Author: Staff Writer

Top Highlights Several healthcare organizations, including Pediatric Otolaryngology in Florida, Anchorage Neighborhood Health Clinic in Alaska, and Valley Mountain Regional Center, experienced data breaches exposing sensitive patient information affecting thousands. The Florida clinic’s breach involved unauthorized network access, leading to the exposure of extensive personal, health, and financial data of over 43,000 individuals. Anchorage’s breach is linked to a suspected ransomware attack, with hackers contacting patients directly and causing ongoing system outages, while the full extent of data theft remains uncertain. Valley Mountain Regional Center inadvertently exposed partial support service data for 529 individuals due to an online posting error,…

Essential Insights The DOJ unsealed charges against Ukrainian national Volodymyr Tymoshchuk, accused of developing ransomware variants used to extort over 250 companies globally, causing tens of millions in damages. Tymoshchuk allegedly operated a “ransomware as a service” model, providing tools to affiliates, including a co-defendant extradited from Spain, with law enforcement warning potential victims beforehand. The targets included major corporations, healthcare, and industrial firms in the US, Canada, and Australia, often focusing on companies with over $100 million in revenue. Rewards of up to $11 million are offered for information leading to Tymoshchuk’s arrest or conviction, highlighting ongoing efforts by…

Top Highlights EoP Vulnerability Surge: For the second month in a row, elevation of privilege (EoP) vulnerabilities outnumber all others in Microsoft’s September 2025 security update, with 38 of 81 unique CVEs allowing attackers to escalate privileges after initial system access. Critical EoP Flaws Identified: Two high-priority EoP bugs, CVE-2025-55234 and CVE-2025-54918, each with CVSS scores of 8.8, have been flagged for urgent attention due to their potential for easy exploitation and significant impact. Noteworthy RCE Threats: Among remote code execution (RCE) vulnerabilities, CVE-2025-55232 (CVSS 9.8) in the HPC Pack must be monitored closely, despite Microsoft assessing its exploitation likelihood…

Summary Points Wayne Memorial Hospital was targeted by the Monti ransomware group in a cyberattack from May 30 to June 3, 2024, leading to the exfiltration and encryption of patient data. The breach affected 163,400 patients, with compromised data including personal, medical, and payment information, and was publicly posted on the attacker’s leak site. The hospital detected the attack, disconnected the network, did not pay the ransom, and recovered data from backups, while enhancing cybersecurity measures to prevent future incidents. Notifications to affected individuals began in August 2025, with free credit monitoring offered, though the breach’s scope was initially underestimated,…

Summary Points Cybersecurity researchers disclosed a sophisticated phishing campaign delivering MostereRAT, a stealthy banking malware that uses advanced evasion techniques, including a staging payload developed with EPL, to gain full control over compromised systems. The malware employs mechanisms to disable security tools, block network traffic to evade detection, and runs with elevated permissions, enabling it to manipulate Windows processes, registry entries, and install remote access tools like AnyDesk and VNC. The attack primarily targets Japanese users through deceptive emails with malicious Word documents embedded in ZIP files, which, when opened, trigger malware deployment and data exfiltration activities. Concurrently, a new…

Essential Insights Bridgestone Americas is investigating a "limited cyber incident" causing temporary disruptions at some manufacturing facilities, with operations expected to normalize soon and no customer data believed to be compromised. The company prioritized business continuity, is conducting forensic analysis, and works diligently to resolve ongoing issues while safeguarding data and interfaces. This cyberattack follows a similar disruption at Jaguar Land Rover, which reported a forced shutdown and investigation involving law enforcement and forensic specialists, with no evidence of customer data theft. Multiple hacker groups, including Scattered Spider, Lapsus$, and ShinyHunters, are linked to social engineering attacks across the U.S.…

Fast Facts Digital Transformation: Marriott International is undertaking a multiyear digital and technology transformation plan focused on modernizing systems and developing a cloud-native infrastructure. AI Integration: The company is exploring generative AI use cases and building an agentic mesh capability to streamline processes, ultimately shifting employees from repetitive tasks to guest-focused roles. Security and Governance: Enhanced cybersecurity and responsible AI governance are central to Marriott’s strategy, driven by past breaches and compliance with data privacy improvements. Iterative Approach: Marriott employs a rigorous pilot-and-adapt strategy for AI initiatives, emphasizing a framework of trust, accountability, and human-centered innovation to guide its projects.…

Top Highlights Ransomware remains the leading cyber threat, with a 73% increase in attacks in H1 2025, evolving into triple extortion schemes using AI-enhanced tactics to maximize operational and reputational damage. Phishing, heavily amplified by AI-generated social engineering and voice synthesis, has become the primary cause of financial losses, with a surge in credential theft—over 1.8 billion credentials compromised in the first half of 2025. Vendor-related risks have decreased but still pose significant downstream losses; continuous vendor security monitoring is essential to mitigate this unseen threat. Resilience advises layered cybersecurity defenses, robust backups, and AI-aware employee training, emphasizing that negotiation…

Fast Facts Multiple email accounts of Somerset County’s Children and Youth Services were accessed illegally in June 2025, exposing sensitive patient information including health and personal data. Over 19,000 clients of Beech Acres Parenting Center in Cincinnati were notified of a November 2024 security breach that compromised their personal and financial information. Both organizations have initiated security measures such as password changes, enhanced authentication, staff training, and are offering affected individuals credit monitoring. Ongoing investigations aim to determine the full extent of the data breach, with affected individuals to receive notifications and support once assessments are complete. The Core Issue…

Fast Facts Emergence of Shadow AI: The rise of "Shadow AI Agents" enables unauthorized automation and increases security risks, often unnoticed by security teams. Widespread Threat: These agents, created with minimal effort, impersonate trusted users and circumvent established security protocols, posing significant risks today. Expert Insights: The upcoming panel, "Shadow AI Agents Exposed," will explore critical questions surrounding identity management, detection, and risk mitigation strategies. Practical Solutions: Participants will gain actionable insights on governance and detection methods to manage Shadow AI effectively and enhance organizational security. Why Shadow AI is Exploding Businesses increasingly rely on AI Agents for various tasks.…