DataBreachToday.com

Normalyze’s AI-Powered DSPM Technology Boosts Proofpoint’s Data Visibility, Control
Proofpoint will acquire DSPM startup Normalyze to strengthen its data security offerings across cloud, SaaS and hybrid environments. The company aims to give security teams enhanced visibility, control and human-centric risk reduction for sensitive data across complex infrastructures.

Foreign Minister Tajani Condemns Conspiracy as 'Threat to Democracy'
The foreign minister of Italy condemned Monday as a threat to democracy the private investigation firm that prosecutors in Milan say illegally accessed government databases for years to assemble illicit dossiers. Four individuals are under house arrest.

Foreign Influence Campaigns Intensify as Experts Tout Election Security Upgrades
More than 50 million votes have already been cast in the 2024 United States presidential elections, but new reports indicate the cyber and physical threats continue to escalate - with potential implications that could extend well beyond Election Day.

Scaling Business Often a Challenge in the Country, Experts Told Lawmakers
Dependence on foreign capital in the United Kingdom for investments into artificial intelligence will stymie British technological progress, a parliamentary committee heard Tuesday. An absence of capital makes it hard for British firms to scale operations, said Michael Holmes, CEO at Scale Space

Strategies for Safeguarding Data and Reputation at Financial Institutions
In today's increasingly digital world, trust isn't always easy to come by. Businesses no longer have complete control over their technology stack. Instead, they rely heavily on third-party solutions, applications and products to keep operations running smoothly. But those third parties pose risks.

When a large hospital in an urban area is shut down by ransomware, the disruption can be significant, but when a rural hospital faces a similar cyber outage, the impact on patient safety and the community can be extreme, said Nitin Natarajan of the Cybersecurity and Infrastructure Security Agency.

Academics Build AI Agent With OpenAI to Execute Phone Scams at Scale
Hackers can use OpenAI's real-time voice API to carry out for less than a dollar deepfake scams involving voice impersonations of government officials or bank employees to swindle victims, said researchers at the University of Illinois Urbana-Champaign.

Forrester's Cody Scott on Why 2025 Will Be Pivotal for Security Leaders
Forrester's 2025 Predictions for Cybersecurity, Risk and Privacy report forecasts that security leaders will scale back generative AI investments by 10%. AI productivity gains have fallen short of expectations, forcing CISOs to reprioritize budgets and reassess gen AI’s role in security operations.

Series D Funding on $4.2B Valuation to Support OT, Medical Device Security Growth
Armis has closed a $200 million Series D funding round on a $4.2 billion valuation to drive growth in cyber exposure management with a focus on acquisitions and federal expansion. CEO Yevgeny Dibrov says the funds will accelerate Armis' work in operational technology and medical device security.

US Treasury Issues Regulations Restricting Investments in Foreign Semiconductors, AI
The U.S. Department of Treasury published final regulations Monday for investors planting dollars abroad that aims to restrict investments from the United States into sensitive technologies developed by foreign adversaries while continuing to ensure open investments practices remain intact.

Cops Recover Redline, Meta Infostealer Data; Promise Criminal Users: 'See You Soon'
The Dutch National Police, working with the FBI, say they've disrupted the Redline and Meta info-stealing malware services after obtaining "full access" to them, including source code and extensive details pertaining to their users, with follow-on "legal actions" now "underway."

Hackers Backdoor Software Libraries to Deliver Malware
Security researchers found backdoored software packages in the NPM software library, apparent evidence of an ongoing campaign by North Korean hackers to social engineer coders into installing infostealers. Pyongyang hackers have a history of bizarre methods for stealing money.

Top Tier Capital, HarbourVest Support Concentric's Path to Autonomous Data Security
Supported by Top Tier Capital Partners and HarbourVest Partners, Concentric AI’s $45 million Series B funding round will drive product innovation in identity governance, risk monitoring and data breach investigation - critical areas for enterprises seeking resilient data security solutions.

How Might Election Outcome Affect HHS' Healthcare Cyber Work?
Regardless of who wins the upcoming Presidential election, one thing is apparent: As the final months of the Biden administration wrap up, regulators at the agency charged with enforcing HIPAA are racing to complete unfinished work they deem as critically important to healthcare sector cyber.

Rust-Based Ransomware Employs Aggressive Anti-Detection Tactics
Operators of a Russian-speaking ransomware group launched a new encryptor with enhanced measures for defeating cyber defenders including wiping logs, disrupting backup systems and stopping decryption without insiders knowledge. The same group disrupted London hospitals in a July attack.

FBI Probing 'Specific Malicious Activity Targeting' Telecommunications Providers
The FBI said Friday afternoon it is investigating Chinese nation-state hacking of commercial telecommunications infrastructure following a news report that Beijing actors targeted data from phones used by Republican presidential nominee Donald Trump and his running mate, Ohio Sen. JD Vance.

Examining Cyberthreats, Foreign Tactics Aimed at 2024 U.S. Election
In the latest weekly update, election security expert Annie Fixler joined ISMG editors to discuss the urgent challenges of safeguarding U.S. election infrastructure, countering cyberthreats and preventing foreign interference as Election Day approaches.

Effectiv's 30-Person Team to Streamline Identity Services, Help Socure Grow Revenue
Socure has acquired Effectiv, integrating its engineering team of 30 to strengthen identity verification capabilities. The $136 million deal aims to speed up customer onboarding, enhance transaction monitoring, and deliver cross-platform solutions, with the product integration expected in 45 days.