CU InfoSecurity
Unknown date
Security
The webinar discusses using AI and human expertise to outpace threat actors; highlights the importance of combining technology with human oversight for effective compliance and risk management.
CU InfoSecurity
Unknown date
Security
Kettering Health notified patients and affiliates of a potential data breach in May 2025; cybercriminal group Interlock claimed responsibility. The incident involved personal, health, and financial information.
Cybercrime Group First Listed Ohio Health System as a Data Theft Victim Last June Ohio-based Kettering Health is notifying current and former patients and "affiliates" that their personal, health and financial information was potentially compromised in a May 2025 ransomware attack and data theft incident claimed by cybercriminal gang Interlock.
CU InfoSecurity
Unknown date
Security
The webinar discusses the use of a Security Data Fabric for modernizing GRC processes by automating evidence collection and compliance controls. Attendees learn about the benefits of automation in improving efficiency and reducing risk.
CU InfoSecurity
Unknown date
Security
• RMM tools can be exploited by hackers using ransomware variants like VoidCrypt.
• Cybersecurity firm Huntress highlights the risks associated with RMM tools, which are simultaneously open to remote connections and have privileged local access.
VoidCrypt Ransomware Variant Taps RMM Tools, Says Huntress Management isn't the only advocate for employee monitoring software, according to new research from cybersecurity firm Huntress. RMM tools - simultaneously open to remote connections and with privileged local access - are good for wiggling into corporate networks.
CU InfoSecurity
Unknown date
Security
State-backed hackers weaponized Google's Gemini AI for cyberattacks; Google has disabled accounts and strengthened defenses. Cybersecurity measures should be reviewed and updated.
China, Iran, North Korea Hackers Exploit Gemini Across Attack Life Cycle State-backed hackers weaponized Google's artificial intelligence model Gemini to accelerate cyberattacks, using the productivity tool as an offensive asset for reconnaissance, social engineering and malware development. Google said it has disabled accounts and strengthened defenses.
CU InfoSecurity
Unknown date
Security
• Agentic AI is transforming security models faster than traditional defenses can keep up.
• Organizations will shift from deterministic risk models to adaptive, autonomous systems by 2026.
Agentic AI Is Reshaping Security Faster Than Traditional Defenses Can Keep Up Agentic artificial intelligence is fundamentally altering organizational workflows and how risk materializes. In 2026, emerging cybersecurity trends will push organizations to move from deterministic, rule-based risk models toward adaptive models built for autonomous, non-deterministic systems.
CU InfoSecurity
Unknown date
Security
Bretton AI has raised $75 million for scaling AI solutions in anti-money laundering and KYC compliance; the technology aims to reduce manual investigations and improve auditability.
AI Agents Target Anti-Money Laundering at Major Global Banks, Cut Manual Probes Bretton AI has raised $75 million in Series B funding led by Sapphire Ventures to scale AI agents for anti-money laundering sanctions and KYC compliance. CEO Will Lawrence says the company is targeting large banks with automation designed to reduce manual investigations and improve auditability.
CU InfoSecurity
Unknown date
Security
Bretton AI has raised $75 million for automating AML compliance; targets large banks with reduced manual investigations and improved auditability.
AI Agents Target Anti-Money Laundering at Major Global Banks, Cut Manual Probes Bretton AI has raised $75 million in Series B funding led by Sapphire Ventures to scale AI agents for anti-money laundering sanctions and KYC compliance. CEO Will Lawrence says the company is targeting large banks with automation designed to reduce manual investigations and improve auditability.
CU InfoSecurity
Unknown date
Security
Sophos acquired Arco to enhance cybersecurity assurance and compliance with a new CISO Advantage capability. The rollout will start in the U.K., integrating risk and regulatory mapping with threat intelligence operations.
UK Rollout to Link Arco's Cybersecurity Assurance With Sophos's Threat Intelligence Sophos acquired Arco to expand into cybersecurity assurance and compliance, launching a new CISO Advantage capability. The company plans a phased rollout starting in the U.K., integrating Arco’s risk and regulatory mapping platform with Sophos Central and its global threat intelligence operations.
CU InfoSecurity
Unknown date
Security
A new cybercriminal gang called Insomnia has targeted healthcare-related entities; 18 victims have been reported with more than half linked to the health sector.
Newcomer 'Insomnia' Appears to Favor US Healthcare-Related Entities A new cybercriminal gang, Insomnia, appears to have its eyes wide open for potential healthcare-related targets. Since surfacing on the darkweb in recent weeks, the apparent data theft group has chalked up 18 alleged victims on its data leak site, with more than half having ties to healthcare.
CU InfoSecurity
Unknown date
Security
AI-generated malware exploited React2Shell vulnerability; 91 hosts were targeted and funds mined in Monero. Attackers with no coding expertise could build functional exploits.
LLM-Built Toolkit Hit 91 Hosts, Mined Funds in Monero Security researchers detected artificial intelligence-generated malware exploiting the React2Shell vulnerability, allowing attackers with no coding expertise to build functional exploits. The attacker may have circumvented an AI model's safeguards by framing the malicious coding request as homework.
CU InfoSecurity
Unknown date
Security
Microsoft introduces two desktop security initiatives: enhanced runtime security for app access to sensitive resources and blocking legacy authentication protocols to promote multifactor authentication. These updates aim to improve overall system security.
Redmond Rolls Out 2 Desktop Security Initiatives Microsoft is touting changes to Windows meant to ensure better runtime security and user prompts when apps access sensitive desktop resources such as files, a camera or microphone. Other controls include blocking legacy authentication protocols to ensure use of multifactor authentication.
CU InfoSecurity
Unknown date
Security
Ransomware gang Everest Group claims it has leaked data from medical diagnostic labs; patients of these labs may have sensitive information compromised.
Ransomware Gang Everest Claims It Has Leaked All Stolen Data A revenue cycle management software firm is notifying an undisclosed number of patients of several medical diagnostic labs that their sensitive information, including diagnoses and treatments, was stolen in a November hack. Ransomware gang Everest Group claims it has leaked all the data.
CU InfoSecurity
Unknown date
Security
- 0APT ransomware group is considered a likely scam operation due to AI-generated victim lists and a 1 bitcoin joining fee for affiliates.
- The malware used by the group is outdated.
Bitcoin Joining Fee for Affiliates and No Proven Victims Cited by Researchers Newcomer ransomware group 0APT is being branded a "likely scam operation," not least after a list of over 200 supposed victims turned out to be bogus, if not entirely AI-generated - never mind a 1 bitcoin joining fee for would-be affiliates and outdated crypto-locking malware.
CU InfoSecurity
Unknown date
Security
Key points: The webinar discusses lessons in cyber collaboration from city, county, and state leaders. Participants learn about best practices for enhancing cybersecurity resilience.
CU InfoSecurity
Unknown date
Security
The webinar discusses strategies for moving from compliance to a state of readiness in cybersecurity. Key points include the importance of continuous monitoring and updating security measures, as well as the integration of cybersecurity into overall risk management practices.
CU InfoSecurity
Unknown date
Security
A financially motivated threat actor hacked domain name system resolvers and connected them to a Russian bulletproof hosting service. The hosting service was sanctioned by the U.S. Department of Treasury for criminal links.
Shadow Aeza International Directed Traffic to Malicious Adtech A financially motivated threat actor hacked dozens of domain name system resolvers, connecting them to the infrastructure of a Russian bulletproof hosting service sanctioned by the U.S. Department of Treasury for its criminal links, researchers found.
CU InfoSecurity
Unknown date
Security
The webinar discusses the challenges of implementing AI in a secure manner and emphasizes the need for a cyber-resilient approach. It highlights the importance of balancing innovation with robust security measures.
CU InfoSecurity
Unknown date
Security
• Cybercrime outcomes continue to worsen despite stronger controls and broader collaboration among security teams.
• AI-based attacks are increasingly challenging cyber defenders, according to Brian Cute of the Global Cyber Alliance.
Global Cyber Alliance: as AI Fuels Cybercrime, Outcomes Keep Getting Worse Security teams report stronger controls and broader collaboration each year. Yet cybercrime outcomes continue to worsen. Brian Cute of the Global Cyber Alliance says artificial intelligence-based attacks are tipping the scales against cyber defenders.
CU InfoSecurity
Unknown date
Security
TRM Labs has raised $70 million in Series C funding for AI-driven investigations and compliance tools; the company aims to combat cybercrime using advanced AI technologies.
Funding at $1B Valuation Targets AI-Driven Investigations and Compliance Tools TRM Labs has secured $70 million in Series C funding led by Blockchain Capital reaching a $1 billion valuation. CEO Esteban Castano says the money will boost AI-powered investigations, compliance automation and intelligence as criminals use AI to scale cybercrime faster than defenders can respond.
CU InfoSecurity
Unknown date
Security
Ransomware group Clop's initial 25% of victims paying ransoms dropped to zero by 2023; steal-and-leak campaigns are becoming less effective.
Revenue From Supply-Chain Attacks by Clop Group Sharply Fell, Report Investigators Once lucrative steal-and-leak campaigns pioneered by Russian ransomware group Clop look set to go the way of the dinosaurs. While an estimated 25% of victims paid a ransom in the inaugural campaign five years ago, the number of victims that paid fell to zero by 2023, report ransomware responders.
CU InfoSecurity
Unknown date
Security
• 2025 saw a record 3,322 U.S. data breaches with only 30% of breach notices providing actionable details.
• James Lee from ITRC warns that the lack of transparency in these notices increases risk for individuals and businesses.
ITRC Report: 2025 Breach Notices Lack Critical Details as AI-Based Attacks Surge The Identity Theft Resource Center tracked a record 3,322 U.S. data breaches in 2025, more than any previous year. Yet, only 30% of breach notices included actionable details that other defenders need. ITRC's James Lee warns that this lack of transparency puts people and businesses at greater risk.
CU InfoSecurity
Unknown date
Security
The webinar focuses on cybersecurity strategies to prevent breaches and secure cloud environments. Participants will learn about the latest threats and best practices for protecting sensitive data.
CU InfoSecurity
Unknown date
Security
• Attack intensity surged over the recent holiday period as hackers used automated bots.
• Cybersecurity defenders are advised to remain vigilant despite reduced activity levels during holidays.
Honeypots Reveal Automated Bots' 'Attack Intensity' Surged Over Christmastime 2025 Memo for cybersecurity defenders: Honeypots reveal attack intensity surged over the recent holiday period, as hackers continued their well-known propensity for probing defenses and striking in the off hours, using highly automated bots, to try and maximize their dwell time before discovery.
CU InfoSecurity
Unknown date
Security
South Korean prosecutors probed missing seized bitcoin; U.S. SEC dropped litigation against Gemini Earn; major hacks and a $37 million laundering prison sentence.
Also: CZ on Trump Pardon, Arrest in Crypto-Linked Drug Case This week, South Korean prosecutors probed missing seized bitcoin. CZ said a Trump pardon eased his conviction burden. A former Olympian arrested in a crypto-linked drug case. The U.S. SEC dropped litigation against Gemini Earn. Major hacks and a $37 million laundering prison sentence.