CU InfoSecurity
Unknown date
Security
• Minnesota Department of Human Services notifies 304,000 people of a data breach involving inappropriate access by a healthcare provider worker. • State officials are monitoring the incident for potential fraud.
State Monitoring Incident Involving a Health Entity Worker for Potential Fraud The Minnesota Department of Human Services is notifying nearly 304,000 people of data breach involving someone at a healthcare provider who inappropriately accessed information from an IT system managed by a vendor. State officials are monitoring the incident for potential fraud.
CU InfoSecurity
Unknown date
Security
• Fraud and risk teams must enhance 'know your customer' checks due to rapidly improving deepfake technology.
• Synthetic identities, convincing face-swaps, and defeated biometric checks pose significant risks.
Easy-to-Use Deepfake Services for Criminals Rapidly Improving, Researchers Warn Financial firms' fraud and risk teams must bolster know-your-customer checks in the face of increasingly effective and affordable deepfake technology and services that can generate synthetic identities, convincing face-swaps and defeat "live" biometric checks to bypass defenses, warn researchers.
CU InfoSecurity
Unknown date
Security
Cyber-enabled fraud has become the top concern for CEOs in 2026, surpassing ransomware. AI is reshaping both cyber risks and defenses.
Findings From WEF's 2026 Report Show Shifting Cyber Priorities as AI Reshapes Risk Cyber-enabled fraud has overtaken ransomware as the top cybersecurity concern for CEOs heading into 2026, according to the World Economic Forum's Global Cybersecurity Outlook 2026, released ahead of the Davos meeting. AI is a top emerging technology affecting both cyber risk and cyber defense.
CU InfoSecurity
Unknown date
Enforcement|security
- Police raided two suspected members of the Black Basta ransomware group in Ukraine and issued an international arrest warrant for their Russian founder.
- The group has targeted over 600 victims worldwide, with many millions in ransom payments.
Crackdown Targets Multiple Members of Cybercrime Group, Including 'Hash Crackers' Police raided two suspected members of the notorious Black Basta ransomware group - tied to over 600 victims worldwide and many millions in ransom payments - in Ukraine and issued an international arrest warrant for the Russian national suspected of being the operation's founder and ringleader.
CU InfoSecurity
Unknown date
Security
AI agent can exploit known vulnerability to steal user files; security researchers demonstrated the flaw. Credit union compliance officers should monitor for similar vulnerabilities in third-party tools.
AI Agent Can Access File Upload API to Exfiltrate Documents Security researchers have demonstrated how Anthropic's new Claude Cowork productivity agent can be tricked into stealing user files and uploading them to an attacker's account, exploiting a vulnerability the company allegedly knew about.
CU InfoSecurity
Unknown date
Security
Lumen has blocked over 550 command and control servers associated with the Kimwolf and Aisuru botnets since October; this highlights ongoing cyber threats that credit unions need to be vigilant about.
Lumen Spotted More Than 500 Command and Control Servers Since October A major U.S. internet service provider said it's blocked incoming traffic to more than 550 command and control servers botnets identified over the past four months that administer the Kimwolf and Aisuru botnets.
CU InfoSecurity
Unknown date
Security
Digital skimming remains a significant threat; AI's entry into personal health data raises new compliance and security concerns.
Also: AI's Push Into Health Data, CrowdStrike's Move to Reshape Competitive Market In this week's panel, four editors explored how old threats like digital skimming are evolving, why AI tech's push into personal health data is raising new questions and what CrowdStrike's back-to-back acquisitions say about where cybersecurity competition is heading.
CU InfoSecurity
Unknown date
Security
Infoblox acquires Axur to enhance AI-driven cyberthreat defense; Axur offers 99% takedown rate for phishing and rogue sites.
AI-Powered Axur Brings Digital Risk Protection, 99% Takedown Rate to Infoblox Infoblox is acquiring Axur, a Brazilian leader in digital risk protection, to bolster its preemptive cyberthreat defense. Axur automates phishing and rogue site takedowns using AI, delivering near-instant response and visibility into attacker infrastructure.
CU InfoSecurity
Unknown date
Security
• The number of ransomware victims and criminal groups has increased over the past 12 months.
• Despite law enforcement efforts, competition among groups, and fewer victims paying, the trend remains concerning.
Despite Some Well-Known Groups Disappearing, Ransomware Competition Remains Fierce Here's unwelcome ransomware news: Groups' victim listings and underground chatter suggest that the count of victims and number of criminal groups behind such attacks have both risen over the past 12 months, despite repeat disruptions by law enforcement, fierce competition and fewer victims paying.
CU InfoSecurity
Unknown date
Enforcement
PharMerica will pay at least $5.27 million as part of a preliminary class action settlement for a 2023 data theft incident affecting 5.8 million individuals; the company agreed to enhance its security measures.
Ransomware Gang Money Message Claimed It Exfiltrated 4.7TB of Firm's Data Pharmacy services firm PharMerica will pay at least $5.27 million - plus millions more on enhancing its security - as part of a preliminary class action settlement approved this week by a federal court involving a 2023 data theft incident the company reported as affecting 5.8 million individuals.
CU InfoSecurity
Unknown date
Security
- DeadLock ransomware group uses blockchain smart contracts for storing proxy server addresses.
- This technique indicates the group's experience and sophistication in cybercrime.
Stealthy Group Taps Blockchain 'EtherHiding' to Facilitate Victim Communications The DeadLock ransomware group, a newly emerged digital extortion group, is using blockchain smart contracts to store proxy server addresses for facilitating ransomware negotiations with victim organizations. The technique suggests the group is made up of experienced cybercriminals.
CU InfoSecurity
Unknown date
Security
Researchers detail an active Magecart campaign targeting WooCommerce and Stripe payment forms. ConnectPOS exposes its code repository for years, posing a supply-chain risk for customers.
Digital Skimming Attacks Spoof Stripe Payment Forms to Steal Payment Card Data Magecart-style digital skimming attacks targeting payment card data continue, with researchers detailing an active campaign targeting the popular WooCommerce platform and Stripe. Separately, widely used ConnectPOS exposing its code repository for years, posing a supply-chain risk for customers.
CU InfoSecurity
Unknown date
Security
• A flaw in Broadcom chipsets used in wireless routers allows attackers to disrupt the 5 GHz band regardless of security settings. • Credit unions should be aware of this cybersecurity risk.
Black Duck Researchers Discover Flaw in Widely Used Broadcom Chipset A flaw in Broadcom chipsets commonly used in wireless routers allows attackers to repeatedly knock offline the 5 gigahertz band, no matter how strong the security settings, say researchers.
CU InfoSecurity
Unknown date
Security
• Combining employee training with behavioral monitoring and AI guardrails is essential for mitigating identity risk in the face of AI-driven phishing threats.
• The shift from brute-force attacks to AI-powered phishing poses tougher challenges for credit union defenders.
Thales CISO Eric Liebowitz Outlines Urgent Defenses for AI-Driven Phishing Threats The shift from brute-force attacks to AI-powered phishing is creating tougher challenges for defenders. Thales CISO, Americas, Eric Liebowitz says combining employee training with behavioral monitoring and AI guardrails is essential to mitigate identity risk.
CU InfoSecurity
Unknown date
Guidance
The webinar discusses the benefits of using a unified platform for improving visibility and response in compliance operations. Attendees learn about integrating various systems to enhance data management and streamline regulatory reporting.
CU InfoSecurity
Unknown date
Security
• The article highlights the ongoing issue of lack of Multi-Factor Authentication (MFA) contributing to cloud data breaches. • It also touches on how researchers are exploring new methods for data protection in an AI-driven era.
Also: Turning AI Data Into AI Defense, Autonomous Border Patrol Robots In this week's panel, four ISMG editors discussed how basic security failures are still opening the door to major breaches, how researchers are rethinking data protection in the age of AI and the implications of robots with artificial intelligence patrolling national borders.
CU InfoSecurity
Unknown date
Security
• Over 700,000 Illinois residents notified of a data breach due to incorrect privacy settings on a mapping platform.
• The breach exposed sensitive information related to Medicare, Medicaid, and rehabilitation services recipients.
Mapping Platform Exposed Addresses and Medical Assistance Plans The Illinois Department of Human Services is notifying more than 700,000 individuals of a breach involving "incorrect privacy settings" left in place for several year that exposed online data pertaining to Medicare, Medicaid and rehabilitation services recipients.
CU InfoSecurity
Unknown date
Security
Moody's predicts firewalls will become obsolete; Sedgwick confirms a data breach; Romanian power firm and D-Link devices were targeted by cyber attacks.
Also, Sedgwick Confirms Breach, Romanian Power Firm Hit, D-Link Flaws Exploited This week, Moody's said firewalls will be obsolete, Romanian critical infrastructure hacked, Sedgwick breach and a D-Link DSL flaw. Finland seized the Fitburg. Microsoft said Direct Send not to blame for Exchange phishing. Malicious Chrome extensions, European hotels targeted and health breaches.
CU InfoSecurity
Unknown date
Security
Moody's predicts firewalls will become obsolete; Sedgwick confirms a data breach; Romanian power firm and D-Link devices were targeted by cyberattacks.
Also, Sedgwick Confirms Breach, Romanian Power Firm Hit, D-Link Flaws Exploited This week, Moody's said firewalls will be obsolete, Romanian critical infrastructure hacked, Sedgwick breach and a D-Link DSL flaw. Finland seized the Fitburg. Microsoft said Direct Send not to blame for Exchange phishing. Malicious Chrome extensions, European hotels targeted and health breaches.
CU InfoSecurity
Unknown date
Security
Polymorphic malware can evade traditional email security measures; organizations need to update their cybersecurity strategies. Credit unions should train employees on recognizing and responding to phishing attempts.
CU InfoSecurity
Unknown date
Security
An alleged fraud kingpin was deported to China; Unleash Protocol suffered a $3.9M hack; TRM linked crypto thefts to the LastPass breach.
Also: Unleash Protocol Hack, LastPass Breach Linked to Crypto Thefts This week, an alleged fraud kingpin deported to China, Bitfinex hacker gained early release, Unleash Protocol's $3.9M hack, TRM tied crypto thefts to the LastPass breach, Trust Wallet's link to the Sha1-Hulud attack, Flow's NFT loan fallout, Ledger's data exposure and Kontigo reimbursements.
CU InfoSecurity
Unknown date
Enforcement
• An orthopedic practice in upstate New York was hacked, affecting over 650,000 individuals' sensitive information. • The practice agreed to pay a $500,000 settlement and implement stronger security practices.
2023 Incident Affected More Than 650,000 Patients, Employees An upstate New York orthopedic practice has agreed to pay state regulators a $500,000 settlement and implement stronger security practices following a 2023 hack involving the theft of 650,000 individuals' sensitive information. Cybercrime group INC Ransom reportedly claimed credit for the incident.
CU InfoSecurity
Unknown date
Security
A honeypot set by a targeted threat intelligence firm caught one of the 'Scattered Lapsus$ Shiny Hunters' hackers, revealing his actual IP address. This incident highlights the effectiveness of deception technology in cybersecurity.
Targeted Threat Intel Firm Shares Details With Police After Honeypot Hit Getting owned by deception technology isn't good news for one's criminal brand or ability to remain at large. Just ask the band of young hackers behind "Scattered Lapsus$ Shiny Hunters," when one of their ilk fell into a security firm's honeytrap, revealing his actual IP address in the process.
CU InfoSecurity
Unknown date
Guidance
- Discusses the importance of measuring and managing human risk in cybersecurity.
- Highlights the role of Chief Information Security Officers (CISOs) in addressing these risks.
CU InfoSecurity
Unknown date
Security
Dozens of organizations lost terabytes of data and credentials through a malware attack on cloud-based collaboration tools; initial access brokers are involved in selling stolen data.
Terabytes of Data Stolen From Cloud-Based Collaboration Tools, Researchers Warn Dozens of organizations that use real-time content collaboration platforms appear to have lost not only credentials but also terabytes of hosted data to information-stealing malware being wielded by an initial access broker with a sideline in auctioning large volumes of stolen data.