BankInfoSecurity.com

DanaBot Used to Steal and to Spy
A top figure in the Russian cybercrime gang behind DanaBot infected his own computer with the malware, allowing an FBI agent to search an image of his system, U.S. federal prosecutors disclosed Thursday in indictments and an announced disruption of the malware's infrastructure.

BSI Cites New Technologies, Geopolitical Tensions as Key Risk Factors
Mounting decentralization and digitization put electricity grids at risk of hacking that could cause power outages, the German cybersecurity agency warned Wednesday. Technologies such as internet-connected solar power inverters and a tense geopolitical situation sparks increased concern.

Deal Aims to Target Identity and AI Risks, SaaS Blind Spots With Unified Security
By acquiring Suridata, Fortinet plans to introduce SaaS Security Posture Management to its SASE platform. The update provides end-to-end visibility into SaaS apps, identity threats and AI plugin misuse, making SSPM a vital control plane in cloud-first security strategies.

Also: Signal Blocks Recall, Europe Sanctions Stark Industries
This week, Qakbot leader indicted, Signal blocked Recall and a judge said Trump illegally removed watchdogs. Ivanti and Palo Alto hacks linked, Stark Industries sanctioned, Marks and Spencer's hack costs 300M pounds. Pro-Ukraine hackers hit a Russian clinic and an outbreak of PureRAT in Russia.

Hacker Demanded $20M Ransom to Delete Stolen Personal, Financial Information
A months-long data breach led to the theft of personal and financial information of nearly 70,000 Coinbase customers. Coinbase said the breach dates back to December and was aided by bribery schemes targeting the company's overseas customer support agents.

Cyber Education Needs to Go Beyond the Checklist to Prepare Future Professionals
AI is redefining how organizations work, learn and defend themselves. But while the tech is moving fast, training strategies meant to prepare security professionals often lag far behind. That gap is persistent, pervasive and reshaping the very nature of cybersecurity careers.

Auto Lending Sector Is Hardest Hit by Scammers Using Synthetic Identities
Synthetic identity and credit washing fraud have hit another record high and are showing no signs of slowing down, according to a new report by TransUnion. Unscrupulous credit repair companies are adding to the problem by convincing people in debt to create new identities.

Experts Pointing a Finger at Interlock Ransomware Gang for Kettering Health Attack
Ohio-based Kettering Health is in its second day responding to a cyberattack that's disrupted patient care services and downed its IT systems, including its patient portal and phones. Some cybersecurity insiders say Interlock ransomware is responsible.

'Hazy Hawk' Behind a Rash of Domain Hijackings
A hacking group with apparent access to a commercial domain name system archiving service is on the hunt for misconfigured records of high-reputation organizations in order to blast links to scammy domains. It checks the CNAME field of DNS records to see if it points to an abandoned cloud service.

Western Governments Publish Warning Over Unit 26165 Activities
A slew of Western cybersecurity agencies warned Wednesday that Russian intelligence is targeting logistics and technology companies in a prolonged hacking campaign that includes an emphasis on internet-connected cameras situated along border crossings and military installations.

User Panels and Command and Control Domains Seized
Law enforcement and Microsoft struck a blow against malware used to steal login credentials and financial data, seizing the central command structure and thousands of online domains used to control the Lumma Stealer. Lumma first appeared on Russian-language speaking cybercriminal forums in 2022.

Akamai Researchers Flag 'BadSucessor' in Windows Server 2025
An unpatched flaw in Windows Server 2025 that is "trivial" to exploit and present in the default configuration is full domain compromised, warns new research from Akamai. The flaw is present in a new account type known as delegated managed service accounts, or dMSA.

FIs Must Invest in AI-Fueled Behavioral Biometrics to Go Beyond Static Credentials
Scammers are increasingly turning to account takeover fraud, as financial institutions ramp up their defenses. Instead of luring victims into making authorized transactions, cybercriminals are bypassing them altogether, hijacking their digital identities and draining accounts from within.

Homeland Security Secretary Says Trump Budget Strengthens Cybersecurity
Senate Democrats Tuesday pushed Homeland Security Secretary Kristi Noem on the Trump administration's cuts to the cybersecurity component of the U.S. federal department she leads. Noem told senators the U.S. Cybersecurity and Infrastructure Agency will "continue to fulfill" its statutory obligations.

Scattered Spider Stole Tata Consulting Services Employee Login Details for Hack
British retailer Marks & Spencer was reportedly compromised by cybercrime group Scattered Spider using stolen employee credentials from a third-party IT company. Citing an unidentified source, Reuters reported hackers used the M&S login credentials of two Tata Consulting Services employees.

Georgia Court Allows Claims of Fraud, Trespass Over Falcon Software Update
Delta can proceed with its lawsuit against CrowdStrike over a July 2024 update that allegedly bypassed Microsoft safeguards and crashed thousands of systems. The judge found that Delta sufficiently alleged fraud, computer trespass and gross negligence, allowing key claims to move forward.

Acquisition Enhances Privileged Session Visibility, Session Replay, Granular Access
JumpCloud’s acquisition of VaultOne enhances its ability to offer secure, auditable privileged access management. With session recording, credential isolation and future integration into JumpCloud’s compliance ecosystem, the move reflects a broader identity and access strategy.

Privacy Activists Decry Loosening Record-Keeping Requirements
Privacy rights groups urged the European Commission to retreat from proposals to revise the GDPR. Europe pledged to lessen record-keeping obligations for companies with up to 500 employees so long as the data processing isn't "likely to result in a high risk."

Healthcare Providers Are Among Nationwide Recovery Service Data Breach Victims
A 2024 hacking incident at a debt collection firm has affected a growing list of clients and at least hundreds of thousands of individuals so far, including 210,000 patients of Harbin Clinic in Georgia and nearly 90,000 patients of Texas-based Vitruvian Health, also known as Hamilton Health Care.