BankInfoSecurity.com

2023 and 2024 Ransomware Breaches Affected More Than 2.5M
Michigan-based McLaren Health Care has agreed to pay $14 million to settle consolidated class action litigation involving two ransomware attacks - allegedly by Alphv/BlackCat in 2023 and by Inc Ransom in 2024 - that affected about 2.5 million patients and employees.

AI Elevates CDO Job From Gatekeeper to Data-Driven Change Agent
The chief data officer is being pushed out of the shadows and into the C-suite spotlight with the rise of AI. While the role emerged as one rooted in compliance and risk management, it has evolved to be a business driver, holding the keys to value creation and human-centered transformation.

Security Service Says China-Linked Actor Compromised Vulnerable Network Devices
Norway's security service confirmed it was targeted by the China-linked Salt Typhoon campaign, marking one of Europe’s clearest public acknowledgements that the cyberespionage operation extended beyond U.S. telecom and federal networks into allied infrastructure.

Shadow Aeza International Directed Traffic to Malicious Adtech
A financially motivated threat actor hacked dozens of domain name system resolvers, connecting them to the infrastructure of a Russian bulletproof hosting service sanctioned by the U.S. Department of Treasury for its criminal links, researchers found.

European Commission Intends to Force Meta to Open Chat App to Third Party AI
The European Commission said Meta appears to have broken antitrust law by blocking third-party AI assistants from interfacing with their users through WhatsApp. It gave notice to parent company that Europe intends to open up WhatsApp to third-party general-purpose AI assistants.

Cadence Bank's Brent Phillips Focuses on Controls for Online Account Opening
Financial institutions face rising losses from first-party fraud schemes that begin with online account opening. One of the most effective ways to reduce exposure involves practical, risk-based controls that limit how much trust new customers receive before their behavior can be established.

Ivanti's Endpoint Manager Mobile Flaws Under Active Exploitation
The European Commission fell victim to a cyberattack that could have allowed the theft of some staff personal information. The European Union's executive body said Friday it detected on Jan. 30 an attack on its "central infrastructure managing mobile devices."

CEO Nitay Milner Says Large Language Models Cut False Positives and Policy Sprawl
Orion Security has secured $32 million in Series A funding led by Norwest Venture Partners to replace policy-driven data loss prevention with large language models. CEO Nitay Milner says AI enables real-time context that legacy DLP tools can't achieve at scale.

CEO Jay Chaudhry: SquareX Deal Targets Unmanaged Devices and Third-Party Access
Zscaler has acquired SquareX to deliver browser security through extensions rather than endpoint agents or stand-alone browsers. CEO Jay Chaudhry said the approach speeds deployment, improves security for unmanaged devices, and accelerates time-to-market by up to a year.

AI Assistant Executes Hidden Commands Embedded in Docker Image Labels
A vulnerability in Docker's Ask Gordon AI assistant allows attackers to execute malicious commands by hiding them in the container application development platform's image metadata, said security researchers. Dubbed DockerDash, the vulnerability exploits a failure across Docker's AI execution chain.

Database Misconfiguration Exposed 1.5 million API Tokens
A misconfigured database at Moltbook, the viral social network for AI agents, exposed 1.5 million API authentication tokens, 35,000 email addresses, and private messages. Security researchers discovered unauthenticated read and write access to all platform data within days of launch.

Experts Advise Moving From Verifying Identities to Knowing Agent Intentions
Financial institutions are rushing to deploy AI agents capable of autonomously initiating transactions, approving payments and freezing accounts in real time. But agents are creating a "dual authentication crisis" that traditional security frameworks cannot address.

Also: Healthcare Cyber Risks Collide, Varonis Deal Signals AI Security Shift
In this week's panel, four ISMG editors unpacked the Notepad++ supply-chain compromise, the growing web of cyber risks facing healthcare, and what Varonis's acquisition of AllTrue.ai tells us about where artificial intelligence security is headed.

Open Source 'Vulnhalla' Promises 'Up to 96% Reduction in False Positives'
Using large language models to automatically identify only real code vulnerabilities - not false positives - remains a holy grail. Eschewing a moonshot approach, a tool called Vulnhalla helps senior researchers use guided questioning with LLMs to more rapidly triage actual vulnerabilities.

Privacy Expert Chiara Rustici on Laws Governing Autonomous Robots, Embedded AI
As embedded AI moves from labs into real environments, organizations face growing liability risks. From border patrol robots to healthcare automation, leaders must understand how AI governance, product liability, data protection and security laws apply, said Chief Privacy Officer Chiara Rustici.

Stymied Attack Leaves Poland No Good Options in Responding to Provocation
Poland's online defenses stopped a Russian cyberattack against the energy grid, but now the Warsaw government is in a bind about how to respond to a digital assault that was a lot more than a crime, but a sliver less than an act of war. The late cyberattack crossed legal and strategic lines.

Varonis CEO Yaki Faitelson Warns Misconfigured AI Is an Accident Waiting to Happen
Varonis has acquired AllTrue.ai to close visibility gaps in AI security. CEO Yaki Faitelson said enterprises are deploying AI agents that access vast datasets at high speed without understanding permissions identity context or abnormal behavior creating urgent demand for data-first AI security.