Idenhaus
@idenhaus.bsky.social
The Cybersecurity Experts. Visit us at www.idenhaus.com
A Cybersecurity and Infrastructure Security Agency program that warns organizations about imminent ransomware attacks has suffered a major setback after its lead staffer left the agency rather than take a forced reassignment.
CISA loses key employee behind early ransomware warnings
The future of a program that has helped prevent an estimated $9 billion in economic damages is now unclear.
www.cybersecuritydive.com
December 29, 2025 at 7:39 PM
A Cybersecurity and Infrastructure Security Agency program that warns organizations about imminent ransomware attacks has suffered a major setback after its lead staffer left the agency rather than take a forced reassignment.
AI will be at the forefront of nearly all major cybersecurity threats next year. It poses a danger to organizations both from within and outside, empowering cybercriminals, causing incidents, and enabling attacker bots to act independently.
Seven cybersecurity trends next year, as seen by IBM: only two are not directly related to AI
IBM predicts that nearly all of the seven major cybersecurity trends for 2026 will center on Artificial Intelligence.
cybernews.com
December 29, 2025 at 2:58 PM
AI will be at the forefront of nearly all major cybersecurity threats next year. It poses a danger to organizations both from within and outside, empowering cybercriminals, causing incidents, and enabling attacker bots to act independently.
Google may allow users to change their default Gmail address. A clue that this may happen was spotted in a new support document in a Telegram group, admittedly written in Hindi, which might hint at localized testing before a full rollout.
Cybersecurity News: Fortinet VPN exploit, Google gmail change, Aflac breach update
Active exploitation of Fortinet VPN bypass observed, Google possibly allowing change of gmail address, June Aflac attack saw data theft.
cisoseries.com
December 26, 2025 at 9:51 PM
Google may allow users to change their default Gmail address. A clue that this may happen was spotted in a new support document in a Telegram group, admittedly written in Hindi, which might hint at localized testing before a full rollout.
CISA released a new analysis of threat activity linked to Brickstorm malware, which has been used by a China-nexus threat group in a months-long campaign against multiple U.S. organizations.
CISA warns of continued threat activity linked to Brickstorm malware
Officials provided additional evidence showing its ability to maintain persistence and evade defenses.
www.cybersecuritydive.com
December 23, 2025 at 7:39 PM
CISA released a new analysis of threat activity linked to Brickstorm malware, which has been used by a China-nexus threat group in a months-long campaign against multiple U.S. organizations.
Fewer people were affected by data breaches in health care over the past year, compared to 2024. Through Dec. 12, there were 471 hacking incidents reported to the federal government, down from last year.
Cybersecurity and hospitals: Fewer victims in 2025, but looming threats | Chief Healthcare Executive
The number of people affected by breaches dropped over the past year, but health systems face serious challenges.
www.chiefhealthcareexecutive.com
December 18, 2025 at 7:39 PM
Fewer people were affected by data breaches in health care over the past year, compared to 2024. Through Dec. 12, there were 471 hacking incidents reported to the federal government, down from last year.
Enterprise computing is rapidly moving to the edge. By 2030, analysts expect more than $100 billion in annual edge spend and a majority of enterprise data to be generated and processed outside traditional data centers and hyperscale clouds.
Securing Network Edge: A Framework for Modern Cybersecurity
The future of cybersecurity means defending everywhere. Securing IoT, cloud, and remote work requires a unified edge-to-cloud strategy.
www.darkreading.com
December 18, 2025 at 4:16 PM
Enterprise computing is rapidly moving to the edge. By 2030, analysts expect more than $100 billion in annual edge spend and a majority of enterprise data to be generated and processed outside traditional data centers and hyperscale clouds.
Corporate executives see cybersecurity as the top risk facing their businesses, according to a new survey. Not all executives agreed, but the broader consensus was clear: cybersecurity is no longer a siloed IT item.
Cybersecurity concerns are paramount among executives in almost all roles, regions and industries
A new survey finds widespread agreement that security is one of the biggest challenges facing companies today.
www.cybersecuritydive.com
December 17, 2025 at 7:39 PM
Corporate executives see cybersecurity as the top risk facing their businesses, according to a new survey. Not all executives agreed, but the broader consensus was clear: cybersecurity is no longer a siloed IT item.
Recent industry events have highlighted just how interconnected the healthcare ecosystem has become. When major infrastructure providers experience incidents, the ripple effects demonstrate why we all need to work together on strengthening our collective security posture.
It’s Time For Healthcare Organizations to View Cybersecurity as Risk Management
The following is a guest article by Mike Levin, General Counsel and Chief Information Security Officer at Solera HealthIn today's interconnected healthcare ecosystem, every organization—from the…
www.healthcareittoday.com
December 17, 2025 at 4:16 PM
Recent industry events have highlighted just how interconnected the healthcare ecosystem has become. When major infrastructure providers experience incidents, the ripple effects demonstrate why we all need to work together on strengthening our collective security posture.
Etay Mayor, a cybersecurity strategist and professor, shares his journey, insights, and advice on breaking into the diverse and ever-evolving field of cybersecurity.
Think Like an Attacker: Cybersecurity Tips From Etay Mayor
Etay Mayor shares his journey, insights, and advice on breaking into the diverse and ever-evolving field of cybersecurity.
www.darkreading.com
December 17, 2025 at 2:58 PM
Etay Mayor, a cybersecurity strategist and professor, shares his journey, insights, and advice on breaking into the diverse and ever-evolving field of cybersecurity.
In a move that will significantly boost the use of its agent-based security assistant, which was released last year, Microsoft plans to automatically offer Security Copilot to its enterprise customers.
Microsoft to Bundle Security Copilot in M365 Enterprise License
The move aims to expand the use of Security Copilot and comes with the launch of 12 new agents from Microsoft at the company's Ignite conference last week.
www.darkreading.com
December 16, 2025 at 4:16 PM
In a move that will significantly boost the use of its agent-based security assistant, which was released last year, Microsoft plans to automatically offer Security Copilot to its enterprise customers.
Have you ever considered the significance of machine identities in fortifying cloud infrastructures? While organizations increasingly rely on cloud services for scalability and efficiency, securing Non-Human Identities (NHIs) has become paramount.
How can Agentic AI enhance our cybersecurity measures
What Role Do Non-Human Identities Play in Securing Our Digital Ecosystems? Where more organizations migrate to the cloud, the concept of securing Non-Human Identities (NHIs) is becoming increasingly…
securityboulevard.com
December 16, 2025 at 2:58 PM
Have you ever considered the significance of machine identities in fortifying cloud infrastructures? While organizations increasingly rely on cloud services for scalability and efficiency, securing Non-Human Identities (NHIs) has become paramount.
Against the backdrop of Ukraine, growing East/West geopolitical tensions, & persistent cybersecurity attacks by nation-state threat actors, defense organizations are accelerating their efforts to harden digital infrastructure, including secure data exchange across borders and federated environments.
Why deeper defense collaboration demands a zero trust approach to cybersecurity
On a broader level, these issues are indicative of a more general move towards comprehensive zero trust architectures across both public and private sectors.
federalnewsnetwork.com
December 15, 2025 at 9:51 PM
Against the backdrop of Ukraine, growing East/West geopolitical tensions, & persistent cybersecurity attacks by nation-state threat actors, defense organizations are accelerating their efforts to harden digital infrastructure, including secure data exchange across borders and federated environments.
We know that ransomware is on the rise, with attacks growing year over year, and we don’t see that changing for the foreseeable future. So, what can organizations do to protect themselves? That’s where the connected concepts of vaulting, clean rooms and IREs come in.
Why Healthcare Organizations Need an IRE for Epic
Creating an isolated recovery environment for Epic can help hospitals provide care continuity amid unplanned downtime.
healthtechmagazine.net
December 12, 2025 at 9:51 PM
We know that ransomware is on the rise, with attacks growing year over year, and we don’t see that changing for the foreseeable future. So, what can organizations do to protect themselves? That’s where the connected concepts of vaulting, clean rooms and IREs come in.
While AI’s autonomy boosts productivity, it also increases the places and ways data & credentials can be exposed. As AI agents blur lines between user, application, & automation, governing this era requires identity-first controls, data-aware policies, session containment, & continuous validation.
Seven ways to develop a governance framework for AI browsers
Govern with identity-first controls, data-aware policies, session isolation, and continuous validation.
www.scworld.com
December 12, 2025 at 7:39 PM
While AI’s autonomy boosts productivity, it also increases the places and ways data & credentials can be exposed. As AI agents blur lines between user, application, & automation, governing this era requires identity-first controls, data-aware policies, session containment, & continuous validation.
The cybercrime-as-a-service model has a new product line: malicious large language models built without ethical guardrails, sold on Telegram for $50 monthly or distributed for free on GitHub.
Hacking as a Prompt: Malicious LLMs Find Users
The cybercrime-as-a-service model has a new product line, with malicious large language models built without ethical guardrails selling on Telegram for $50 monthly
www.govinfosecurity.com
December 12, 2025 at 2:58 PM
The cybercrime-as-a-service model has a new product line: malicious large language models built without ethical guardrails, sold on Telegram for $50 monthly or distributed for free on GitHub.
Zero Trust helps organizations shrink their attack surface and respond to threats faster, but many still struggle to implement it because their security tools don't reliably share signals. 88% of organizations admit they've faced significant challenges in implementing such approaches.
How to Streamline Zero Trust Using the Shared Signals Framework
Zero Trust workflows strengthened as Tines converts Kolide device issues into SSF-compliant CAEP events for Okta.
thehackernews.com
December 11, 2025 at 9:51 PM
Zero Trust helps organizations shrink their attack surface and respond to threats faster, but many still struggle to implement it because their security tools don't reliably share signals. 88% of organizations admit they've faced significant challenges in implementing such approaches.
The Treasury Department’s Financial Crimes Enforcement Network (FinCEN) found that total ransomware payments since 2013 have reached $4.5 billion, according to a December 2025 study.
Total ransomware payments surpass $4.5 billion since 2013
Even though there was a drop in 2024, the pace of ransomware payments accelerated.
www.scworld.com
December 11, 2025 at 7:39 PM
The Treasury Department’s Financial Crimes Enforcement Network (FinCEN) found that total ransomware payments since 2013 have reached $4.5 billion, according to a December 2025 study.
Compliance and security have run on separate tracks for too long. Modernization demands both strong policy and flexible operations that speed authorizations, enable deeper industry collaboration, and keep security aligned with an evolving threat landscape.
Beyond Compliance: Building More Secure, Efficient and Harmonized Cloud Strategies
FedRAMP is evolving from a compliance framework into a security enabler, proving that modernization and protection can advance together.
fedtechmagazine.com
December 10, 2025 at 2:58 PM
Compliance and security have run on separate tracks for too long. Modernization demands both strong policy and flexible operations that speed authorizations, enable deeper industry collaboration, and keep security aligned with an evolving threat landscape.
To develop a modern, successful connected physical infrastructure, it is critical that both IT and OT practitioners understand the real demand for enabling greater data integration and real-time access, while also taking measures to protect the very systems that are vulnerable to cyberattack
Runway to Resilience: Improving Cybersecurity in Airport Operational Technology
As IT and OT increasingly overlap, airports need visibility and teamwork to keep operations secure and resilient.
www.honeywell.com
December 9, 2025 at 9:51 PM
To develop a modern, successful connected physical infrastructure, it is critical that both IT and OT practitioners understand the real demand for enabling greater data integration and real-time access, while also taking measures to protect the very systems that are vulnerable to cyberattack
2026 is already on the horizon, and if you haven’t already been thinking about how cybersecurity will shift next year, now is the time to start.
5 Cybersecurity Predictions for 2026
Quantum computing, biometrics and more — these are five predictions for the cybersecurity landscape in 2026.
www.securitymagazine.com
December 6, 2025 at 4:16 PM
2026 is already on the horizon, and if you haven’t already been thinking about how cybersecurity will shift next year, now is the time to start.
A pair of U.S. senators wants to know how the government is tracking and responding to hackers’ use of AI platforms to conduct cyberattacks.
Lawmakers question White House on strategy for countering AI-fueled hacks
The Trump administration has said little about how it will prevent hackers from abusing AI.
www.cybersecuritydive.com
December 5, 2025 at 9:51 PM
A pair of U.S. senators wants to know how the government is tracking and responding to hackers’ use of AI platforms to conduct cyberattacks.
The year-end retail surge strains factories and logistics, but an influx of temporary staff can expose identity and access control gaps.
Cybersecurity in Manufacturing: Are Seasonal Hires a Risk?
The year-end retail surge strains factories and logistics, but an influx of temporary staff can expose identity and access control gaps
manufacturingdigital.com
December 5, 2025 at 7:39 PM
The year-end retail surge strains factories and logistics, but an influx of temporary staff can expose identity and access control gaps.
As a new AI-powered Web browser brings agentics closer to the masses, questions remain regarding whether prompt injections, the signature LLM attack type, could get even worse.
Prompt Injections Loom Large Over ChatGPT Atlas Browser
It's the law of unintended consequences: equipping browsers with agentic AI opens the door to an exponential volume of prompt injections.
www.darkreading.com
December 3, 2025 at 7:39 PM
As a new AI-powered Web browser brings agentics closer to the masses, questions remain regarding whether prompt injections, the signature LLM attack type, could get even worse.
AI autonomy has redrawn the security battlefield. What was once human-versus-human is now AI-versus-AI, with both attackers and defenders wielding machine power. The surge in vulnerabilities—from prompt injections to model exploits—demands a renewed focus on offensive security.
AI Autonomy Demands a New Security Playbook - CPO Magazine
AI autonomy has redrawn the security battlefield. What was once human versus human is now AI against AI, with both attackers and defenders wielding machine power.
www.cpomagazine.com
December 3, 2025 at 4:16 PM
AI autonomy has redrawn the security battlefield. What was once human-versus-human is now AI-versus-AI, with both attackers and defenders wielding machine power. The surge in vulnerabilities—from prompt injections to model exploits—demands a renewed focus on offensive security.
Advanced fraud attacks surged 180% in 2025 as cyber scammers used generative AI to churn out flawless IDs, deepfakes, and autonomous bots at levels never before seen.
Digital Fraud at Industrial Scale: 2025 Wasn't Great
Advanced fraud surged 180% in 2025 as cyber scammers used GenAI to churn out flawless IDs, deepfakes, and autonomous bots at levels never before seen.
www.darkreading.com
December 3, 2025 at 2:58 PM
Advanced fraud attacks surged 180% in 2025 as cyber scammers used generative AI to churn out flawless IDs, deepfakes, and autonomous bots at levels never before seen.