to using the crypto-locking malware to extort at least five victims in the United States, including a medical device maker that paid a cryptocurrency ransom worth over $1 million.