DataBreachToday.com

Incidents at Pain Management Firm, Pediatric Hospital Affect 50,000 People
An insider breach at a Florida pain management firm and an email breach at a Colorado pediatric hospital have resulted in more than $1.7 million in fines for HIPAA violations found by federal investigators. The two incidents affected fewer than 50,000 people.

Possible Chinese State-Sponsored Exploit Kit Using Browser Flaws to Deploy Spyware
A possible Chinese state threat group is targeting vulnerabilities in messaging apps to deliver spyware in cross-platform devices used by members of ethnic minorities targeted for repression by Beijing. Trend Micro dubs the group "Earth Minotaur."

FBI Sees Rising AI-Enabled Fraud; Meta Reports Scant Election Interference Use
Artificial intelligence: What's it good for? Per the old song about war, the answer isn't "absolutely nothing," but so far it also isn't "absolutely everything." New findings pinpoint where generative AI and deepfakes are hot - fraud - and where they're not - election interference

The torrents of public hostility directed at health insurers in the aftermath of UnitedHealthCare CEO Brian Thompson's murder are serious signs of intensifying cyber and physical threats facing the C-suites of healthcare and many other sectors, said Chris Pierson, founder and CEO of BlackCloak.

Also, Man Who Stole $3.5M of Cloud Computing to Mine $1M in Crypto Pleads Guilty
This week, Solana npm package attack, a Brazilian banking giant entered crypto trading and a Nebraska man pleaded guilty to cryptojacking. Australia tightened rules for crypto businesses and crypto losses dropped in 2024 and DMM Bitcoin will cease operations.

Project Mellissa Contributed Toward Disruptive Actions
A Dutch public and private sector anti-ransomware initiative has contributed to ransomware disruptions globally, found an assessment from the University of Leiden. "Project Melissa" was launched in 2023 by Cybersafe Netherlands, the Dutch National Cyber Security Center and security companies.

David Sacks Appointed as Trump's AI and Crypto Czar Amid Growing Industry Concerns
President-elect Donald Trump's appointment of former PayPal executive David Sacks to serve as the inaugural White House czar for artificial intelligence and cryptocurrency is already raising significant concerns about potential conflicts of interest and market favoritism.

It goes without saying: Business ecosystems are increasingly complex, and so are the cybersecurity systems and strategies deployed to protect them. But Marty McDonald of Optiv and Rob Rachwald of Palo Alto Networks share new ideas on how to take some of the complexity out of cybersecurity.

Russian Activist for Ukraine Claims Spyware Was Installed While in Custody by FSB
A Russian activist says security forces covertly installed spyware on his cellphone while he was detained in Moscow for aiding Ukraine. A report published Thursday shows the spyware received a broad range of permissions, from tracking location to reading encrypted messages.

CEO Anand Eswaran Talks Investors, Innovation and Data Resilience Leadership
CEO Anand Eswaran explains how Veeam's $2 billion secondary offering strengthens its financial position as the data resilience vendor prepares for an initial public offering. He discusses the company’s commitment to innovation and strategic pacts with Splunk, CrowdStrike and Palo Alto Networks.

Shell Casing Inscription 'Deny' Points to Potential Motive in CEO's Killing
Law enforcement investigating murder of Brian Thompson, CEO of UnitedHealthcare, are examining potential motives. But shell casings reportedly found at the crime scene spotlight one of the top motives speculated - anger over the company's alleged denial of coverage practices. Where does AI fit in?

Also, Man Who Stole $3.5M of Cloud Computing to Mine $1M in Crypto Pleads Guilty
This week, Solana npm package attack, a Brazilian banking giant entered crypto trading and a Nebraska man pleaded guilty to cryptojacking. Australia tightened rules for crypto businesses and crypto losses dropped in 2024 and DMM Bitcoin will cease operations.

Privacy Advocates Warn of Risks from Expanding DHS Use of AI and Facial Recognition
The U.S. Department of Homeland Security is reportedly expanding its use of emerging surveillance tools, including drones and artificial intelligence, without proper safeguards as experts warn of potential privacy violations and risks involving facial recognition and third-party data usage.

French Police Reportedly Detain Accused Ryuk Money Launderer Ekaterina Zhdanova
An international investigation led by the U.K. busted Russian money cash-for-crypto laundering networks in an operation that's led to the arrest of 84 individuals and U.S. sanctions against others. One of the network allegedly laundered extortion money paid to the Ryuk ransomware group.

AI is reshaping the fight against digital threats. Learn how attackers are using AI to supercharge malware and social engineering—and how organizations can harness it to predict, detect, and stop cyberattacks in their tracks.

Tips for Finding and Getting Security Jobs in a Global Market
Organizations ranging from multinational corporations to government agencies and international nonprofits require cybersecurity expertise. These roles often include exciting opportunities for travel or relocation, making them an attractive path for professionals ready to take their careers global.

Hackers can potentially use AI to manipulate data that's generated and shared by some health apps, diminishing the data's accuracy and integrity, said Sina Yazdanmehr and Lucian Ciobotaru of cybersecurity firm Aplite, describing a recent research project involving Google Health Connect.