DataBreachToday.com

Series C Funding to Drive R&D, Fuel Vision for End-to-End Compliance Capabilities
Texas-based fraud detection startup Seon closed an $80 million Series C funding round to support its shift toward an all-in-one AML and KYC compliance platform powered by AI, as it pursues aggressive international expansion and deeper product integration.

Steganography, Mobile Marketing Attribution, Code Obfuscation Deployed for Ad Fraud
A cybercrime crew using Android mobile apps to conduct advertising fraud took unusual pains to hide its activity, concealing malicious code in downloadable digital images and holding off from infecting the subset of users who organically found their apps through the Google Play store.

Recent, Targeted Attacks Suggest Undercut Group's Claimed 'Going Dark' Retirement
Elements of the notorious ransomware collective lately calling itself Scattered Lapsus$ Hunters appear to be targeting fresh victims, including a U.S. banking organization if not the sector at large, despite a member of the group claiming it would be "going dark" and retiring.

Economic Losses of Carmaker, Suppliers Piling Up
British auto manufacturer Jaguar Land Rover will extend a production pause until late September as it enters its third week of contending with a cyber incident that forced it to shut down assembly lines across the globe.

Cybercrime Group ShinyHunters Advertises 160 Million Stolen Records
Vietnam's central bank is probing a hack attack that breached its credit reporting division, exposing personally identifiable information. The cybercrime group ShinyHunters claimed credit for the breach, advertising on a cybercrime forum 160 million stolen records for $175,000.

Live Hacking Event Offers New Insights Over Traditional Testing
In today's threat landscape, as attackers grow more sophisticated, organizations are finding that direct collaboration between ethical hackers and development teams offers advantages traditional testing methods can't always match.

Will Funding Offset Bigger Cuts Planned for Rural Health Under Big Beautiful Bill?
The Department of Health and Human Services has rolled out a $50 billion grant program to "transform" rural healthcare. The program - authorized under the "Big Beautiful Bill" - includes investment opportunities related to IT and cybersecurity. But is it nearly enough?

HyperComply's AI Automation Reduces Vendor RFP Questionnaire Work by 92%
SecurityScorecard is acquiring HyperComply to streamline third-party risk assessments with AI that automates most security questionnaire responses. The deal supports SecurityScorecard’s shift from ratings-only to a full solutions platform for mitigating supply chain risk.

Announcement Provokes Skepticism in Cyber Community
A band of adolescent hackers behind attacks against airliners, insurers and casinos in the United Kingdom and the United States on Friday said they are shutting down their operations. Scattered Lapsus$ Hunters posted a semi-coherent screed announcing a decision to "go dark."

Vastaamo Hacker Aleksanteri Kivimäki Is Free, For Now
A Helsinki court ordered the release of Finland's most notorious hacker pending the resolution of his appeal of a conviction stemming from the theft of psychotherapy records of 33,000 individuals. Aleksanteri Kivimäki was convicted last year for hacking into now-defunct psychotherapy chain Vastaamo.

Apate.ai CEO Dali Kaafar on Turning the Tables on Fraudsters With AI-Powered Bots
Major banks in Australia are now using bots to foil scammers. The bots are designed to pose as potential victims, extract real-time intelligence and waste scammers' resources. The data is then pushed directly into fraud detection systems used by banks, telecom providers and government agencies.

82 Longstanding Recommendations on Data Protection, Security Still Not Acted Upon
The U.S. Department of Health and Human Services has still not implemented 82 recommendations made in recent years involving "high risk" cybersecurity and IT management issues, said the Government Accountability Office in a new report directed at HHS' CIO and its various agency CIOs.

Malware Not Yet Deployed in the Wild, Says Eset
New malware dubbed HybridPetya spotted on VirusTotal is adding to steadily growing pile of bootkits, creating more opportunities for hackers to infect desktops before the operating system and antivirus programs load. No telemetry exists showing HybridPetya has been deployed in the wild.

Durand: Agentic Models Require Stronger Verification and Complex Access Controls
With bots and personal agents poised to reshape digital identity, Ping Identity CEO Andre Durand says organizations must harden onboarding, reimagine omni-channel strategies and deploy "verified trust services" to combat fraud and deepfakes, especially in workforce and third-party access.

Inogen's Ebenezer Arumai Discusses Cyber Risk in Advance of ManuSec Summit
Ahead of QG Media's 10th ManuSec Summit - scheduled Oct. 14-15 in Chicago - we caught up with Ebenezer Arumai, director of IT infrastructure and security at medical device manufacturer Inogen, to discuss the cyber risk challenges related to medical equipment.

Also: AI Pilot Project Purgatory, Agentic AI Commerce Fraud Concerns
In this week's update, four ISMG editors discussed cybersecurity risks for small and medium-sized businesses, why so many enterprise artificial intelligence projects stall in pilot mode and concerns over fraud with the rise of agentic commerce in payments.

Lawmaker Says Microsoft Lapses Led to Ascension Health's Major 2024 Hack
Sen. Ron Wyden, D-Oregon, is urging the Federal Trade Commission to investigate Microsoft over the software giant's alleged "negligent cybersecurity," which he says contributed to ransomware attacks on critical infrastructure sector organizations, including last year's attack on Ascension Health.