DataBreachToday.com

Infoblox Researchers on Links Between Human Trafficking, Cybercrime and Gambling
Illegal gambling operations depend on trafficked individuals to perform cybercriminal activities. Threat researchers at Infoblox explain how cybercriminals use trafficked people for operations such as pig-butchering scams and leverage European sports sponsorships to boost illegal gambling websites.

Nearly 137,000 People Affected in 2023 Ransomware Attack on Maryland-Based Hospital
A ransomware attack against Berlin, Maryland-based Atlantic General Hospital that affected the personal information of 137,000 individuals in 2023 has led to a $2.25 million preliminary settlement of a consolidated proposed federal class action lawsuit.

Federal Aviation Administration Seeks Public Input on New Cyber Rules for Airplanes
The U.S. Federal Aviation Administration is seeking public comment on a proposed rule that aims to further elevate and streamline cyber regulations for future airplanes and aircraft equipment. The rule isn't intended to have a substantive effect on airliner cybersecurity standards.

Wireless Gear Shifting System Is Vulnerable to Replay Attacks
Imagine cruising down a bike path and having the gears suddenly shift without warning. Security researchers say cybercriminals could take advantage of new wireless controlled bicycle gear systems to make that happen - and cause crashes and injuries.

EY's Piotr Ciepiela Discusses Key Challenges in Implementing, Maintaining OT SOCs
Piotr Ciepiela, EMEIA cybersecurity leader at EY, discusses the challenges of securing OT systems and contrasts them with IT SOC environments. He emphasizes the need for specialized tools, dedicated personnel and strong collaboration with engineering teams to manage OT SOC operations.

Patients Still Asked to Bring Paper Records to Appointments Post-Ransomware Attack
McLaren Health Care expects IT disruptions caused by a ransomware attack earlier this month to last through the end of August. While most of McLaren's facilities are open, IT systems across its hospitals, cancer centers and clinics are still affected, including electronic medical record access.

New Version Aims to Ensure AI Safety While Keeping Its Builders Happy
California state lawmakers watered down a bill aimed at preventing artificial intelligence disasters after hearing criticism from industry and federal representatives. The bill still faces opposition from Silicon Valley and Democratic lawmakers.

Robert Boyce on Accenture's Strategy for Assessing the Behavior of Ransomware Gangs
Accenture Global Cyber Resilience Lead Robert Boyce outlines why organizations must assess the stability of ransomware groups before deciding how to respond to extortion threats. He outlines how trustworthiness of ransomware gangs can affect the likelihood of receiving decryption keys after payment.

Action1 Opts For Independence, Believes It Can Become Multi-Billion Dollar Business
Action1 has rebuffed CrowdStrike's interest in acquiring the patch management and vulnerability remediation startup for $1 billion and opted to remain independent. Action 1 has decided to turn down acquisition inquiries since the company believes it can grow into a multi-billion dollar business.

FBI Says Iran, Russia Ramping Up Influence Operations Ahead of National Vote
The FBI confirmed recent reports that Iran hacked into former President Donald Trump’s campaign, saying in a Monday statement the country was attempting "to stoke discord and undermine confidence" in the U.S. democratic process through online influence operations and other malicious efforts.

Explore the Wide Range of Categories and Services and What It Takes to Do the Job
Cybersecurity consulting encompasses a wide array of services and specialties, ranging from high-level strategic guidance to hands-on technical support. Discover the categories and learn how to position yourself as a trusted expert in the cybersecurity consulting field.

Crowded Leak Site May Be a Weakness and Fewer New Players a Sign of Higher Quality
How many ransomware victims pay their attackers a ransom precisely to avoid having their names listed - or their stolen data dumped - on a ransomware group's data leak blog? We don't know, but leak site posts don't correlate well with security firms' telemetry data.

How to Responsibly Embrace AI's Potential to Strengthen Cybersecurity Defenses
Verizon’s 2024 DBIR shows a gap between generative AI's perceived capabilities and its actual use in cyberattacks, citing skyrocketing gen AI "hype" and very low actual gen AI "mentions" alongside traditional attack types. But it's still essential for security leaders to focus on AI risks now.

Aging Technology and Rising Competition Have Created a Need for Greater Investment
The owners of eSentire are exploring a potential sale that could value the company at about $1 billion and attract the interest of private equity firms. The company is hoping to command a valuation equivalent to more than seven times its annual recurring revenue of about $150 million.