DataBreachToday.com

Firm Folds AI Studio, Gemini API Into DeepMind; Sets up World Model Team
Google is restructuring its artificial intelligence teams and forming a new division under its DeepMind unit. Both the AI Studio team and the Gemini API team will now be run under DeepMind, a shift Google says will make DeepMind's work more accessible to the public.

Google Mandiant's Jamie Collier on the Biggest Cloud Security Challenges
To combat AI threats in 2025, security teams are set to enter the second phase of AI innovation in security by deploying semi-autonomous operations such as alert parsing, creation of high-priority item lists and risk remediation, said Jamie Collier, senior threat intelligence advisor at Mandiant.

Blender and Sinbad Were Favorites of Ransomware and North Korean Hackers
Three Russian nationals behind cryptocurrency mixers favored by ransomware hackers and North Korean crypto thieves face criminal charges in U.S. federal court: Roman Vitalyevich Ostapenko, 55, Alexander Evgenievich Oleynik, 44, and Anton Vyachlavovich Tarasov, 32.

USR Holdings Lost Electronic PHI for Nearly 3,000 Patients in Breach
A Florida-based behavioral health holding company has paid federal regulators a $337,750 HIPAA settlement for a 2018 incident involving the deletion of electronic protected health information pertaining to nearly 3,000 patients. How should other entities avoid these data loss situations?

Cado Security Deal Brings Enhanced Forensics, Automation and AI-Powered Analytics
By acquiring Cado Security, Darktrace strengthens its ability to secure multi-cloud environments. The transaction brings together Cado's forensic capabilities with Darktrace's AI analytics to deliver comprehensive threat detection and response to organizations in regulated industries.

Officials Worry Trump's Cybersecurity Agenda Could Scrap Biden's Final Cyber Orders
An executive order set to be published by the Biden administration in its waning days could offer the next White House a blueprint to counter Chinese cyberattacks, but experts fear its timing - so close to the transition of power - could make it practically dead on arrival.

Deputy Director Reflects on Term and Offers Advice to Successors
From application security to zero trust, it's been a busy four years for the current leaders of the U.S. Cybersecurity and Infrastructure Security Agency. Deputy Director Nitin Natarajan discusses the agency's accomplishments and the threats that await the next administration's cyber leaders.

Also: Penalty on Illegal Cryptomining in Siberia
This week's roundup includes Do Kwon's trial, penalty on a Siberian firm over illegal cryptomining, 2024 drainer attack statistics, U.S. bank regulator's crypto stance, Gemini's CFTC settlement, China's blockchain plans and Hong Kong's push for DLT in banks.

ActZero Purchase Adds Artificial Intelligence, Open Platform and Process Maturity
With its acquisition of ActZero, WatchGuard gains advanced machine learning capabilities and expertise to improve its MDR service. ActZero's mature processes and open platform enable seamless integration of WatchGuard products as well as third-party tools like Microsoft Defender.

Also, Alleged Gravy Analytics Breach Exposes Location Data
This week, a Russian tanker linked to cable sabotage detained in Finland, a claimed Gravy Analytics breach exposed location data, a Mirai-based botnet exploited zero-day flaws, Dell updated framework flaws and a court sentenced a Florida woman for laundering millions in romance scams.

Facebook Unveils Community Notes Program But Has Done Little to Curb Fraud
Meta has decided to end its fact-checking program. Meta CEO Mark Zuckerberg announced significant changes to the company's moderation policies and practices on Tuesday, attributing the shift to a renewed commitment to free speech. Some fear the move will embolden financial scammers.

Transfer of German Man's IP Address Wins Him 400 Euros
European privacy regulation - bane of American technology companies and a favorite cudgel of activists - came to haunt no less an organization than the European Commission, which must pay 400 euros to aggrieved German national Thomas Bindl, peeved that Facebook obtained his IP address.

US Senate Unlikely to Ratify Contentious Cybercrime Treaty Amid Mounting Concerns
Experts tell Information Security Media Group that a controversial United Nations cybercrime convention is unlikely to be ratified in the U.S. Senate due to mounting concerns from technology, human rights and privacy advocates over its potential impact on internet security and privacy protections.

Suspected Chinese Attackers Again Tied to Active Exploitation of VPN Appliances
VPN appliance maker Ivanti has begun releasing updates to patch a zero-day vulnerability being actively exploited by suspected nation-state attackers. Experts are warning users to immediately update their devices, after factory resetting them to flush any malware attackers may have installed.

Facebook Unveils Community Notes Program But Has Done Little to Curb Fraud
Meta has decided to end its fact-checking program. Meta CEO Mark Zuckerberg announced significant changes to the company's moderation policies and practices on Tuesday, attributing the shift to a renewed commitment to free speech. Some fear the move will embolden financial scammers.

Studying Backdoors in Web Shells, Researchers Find 4,000 Infected Systems
How many servers are infected by web shells designed to give attackers remote access to systems, but now "phone home" to malicious infrastructure that's now abandoned or expired? Security researchers who posed that question have counted 4,000 such systems, including in government and education.

Facebook Unveils Community Notes Program But Has Done Little to Curb Fraud
Meta has decided to end its fact-checking program. Meta CEO Mark Zuckerberg announced significant changes to the company's moderation policies and practices on Tuesday, attributing the shift to a renewed commitment to free speech. Some fear the move will embolden financial scammers.