BankInfoSecurity.com

Acting Director Says Agency Has Stabilized After Major Staff Losses Throughout 2025
After a year of internal upheaval and budget strain, CISA's acting director told Congress the agency is now stabilized and will launch targeted 2026 initiatives, even as lawmakers weigh steep funding cuts that could limit its cyber defense capabilities across federal networks.

IBM Survey Finds AI Strategy Now Hinges on Integration and Differentiation
The thriving enterprise of 2030 will be AI-first, not just AI-enabled, said IBM's latest Institute for Business Value. The company surveyed more than 2,000 C-suite executives in the second half of 2025. The results paint a picture of the future of digital transformation dominated by AI technology.

Berlin Readies Legislation Authorizing More Aggressive Stance in Cyberspace
Germany wants to drastically step up defenses against cyberattacks from foes such as Russia, China, Iran and North Korea, and it's looking to key ally Israel for lessons and cooperation.

CEO Nadav Zafrir Discusses Lakera and Veriti Buys, Wiz Pact and AI Strategy Shift
Check Point Software is doubling down on AI security through the acquisitions of Lakera and Veriti and platform integration with Wiz. CEO Nadav Zafrir explains how the firm is shifting from point products to a holistic approach and why it's investing heavily to stay ahead in the AI security race.

State Monitoring Incident Involving a Health Entity Worker for Potential Fraud
The Minnesota Department of Human Services is notifying nearly 304,000 people of data breach involving someone at a healthcare provider who inappropriately accessed information from an IT system managed by a vendor. State officials are monitoring the incident for potential fraud.

Findings From WEF's 2026 Report Show Shifting Cyber Priorities as AI Reshapes Risk
Cyber-enabled fraud has overtaken ransomware as the top cybersecurity concern for CEOs heading into 2026, according to the World Economic Forum's Global Cybersecurity Outlook 2026, released ahead of the Davos meeting. AI is a top emerging technology affecting both cyber risk and cyber defense.

Crackdown Targets Multiple Members of Cybercrime Group, Including 'Hash Crackers'
Police raided two suspected members of the notorious Black Basta ransomware group - tied to over 600 victims worldwide and many millions in ransom payments - in Ukraine and issued an international arrest warrant for the Russian national suspected of being the operation's founder and ringleader.

Feds Pushing HIPAA Regulated Entities to Bolster Security Risk Management
Federal regulators are advising regulated healthcare firms and their third-party vendors to harden systems, software and medical devices to better safeguard protected health information. Hardening is a necessary measure for protecting data privacy and security - as well as patient safety.

5x Revenue Growth, $1B Valuation Fuel Investment in Code Security Innovation
Backed by DST Global, Aikido Security's $60 million Series B will fund global expansion and boost its AI-powered security tools. CEO Willem Delbare said the firm's autonomous pen-testing and code remediation capability cuts cost, boosts software resilience and already outperforms humans.

eSync Alliance Chair Shrikant Acharya on How Standardization Can Prevent Breaches
Over-the-air updates are an irreplaceable part of software-defined vehicles, giving manufacturers a convenient way of remotely fixing and upgrading vehicles. If not appropriately secured, over-the-air updates can become a gateway for data theft, malware injection, vehicle theft and even injury.

AI Agent Can Access File Upload API to Exfiltrate Documents
Security researchers have demonstrated how Anthropic's new Claude Cowork productivity agent can be tricked into stealing user files and uploading them to an attacker's account, exploiting a vulnerability the company allegedly knew about.

Analysts Say Pentagon Must Add Guardrails to Musk's Grok in Military Systems
Cybersecurity analysts said Elon Musk's Grok artificial intelligence model lacks compliance with key federal AI risk frameworks, which will likely force the Pentagon to rely on containment measures while conducting adversarial testing and restricting access to prevent unpredictable or unsafe behavior when embedding the model across its systems.

Israeli Startup Novee's Custom AI Agents Mimic Human Attackers to Scale Detection
Novee launched with $51.5 million in funding to build AI agents trained to find and fix vulnerabilities. Its proprietary model combines human-led research, prompt engineering and simulations to offer scalable penetration testing as AI-fueled threats outpace traditional tools.

Suit Alleges Competitor Lets 'Shell Firms' Exploit National Data Exchanges
Electronic health records giant Epic Systems is accusing a rival health information network vendor, Health Gorilla, of enabling a syndicate of "sham" entities "masquerading" as healthcare providers to improperly access patient records from national health data exchanges in pursuit of money.

Lumen Spotted More Than 500 Command and Control Servers Since October
A major U.S. internet service provider said it's blocked incoming traffic to more than 550 command and control servers botnets identified over the past four months that administer the Kimwolf and Aisuru botnets.

Joint US, UK and Five Eyes Guidance Flags OT Exposure as National Risk
U.S. and allied cyber agencies issued new guidance warning that insecure operational technology connectivity - driven by remote access, third-party vendors and IT integration - remains a major threat vector, enabling cyber intrusions to escalate into physical disruptions.

Also, Venezuela Cyberattack, Endesa Confirms Breach and Telegram IP Leak
This week, a software flaw caused the Verizon outage. U.S. cyberattack in Venezuela. ICE identities published online. BreachForums users leaked. Spanish energy provider Endesa data breach. Telegram privacy risk. A MuddyWater upgrade. Dutch man sentenced for hacking a maritime port. A ServiceNow patch.

Funding at $1.2B Valuation to Propel Federal Market Entry and R&D in GenAI
Torq secured $140 million in Series D funding at a $1.2 billion valuation to expand its generative AI-powered security operations platform. With backing from Merlin Ventures, Torq will grow internationally, deepen AI research and pursue U.S. federal opportunities including FedRAMP certification.