Notices by Mathew J. Schwartz (euroinfosec@infosec.exchange)

About face: U.S. cyber defense agency CISA reversed a decision Tuesday to stop posting cybersecurity alerts and guidance on its website after announcing 24 hours earlier that it would favor the X social media platform instead.
https://www.databreachtoday.com/cisa-planned-to-kill-gov-alerts-then-reversed-course-a-28391

Rapid unscheduled cyber disassembly of the US government continues
https://www.databreachtoday.com/interior-department-ousts-key-cyber-leaders-amid-doge-spat-a-27977

@JadedTurtle @GossiTheDog

I love that song. How this website text is rendering, I do not.

Definitely I will pass this up the chain. Pretty please, can you tell me what you're using here?

Oracle is dealing with a hacking incident involving legacy patient data of Cerner electronic health record customers
https://www.databreachtoday.com/oracle-health-responding-to-hack-legacy-cerner-ehr-data-a-27884

Pentagon infosec source says: "a month ago they were ordered by political appointees to ignore information security regulations and install Signal on government phones for senior leaders. This story likely confirms that Signal is a primary means of communications for Trump Administration senior leaders in direct violation of the Presidential Records Act, the Espionage Act, and numerous national security regulations."
https://fpwellman.substack.com/p/exclusive-dod-has-deployed-signal

Fact check: Reuters report claims that "the rise of generative artificial intelligence has made it an attractive tool for bad actors, with its low entry barrier ensuring broad accessibility, leading to an increase in global cyberattacks."

Is there any evidence that AI has led to an increase in online attacks?

Surely it's made convincing-sounding phishing emails across multiple languages easier to create, and would obviously facilitate BEC and CEO fraud attacks via asynchronous communications.

But has it really caused "an increase in global cyberattacks*"?

https://www.reuters.com/technology/sentinelone-forecasts-annual-revenue-below-wall-street-estimates-2025-03-12/

Russia indicts and arrests suspected LockBit, Babuk and Hive ransomware operator Mikhail Matveev, who also happens to be wanted by the FBI.
https://www.databreachtoday.com/russia-indicts-ransomware-hacker-wanted-by-fbi-a-26948

First-ever charge filed in Britain against an individual for running multiple crypto ATMs. The Financial Conduct Authority says "there are no legal crypto ATM operators in the UK." https://www.fca.org.uk/news/press-releases/fca-charges-first-individual-running-network-illegal-crypto-atms

Bypassing MFA as a service: 3 men plead guilty to running service that evades banks' and credit card companies' multifactor authentication
https://www.databreachtoday.com/3-men-plead-guilty-to-running-service-that-bypasses-mfa-a-26184

Interesting detail from US judge's Friday detention order for Karakurt ransomware group suspect Deniss Zolotarjovs: "the cyber ransom group with whom he is alleged to have committed the instant alleged offenses has extensive ties to the United Arab Emirates." https://www.databreachtoday.com/karakurt-ransomware-group-suspect-appears-in-us-courtroom-a-26127#detention

Shocker: Chief executive of collapsed crypto fund Hyperverse does not appear to exist
https://www.theguardian.com/technology/2024/jan/04/chief-executive-of-collapsed-crypto-fund-hyperverse-does-not-appear-to-exist

US expands financial data breach reporting requirements: non-banking institutions will be required to report breaches under revised Safeguards Rule enforced by the Federal Trade Commission.
https://www.databreachtoday.com/ftc-expands-financial-data-breach-reporting-requirements-a-23418