CU InfoSecurity
Unknown date
Security
• Android Trojan 'Massiv' masquerades as an IPTV app and can capture screens, overlay content, and steal credentials.
• The malware may soon be offered for sale on criminal forums as a service.
New Trojan May Soon Be Offered for Sale to Criminal Underground Security researchers warn of "Massiv," an Android Trojan - disguised as an IPTV app - targeting users who sideload streaming apps. The malware enables screen capture, overlays and credential theft - and may soon be marketed on criminal underground forums as malware as a service.
CU InfoSecurity
Unknown date
Guidance
The article emphasizes the importance of comprehensive third-party risk management and provides strategies for scaling such programs. It highlights the need for regular assessments, clear communication, and robust contract terms.
CU InfoSecurity
Unknown date
Enforcement|security
Norton Healthcare agreed to pay $11 million to settle a class action lawsuit related to a 2023 data theft attack by the Alphv/BlackCat ransomware gang. The attack affected nearly 2.5 million people.
Cybercrime Gang Allegedly Stole 4.7 Terabytes of Data, Affecting 2.5M Norton Healthcare, which operates nine hospitals and other care facilities in Kentucky and Indiana, has agreed to pay $11 million to settle class action litigation stemming from a 2023 data theft attack by ransomware-as-a-service gang Alphv/BlackCat that affected nearly 2.5 million people.
CU InfoSecurity
Unknown date
Security
Threat actors prefer low-complexity attacks over sophisticated ones; Credit union compliance officers should prioritize rapid response and well-trod techniques.
Incident Responders Detail Top Ransomware and Business Email Compromise Tactics There's no need to invest into sophisticated hacking operations when moving fast and exploiting well-trod techniques gives threat actors all the access they want. Threat actors are prioritizing "low-complexity entry points, rather than investing in sophisticated exploits," say incident responders.
CU InfoSecurity
Unknown date
Security
The webinar discusses using AI and human expertise to outpace threat actors; highlights the importance of combining technology with human oversight for effective compliance and risk management.
CU InfoSecurity
Unknown date
- GRC theater creates false confidence and should be replaced with continuous GRC engineering.
- Adversaries operate continuously, so GRC processes must also operate continuously.
CISO Sean Atkinson on Moving From 'GRC Theater' to Continuous GRC Engineering As NIST, ISO, SOC 2, NIS2 and DORA expand compliance pressure, many organizations are optimizing for audit success instead of risk reduction. Sean Atkinson warns that “GRC theater” creates false confidence. Adversaries operate continuously and so should GRC engineering, he said.
CU InfoSecurity
Unknown date
Security
Kettering Health notified patients and affiliates of a potential data breach in May 2025; cybercriminal group Interlock claimed responsibility. The incident involved personal, health, and financial information.
Cybercrime Group First Listed Ohio Health System as a Data Theft Victim Last June Ohio-based Kettering Health is notifying current and former patients and "affiliates" that their personal, health and financial information was potentially compromised in a May 2025 ransomware attack and data theft incident claimed by cybercriminal gang Interlock.
CU InfoSecurity
Unknown date
Security
The webinar discusses the use of a Security Data Fabric for modernizing GRC processes by automating evidence collection and compliance controls. Attendees learn about the benefits of automation in improving efficiency and reducing risk.
CU InfoSecurity
Unknown date
Enforcement|guidance
• New HHS breach reporting website and guidance materials launched for substance use disorder record confidentiality. • Aligns with HIPAA privacy rule enforcement mandates effective as of Monday.
New HHS Enforcement Program Focuses on Patient Confidentiality, Aligning With HIPAA The U.S. Department of Health and Human Services has launched a new breach reporting website and guidance materials to support its duties of enforcing compliance mandates that went into effect Monday to better align the confidentiality of substance use disorder records with the HIPAA privacy rule.
CU InfoSecurity
Unknown date
Guidance
The webinar discusses the importance of continuous assurance for real-time risk visibility to boards. It emphasizes the need for proactive risk management strategies.
CU InfoSecurity
Unknown date
Guidance
The webinar focuses on ensuring data disposal practices meet audit standards in a compliance-intensive environment. Participants learn how to manage and dispose of data securely to avoid regulatory issues.
CU InfoSecurity
Unknown date
Security
• RMM tools can be exploited by hackers using ransomware variants like VoidCrypt.
• Cybersecurity firm Huntress highlights the risks associated with RMM tools, which are simultaneously open to remote connections and have privileged local access.
VoidCrypt Ransomware Variant Taps RMM Tools, Says Huntress Management isn't the only advocate for employee monitoring software, according to new research from cybersecurity firm Huntress. RMM tools - simultaneously open to remote connections and with privileged local access - are good for wiggling into corporate networks.
CU InfoSecurity
Unknown date
Enforcement
TX
- The Texas attorney general has launched an investigation into Conduent Business Services and BCBS Texas following a significant data breach affecting 15.5 million Texans.
- This incident could potentially break U.S. data breach records.
Will the Back-Office Services' Firm Incident Shatter US Data Breach Records? The Texas attorney general office has launched an investigation into the Conduent Business Services hacking incident, which affected about 15.5 million Texans, including about 4 million Blue Cross Blue Shield of Texas members. Will the nationwide victim tally shatter data breach records in the U.S.?
CU InfoSecurity
Unknown date
Security
State-backed hackers weaponized Google's Gemini AI for cyberattacks; Google has disabled accounts and strengthened defenses. Cybersecurity measures should be reviewed and updated.
China, Iran, North Korea Hackers Exploit Gemini Across Attack Life Cycle State-backed hackers weaponized Google's artificial intelligence model Gemini to accelerate cyberattacks, using the productivity tool as an offensive asset for reconnaissance, social engineering and malware development. Google said it has disabled accounts and strengthened defenses.
CU InfoSecurity
Unknown date
Security
• Agentic AI is transforming security models faster than traditional defenses can keep up.
• Organizations will shift from deterministic risk models to adaptive, autonomous systems by 2026.
Agentic AI Is Reshaping Security Faster Than Traditional Defenses Can Keep Up Agentic artificial intelligence is fundamentally altering organizational workflows and how risk materializes. In 2026, emerging cybersecurity trends will push organizations to move from deterministic, rule-based risk models toward adaptive models built for autonomous, non-deterministic systems.
CU InfoSecurity
Unknown date
Security
Bretton AI has raised $75 million for scaling AI solutions in anti-money laundering and KYC compliance; the technology aims to reduce manual investigations and improve auditability.
AI Agents Target Anti-Money Laundering at Major Global Banks, Cut Manual Probes Bretton AI has raised $75 million in Series B funding led by Sapphire Ventures to scale AI agents for anti-money laundering sanctions and KYC compliance. CEO Will Lawrence says the company is targeting large banks with automation designed to reduce manual investigations and improve auditability.
CU InfoSecurity
Unknown date
Guidance
The webinar focuses on ensuring data disposal practices meet audit standards in the current high-risk compliance environment. Participants learn how to prepare for audits by properly managing and disposing of sensitive information.
CU InfoSecurity
Unknown date
Security
Bretton AI has raised $75 million for automating AML compliance; targets large banks with reduced manual investigations and improved auditability.
AI Agents Target Anti-Money Laundering at Major Global Banks, Cut Manual Probes Bretton AI has raised $75 million in Series B funding led by Sapphire Ventures to scale AI agents for anti-money laundering sanctions and KYC compliance. CEO Will Lawrence says the company is targeting large banks with automation designed to reduce manual investigations and improve auditability.
CU InfoSecurity
Unknown date
Enforcement|security
- SafeMoon CEO sentenced to eight years for fraud;
- Sam Bankman-Fried seeks a new trial.
Also: SafeMoon CEO Gets 8 Years for Fraud, SBF Seeks New Trial This week, a 20-year sentence in a $73 million scam, SafeMoon CEO got eight years for fraud, Sam Bankman-Fried sought a new trial, Epstein's early crypto investments, a U.K. lawsuit against HTX, a probe of a Trump-linked crypto deal, a crypto-linked home invasion and a $43 billion Bithumb error.
CU InfoSecurity
Unknown date
Security
Sophos acquired Arco to enhance cybersecurity assurance and compliance with a new CISO Advantage capability. The rollout will start in the U.K., integrating risk and regulatory mapping with threat intelligence operations.
UK Rollout to Link Arco's Cybersecurity Assurance With Sophos's Threat Intelligence Sophos acquired Arco to expand into cybersecurity assurance and compliance, launching a new CISO Advantage capability. The company plans a phased rollout starting in the U.K., integrating Arco’s risk and regulatory mapping platform with Sophos Central and its global threat intelligence operations.
CU InfoSecurity
Unknown date
Security
A new cybercriminal gang called Insomnia has targeted healthcare-related entities; 18 victims have been reported with more than half linked to the health sector.
Newcomer 'Insomnia' Appears to Favor US Healthcare-Related Entities A new cybercriminal gang, Insomnia, appears to have its eyes wide open for potential healthcare-related targets. Since surfacing on the darkweb in recent weeks, the apparent data theft group has chalked up 18 alleged victims on its data leak site, with more than half having ties to healthcare.
CU InfoSecurity
Unknown date
Governments should now be considered adversaries in threat modeling; CISOs need to reassess dependencies and trust boundaries due to state control over infrastructure.
Why Modern Threat Modeling Must Account for State Control of Infrastructure CISOs for decades viewed governments as partners. That assumption is weakening. Today, state control over infrastructure needs be part of threat modeling and business continuity planning for global security leaders - and it's time for CISOs to reassess dependencies and trust boundaries.
CU InfoSecurity
Unknown date
Security
AI-generated malware exploited React2Shell vulnerability; 91 hosts were targeted and funds mined in Monero. Attackers with no coding expertise could build functional exploits.
LLM-Built Toolkit Hit 91 Hosts, Mined Funds in Monero Security researchers detected artificial intelligence-generated malware exploiting the React2Shell vulnerability, allowing attackers with no coding expertise to build functional exploits. The attacker may have circumvented an AI model's safeguards by framing the malicious coding request as homework.
CU InfoSecurity
Unknown date
Security
Microsoft introduces two desktop security initiatives: enhanced runtime security for app access to sensitive resources and blocking legacy authentication protocols to promote multifactor authentication. These updates aim to improve overall system security.
Redmond Rolls Out 2 Desktop Security Initiatives Microsoft is touting changes to Windows meant to ensure better runtime security and user prompts when apps access sensitive desktop resources such as files, a camera or microphone. Other controls include blocking legacy authentication protocols to ensure use of multifactor authentication.
CU InfoSecurity
Unknown date
Security
Ransomware gang Everest Group claims it has leaked data from medical diagnostic labs; patients of these labs may have sensitive information compromised.
Ransomware Gang Everest Claims It Has Leaked All Stolen Data A revenue cycle management software firm is notifying an undisclosed number of patients of several medical diagnostic labs that their sensitive information, including diagnoses and treatments, was stolen in a November hack. Ransomware gang Everest Group claims it has leaked all the data.