BankInfoSecurity.com

One of the most important lessons emerging in 2024 for the healthcare sector is that entities should diligently prepare contingency plans for potential cyberattacks that seriously disrupt their critical third-party vendors, advises regulatory attorney Betsy Hodge of the law firm Akerman.

CEO Roey Eliyahu on Using AI to Simplify API Security
Salt Security CEO Roey Eliyahu highlights innovations such as Pepper, an AI-based assistant for API discovery and rapid threat response. The platform helps reduce expertise requirements and simplify API security through governance automation and advanced analytics.

Key Focus Areas for Cybersecurity Professionals in 2025
As we enter 2025, the cybersecurity landscape demands more than just maintaining the status quo. New threats, evolving technologies, and heightened regulatory scrutiny require professionals to set clear resolutions that sharpen their abilities and expand their impact.

InfoSec Officer Shervin Evans on Preparing Organizations to Withstand Cyberthreats
Cyber resilience takes a broader approach, emphasizing the ability to withstand, recover and adapt to cyber incidents. The article explains the key components of cyber resilience, its importance and how organizations can implement it to build stronger defenses.

Washington and Nevada were among states enacting new data privacy laws in 2024, and that trend among states will likely continue into 2025 as the next presidential administration comes into office promising to reduce federal regulations, said attorney Melissa Crespo of law firm Morrison Foerster.

Blackpoint Cyber CEO Jon Murchison on MSP Cloud Identity Risks
With a 30-to-1 ratio of cloud to on-premises attacks, Blackpoint Cyber CEO Jon Murchison stresses the importance of enhanced identity detection and AI-driven solutions. He also outlines strategic moves for managed service providers to align with Microsoft’s ecosystem.

Cybercriminals Say They Hacked 66 Companies
The Clop cybercriminal group is threatening to make public the companies swept up by its mass hacking of managed file-transfer software built by Cleo Communications. In a Dec. 24 update to its dark web leak site, Clop asserted it has "data of many companies who use Cleo."

New Framework in o3 Models Aims to Better Align With Human Safety Values
OpenAI says its latest o3 series is the most advanced and safest of its "reasoning" AI models yet. The company says the new models take a fresh approach to safety via the deliberative alignment framework, rely more on synthetic data and outperform peers in resisting jailbreaking efforts.

About 75% of healthcare sector entities that suffered a ransomware attack over the past year were targeted on a weekend or holiday, highlighting the need for organizations to bolster staffing and related strategies during these vulnerable times, said Jeff Wichman of security firm Semperis.

Researchers Trace 61% of Known Losses This Year to Pyongyang-Backed Hackers
Hackers tied to North Korea's cash-strapped totalitarian dictatorship this year stole a record amount of cryptocurrency, totaling $1.34 billion across 47 incidents, or about double their known haul for 2023, reported blockchain analytics firm Chainalysis.

Infrastructure Problems Blamed; Users Appear to Move to Similar FlowerStorm Service
As the end of the year approaches, it's out with the old and in with the new as researchers report that Rockstar 2FA, which once facilitated prolific phishing-as-a-service hits, has crashed and burned, apparently leading many one-time users to move to rival FlowerStorm.

AI Can Fake Alignment to New Instructions to Avoid Retraining
Advanced artificial intelligence models can feign alignment with new training goals while secretly adhering to their original principles, a study shows. Alignment faking isn't likely to cause immediate danger but may pose a challenge as AI systems grow more capable.

Major Chinese Router Manufacturer Facing Increased Scrutiny After Chinese Espionage
U.S. authorities have launched multiple investigations while reportedly considering banning the widely popular Chinese-manufactured TP-Link routers amid ongoing security risks linked to Chinese cyberespionage and hacking campaigns targeting American critical infrastructure sectors.

Heap Overflow Flaw Threatens Industrial Control Systems Globally
Siemens issued a security advisory for a vulnerability affecting industrial control systems in its User Management Component that could enable attackers to execute arbitrary code. The heap-based buffer overflow flaw impacts products used in manufacturing and the energy sector.

Government Shutdown Could See Thousands of Federal Cyber Workers Furloughed
A looming shutdown could sharply reduce the Cybersecurity and Infrastructure Security Agency's operations, furloughing two-thirds of its workforce and exposing critical federal networks to heightened cyber threats, especially as malicious actors target vulnerable systems during the holiday season.

Looking Back on the Ransomware Attacks, Resilience Lessons and Tech Trends
In the latest weekly update, ISMG editors discussed defining cybersecurity moments of 2024, from the CrowdStrike outage and its implications for vendor resilience to ransomware's continued evolution, and the shifting dynamics in the tech industry affecting startups and M&A activity.

US Seeks Extradition of Dual Russian and Israeli Citizen Rostislav Panev from Israel
A newly unsealed U.S. federal indictment against Rostislav Panev says the LockBit ransomware operation paid the Israeli national a $10,000 monthly salary for coding and consulting services. Federal prosecutors are seeking Panev's extradition from Israel following his August arrest.

Infoblox CEO Scott Harrell Pushes Unified Strategy Amid Hybrid Cloud Convergence
Scott Harrell, CEO of Infoblox, explores the convergence of network operations, security operations and cloud operations to tackle hybrid infrastructure complexities. He introduces Universal DDI and emphasizes a shift toward proactive threat management to counter AI-driven malware.

Feds Warn That Connected Devices Are Prey for Cyberattackers
The security of medical devices has been getting most of the attention from regulators in recent years, but other devices that make up the medical internet of things and operational technology systems are also vulnerable to cyberattacks, federal authorities warned in a new advisory.