DataBreachToday.com

Attackers Can Employ a Vulnerable Driver to Target Most Windows and Linux Systems
Researchers are warning Microsoft Windows as well as many Linux distribution users to install updates that revoke permissions for a vulnerable driver that attackers can use to target most systems, allowing them to bypass UEFI Secure Boot and install a bootkit to take full control of a system.

UALink Crafts Alternative to Nvidia NVLink to Speed AI Accelerator Links
Device-maker Apple joined the board of a recently incorporated industry group that aims to establish open standards for directly connecting AI accelerator chip clusters in data centers. The direct connection optimizes the parallel computing and high data throughput that make GPUs efficient.

Administration Officials Say Executive Order is 'Pretty Bipartisan'
An executive order set for publication Thursday during the final countdown of the Biden administration aims to use federal purchasing power as a main lever for coaxing the private sector into better cybersecurity. The order also strengthens sanctions authority against hackers.

Working in Open-Source Intelligence: Get Paid for Something You Do Every Day
Open-source intelligence, commonly referred to as OSINT, is the collection, analysis and use of publicly available information from open sources. These sources include websites, social media, news articles, public records, forums and even multimedia content such as videos and photos.

Hackers Repeatedly Compromised GoDaddy's Web Hosting Environment
Internet registrar and web host GoDaddy agreed to two decades worth of third-party assessments over its cybersecurity practices in a settlement with the U.S. FTC. GoDaddy in February 2023 attributed a run of hacking incidents that began in 2019 to a "sophisticated threat actor group."

Cases are Latest in a Spate of HIPAA Settlements As Biden Administration Wraps Up
A medical supply firm will pay $3 million to settle issues found by a HIPAA investigation into a breach. Also, a public health system will pay $60,000 to resolve a right-of-access dispute. The cases are among the latest in a spate of HIPAA enforcement actions as the Biden administration wraps up.

US Cyber Defense Agency Was Not Initially Aware Hackers Were Part of Salt Typhoon
The U.S. federal government's first hint that Chinese hackers penetrated American telecommunications infrastructure came from telemetry on government networks, said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency.

Hackers Exploit Malicious Macros in Diplomatic Documents to Target Asian Nations
Hackers possibly from the Russian Main Intelligence Directorate have been spying on neighboring government of Kazakhstan using legitimate documents that have been booby-trapped with malicious macros. The latest campaign, dubbed "Double-Tap," emerged in October 2024.

CFP Board Members Discuss AI, Hardware Access and Emerging Trends for Nullcon 2025
Cybersecurity research submissions for the Nullcon 2025 CFP Review Board reflect prominent trends and challenges in the field. Nullcon CFP Review Board members Anant Shrivastava and Neelu Tripathi noted a growing focus on AI, supply chain and applied security.

RansomHub, Play and Akira Appear to Dominate; Numerous Newcomers Join the Fray
While ransomware groups' data-leak sites regularly lie, if taken at face value, in December 2024 they collectively listed the largest number of victims ever seen in a one-month period, dominated by RansomHub, Play and Akira operations, plus a bevy of newcomers, researchers report.

New Identity Infrastructure Streamlines Compliance Adherence in Regulated Settings
Identity management startup Orchid Security raised $36 million in a seed round led by Team8 and Intel Capital to tackle compliance challenges. The company's infrastructure addresses complex compliance and security needs for enterprises, enabling efficient application onboarding and integration.

US CISA Releases Guidance to Streamline AI Cyber Incident Information Sharing
The Cybersecurity and Infrastructure Security Agency released a playbook Tuesday through its flagship public-private collaborative to help guide public-private information sharing around artificial intelligence cybersecurity incidents while detailing federal actions to strengthen shared defense.

Threat Actor 'Codefinger' Targets Cloud Environments
A ransomware group is targeting Amazon S3 buckets, exploiting the data stored there using AWS's server-side encryption with customer keys and demanding a ransom in exchange for the encryption key needed to unlock the data. The group uses compromised or publicly exposed AWS account credentials.

Executive Order Paves Way for Data Centers on Federal Land, Clean Energy Progress
The U.S. federal government will open up sites to developers of AI frontier models to build gigawatt-scale data centers with clean energy under an executive order signed Tuesday by President Joe Biden. AI applications are expected to drive soaring energy demands well beyond 2030.

British Government Proposals Also Include Payment Bans for Critical Infrastructure
Banning ransom payments by public sector and critical infrastructure entities, notifying the government of any intent to pay a ransom, and reporting incidents to authorities comprise three counter-ransomware initiatives proposed by the British government. Which ones will pass muster?

How Cloud Security Buyers Balance Functionality, Cost, Features and Innovation
The debate between pure-play cloud security solutions and integrated platforms intensifies as the market consolidates. While pure-play vendors such as Wiz offer innovation and deep functionality, platforms such as Palo Alto Networks and CrowdStrike provide cost-effective and comprehensive options.