BankInfoSecurity.com

2 Firms Hit by Separate 2024 Attacks to Pay Total of $6.5M in Class Action Claims
A Nebraska-based revenue cycle management firm and a Swiss-based blood products manufacturer with plasma collection centers in the United States are the latest healthcare sector companies agreeing to pay multimillion dollar lawsuit settlements for two separate 2024 hacks affecting scores of patients.

US Cyber Defense Agency Slammed by Shutdown, Personnel Cuts and Resource Crisis
Facing major turnover, partisan upheaval and a government shutdown, the U.S. cyber defense agency is now operating at a fraction of its strength, leaving states and other entities without federal cyber support or coordination, experts tell Information Security Media Group.

Pete Harteveld Seeks to Strengthen Security Operations With Programmatic Approach
New Exabeam CEO Pete Harteveld emphasizes securing AI agents, minimizing tool sprawl and promoting defined security outcomes. His roadmap builds on recent success and aims to deliver programmatic SIEM and UEBA innovations to improve analyst efficiency and benchmarking.

Attackers Read Server Files and Steal Credentials in Gladinet CentreStack, Triofox
Hackers are exploiting a flaw allowing them to access without authentication document root folder files in file-sharing and remote-access software, where they obtain access tokens and passwords to unlock remote access to corporate file systems, warn researchers.

Medusa Ransomware Group Tied to Exploits of Now-Patched Zero-Day Vulnerability
Recent attacks targeting Fortra's GoAnywhere managed file transfer software exploited a "limited" number of customers who set their on-premises installations to have an administrative console publicly exposed to the internet, which the vendor recommends customers never do.

AI Actions Bypass Security Tools
Artificial intelligence-powered browsers could expose enterprises to data theft, malware distribution and unauthorized access to corporate apps, new research shows. AI browsers built to complete tasks autonomously lack the security awareness to verify whether an instruction is safe.

Also: Shutdown's Ripple Effects on Healthcare, Mounting Threats to Aging OT Systems
In this week's update, four ISMG editors discussed the fallout from the U.S. federal shutdown and the impact on state and regional cyber offices, the knock-on effects for healthcare, and the growing cyberthreats facing aging operational technology environments.

Akira Ransomware Hackers Targeting SonicWall Devices
Firewall maker SonicWall said Friday all customers who used its cloud backup services are at increased "risk of targeted attacks" following a recent cyberattack. The California firm in September disclosed that unidentified hackers launched brute-force attacks against servers storing backup files.

Also, a Renault Breach, WhatsApp Malware and Qilin Claims Asahi Attack
This week, insurer cybersecurity spending, a Renault breach, a WhatsApp malware campaign in Brazil. Germany skeptical of Chat Control. Two UK teens arrested for ransomware attack. Qilin claimed the attack on Japan's Asahi. Hackers weaponized Nezha. An Invoice data breach exposed personal records.

Australian Clinical Labs Ordered to Pay $5.8M in Data Theft at Medlab Pathology Unit
An Australian court has fined a medical lab $5.8 million for cybersecurity failures leading up to - and following - a 2022 cyberattack that affected 223,000 patients. The penalty marked the first time Australia has levied a civil monetary fine for violations of its Privacy Act of 1988.

Pentera-DevOcean Platform to Deliver Unified Attack Simulation and Remediation
Pentera has acquired DevOcean to close a major operational gap in threat resolution. With AI-based prioritization and remediation orchestration across over 100 tools, Pentera is building a unified platform to address both attack simulation and fix deployment.

Researcher Found Bug Could Exfiltrate Secrets Via Camo Images
A now-patched flaw in GitHub Copilot Chat could have allowed attackers to steal private source code and secrets by embedding hidden prompts that hijacked the artificial intelligence assistant's responses. The exploit also used the code hosting platform's image proxy to leak the stolen data.

Criminals Behind Salesloft Breach Continue to Target Salesforce-Using Customers
Customer relationship management software giant Salesforce has directly notified customers that it won't be complying with ransom demands issued by the data-stealing crime group ShinyHunters, which continues to pressure Salesforce-using customers who fell victim to the Salesloft breach.

Signs Point to Multiple Exploit Chains, One Including a Zero-Day, Being Employed
Data-stealing attacks targeting Oracle E-Business Suite, for which an affiliate of Russian-speaking Clop ransomware group is claiming credit, appear to have begun by August and involved multiple attack chains, of which one targeted a zero-day vulnerability, report Google threat researchers.

Also: Shibarium Plans to Reimburse Victims, $1.8M Abracadabra Hack
This week, hackers stole $21 million from SBI crypto, Shibarium planned reimbursement for $4 million bridge exploit victims, Abracadabra lost $1.8 million in a hack and North Korean threat actors have set a new record stealing $2 billion this year so far.

Risk and Compliance Review Professionals Can Save Millions and Help Avoid Breaches
Risk and compliance review requires more than just checking off boxes. It involves understanding what the fine print reveals about how a vendor protects data, manages incidents and upholds contractual obligations. Professionals who review contracts become trusted voices in procurement and security.