DataBreachToday.com

Strawberry Can Also Assist with Making Weapons that Wipe Out Humans
OpenAI claims its new artificial intelligence model, designed to "think" and "reason," can solve linguistic and logical problems that stump existing models. Officially called o1, the model nicknamed Strawberry can deceiving users and help make weapons that can obliterate the human race.

Thrive Capital, Microsoft, SoftBank, Nvidia Reportedly Lead OpenAI's Latest Funding
OpenAI’s new $6.6 billion round of funding has nearly doubled its valuation to $157 billion. With investments from Thrive Capital, Microsoft, SoftBank and Nvidia, OpenAI plans to expand its AI research while facing pressures around executive turnover and its transition away from a nonprofit model.

Justice Department Releases Cybercrime Plan, Focusing on Global Partnerships
The United States Justice Department is coordinating its cybercrime defense mission under a new strategic approach released Wednesday that aims to enhance the collection of electronic evidence, bolster international collaboration and focus on disrupting significant cybercrime actors.

AI Act General Purpose AI Rules to be Enforced in 2025
The European Commission appointed a 13 member team to draft the general purpose artificial intelligence code of practice mandated by the AI Act. The commission on Monday announced four working groups that will oversee drafting of the rules.

UK National Crime Agency Details Kremlin-Cybercrime Connection
Russian intelligence agencies tasked the notorious Russian-speaking cybercrime syndicate Evil Corp with conducting cyberattacks and cyberespionage operations on behalf of the Russian government, British police said Tuesday. Evil Corp has stolen at least $100 million from victims.

Rackspace Scrambles to Patch Zero Day Dashboard Bug
Rackspace confirmed that criminals exploited a zero day vulnerability in a ScienceLogic third-party application, forcing the cloud-hosting provider to take monitoring dashboards offline. ScienceLogic confirmed it issued a patch for the zero-day remote code execution vulnerability.

US Cyber Defense Agency’s Flagship Threat Sharing Initiative Facing Major Hurdles
Experts told Information Security Media Group the Cybersecurity and Infrastructure Security Agency’s flagship threat sharing initiative faces major logistical hurdles and may need to be replaced with a more mature approach to automated threat analysis following a damning Inspector General report.

Activist Investor Pressures Cybersecurity Firm to Pursue Operational Changes, Sale
Jana Partners has raised its stake in cybersecurity vendor Rapid7 to 13% and is pushing for the company to consider selling itself. The activist investor teamed up with Cannae Holdings and is engaged in discussions with Rapid7's management to explore operational improvements and board restructuring.

Healthcare Providers Must Revisit Endpoint Security to Mitigate Cyberthreats
Healthcare organizations have faced 21% of all cyberattacks since 2023, as cybercriminals use stolen data and operational disruptions to pressure providers into paying a ransom. Experts advise healthcare firms to move beyond EDR tools and adopt a holistic security strategy.

Nearby College's Health Sciences Center Is Also Experiencing an IT Outage
University Medical Center, a Lubbock, Texas-based public health system that includes a level-one trauma center and a children's hospital, is diverting ambulances and working to restore an IT outage affecting some patient services in the wake of a ransomware attack late last week.

Purchase Adds Advanced AI Network Detection to Logpoint's Threat Response Toolbox
Logpoint acquires Muninn to integrate its AI-based NDR technology, enhancing threat detection and response capabilities in its SIEM platform. This move supports Logpoint's mission to defend OT and ICS systems against ransomware attacks by combining visibility from networks and applications.

International Counter Ransomware Initiative to Unveil New Efforts to Combat Threats
The International Counter Ransomware Initiative is kicking off a four-day summit Monday in Washington that aims to coordinate the group’s 68 member nations around a series of global efforts designed to enhance information sharing and develop strategies to deter ransomware attacks.

Network Configuration Startup Adds Visualization Expertise to Dragos’ OT Platform
Dragos' acquisition of Network Perception will enrich its real-time network monitoring with robust visualization and configuration analysis tools. This transaction aims to bolster the security of operational technology networks and support customers in building more defensible architectures.

Newsom Says Bill Not 'Flexible' Solution to Curb Catastrophic Risks
California Gov. Gavin Newsom on Sunday vetoed a hotly debated AI safety bill that would have pushed developers to implement measures to prevent "critical harms." The bill "falls short of providing a flexible, comprehensive solution to curbing the potential catastrophic risks," Newsom said.

"Shark Tank" Star on Decision to Leave Cyderes CEO Post and Future of Cybersecurity
Robert Herjavec, outgoing CEO of Cyderes, details why he stepped down and how cybersecurity has evolved over his tenure. From identity management to the compliance role, Herjavec explains how managed services can address today’s cyber challenges and why Chris Schueler was picked as his successor.

Attackers Embrace Dating Sites and Encrypted Messaging Apps for Social Engineering
Russian military and intelligence hacking teams continue to refine their Ukrainian targeting, lately shifting to online attacks designed to support and help Moscow's military operations succeed, including social engineering schemes launched via dating portals and encrypted messaging apps.

Feds: 3 Defendants Acted on Behalf of Iran’s Military to Interfere With US Election
The United States indicted three Iranian hackers, alleging they stole sensitive data from government officials and the campaign of President Donald Trump. The hackers reportedly worked with the Iranian Revolutionary Guard to spread disinformation and manipulate the 2024 U.S. elections.

Exploitation Requires Victim to Print On Rogue Printer
Attackers can exploit a series of vulnerabilities in the OpenPrinting Common Unix Printing System utility to remotely execute arbitrary code on certain machines. Major Linux distributions reacted Friday by releasing patches. Exploitation requires a victim to attempt to print from a malicious device.

Fine Is For 2019 Disclosure That Meta Stored User Passwords In Plaintext
The Irish data regulator fined social media giant Meta 91 million euros after an investigation found the company insecurely stored passwords of millions of European Facebook and Instagram users. A Meta spokesperson said the company identified the problem in 2019 and took "immediate action."

The U.K. antitrust regulator called off an investigation into the March $4 billion deal between Amazon and artificial intelligence firm Anthropic. "Amazon’s partnership with Anthropic does not qualify for investigation under the merger provisions of the Enterprise Act 2002," the regulator said.