Mathew J Schwartz
@mathewjschwartz.bsky.social
Cybersecurity reporter
Why microsegmentation still remains just a dream for many IT teams www.databreachtoday.com/microsegment...
Why Microsegmentation Is Just a Dream for Many IT Teams
Microsegmentation has long been touted as the gold standard for restricting lateral movement by hackers. It helps lock down network traffic and reduces the blast
www.databreachtoday.com
November 10, 2025 at 2:15 PM
Why microsegmentation still remains just a dream for many IT teams www.databreachtoday.com/microsegment...
Federally qualified New Jersey medical firm that runs health centers for schools reports ransomware breach www.databreachtoday.com/federally-qu...
Federally Qualified Health Center Reports Ransomware Breach
Central Jersey Medical Center, a federally qualified health center that partners with public schools in Newark, New Jersey, is notifying an undisclosed number of
www.databreachtoday.com
November 8, 2025 at 2:28 PM
Federally qualified New Jersey medical firm that runs health centers for schools reports ransomware breach www.databreachtoday.com/federally-qu...
Nevada state hackers reportedly evaded detection for months, breaching 60 agencies before unleashing ransomware www.databreachtoday.com/report-nevad...
Report: Nevada State Hackers Evaded Detection for Months
A threat actor infiltrated Nevada’s statewide systems undetected for months, ultimately disrupting at least 60 agencies by deleting backups and launching
www.databreachtoday.com
November 8, 2025 at 11:19 AM
Nevada state hackers reportedly evaded detection for months, breaching 60 agencies before unleashing ransomware www.databreachtoday.com/report-nevad...
Longer conversations can break AI safety filters, since open-weight language models can apparently say "no" only for so long. Their safety filters break down when pushed through longer conversations, exposing flaws that one-shot tests fail to catch.
www.databreachtoday.com/longer-conve...
www.databreachtoday.com/longer-conve...
Longer Conversations Can Break AI Safety Filters
Open-weight language models can say "no" only for so long. Their safety filters break down when pushed through longer conversations, exposing flaws that
www.databreachtoday.com
November 8, 2025 at 8:52 AM
Longer conversations can break AI safety filters, since open-weight language models can apparently say "no" only for so long. Their safety filters break down when pushed through longer conversations, exposing flaws that one-shot tests fail to catch.
www.databreachtoday.com/longer-conve...
www.databreachtoday.com/longer-conve...
Weekly Data Breach Roundup
—UPenn suffers email breach
—Australian police bust 55 suspects in new round of Anom chat app arrests
—Hackers stole trucking cargo
—Ukrainian extradited over Conti ransomware allegations
—Supply chain risk: Advanced Installer tool
www.databreachtoday.com/breach-round...
—UPenn suffers email breach
—Australian police bust 55 suspects in new round of Anom chat app arrests
—Hackers stole trucking cargo
—Ukrainian extradited over Conti ransomware allegations
—Supply chain risk: Advanced Installer tool
www.databreachtoday.com/breach-round...
Breach Roundup: UPenn Hit by Email Breach
This week: UPenn hit by email breach, Australian police arrested 55, 'SesameOp' backdoor hid C2 traffic, BEC scammers used AWS, hackers stole trucking cargo,
www.databreachtoday.com
November 7, 2025 at 5:44 PM
Weekly Data Breach Roundup
—UPenn suffers email breach
—Australian police bust 55 suspects in new round of Anom chat app arrests
—Hackers stole trucking cargo
—Ukrainian extradited over Conti ransomware allegations
—Supply chain risk: Advanced Installer tool
www.databreachtoday.com/breach-round...
—UPenn suffers email breach
—Australian police bust 55 suspects in new round of Anom chat app arrests
—Hackers stole trucking cargo
—Ukrainian extradited over Conti ransomware allegations
—Supply chain risk: Advanced Installer tool
www.databreachtoday.com/breach-round...
Weekly Cryptohack Roundup:
—Europol's $692 million fraud network bust
—Sam Bankman-Fried appeals conviction
—PHP exploits fueled cryptomining campaigns
—Sentencing set for Samourai Wallet founders
www.databreachtoday.com/cryptohack-r...
—Europol's $692 million fraud network bust
—Sam Bankman-Fried appeals conviction
—PHP exploits fueled cryptomining campaigns
—Sentencing set for Samourai Wallet founders
www.databreachtoday.com/cryptohack-r...
Cryptohack Roundup: Europol Busts 600M Euro Fraud Network
Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, Europol's 600 million euro fraud network bust, Sam
www.databreachtoday.com
November 7, 2025 at 2:28 PM
Weekly Cryptohack Roundup:
—Europol's $692 million fraud network bust
—Sam Bankman-Fried appeals conviction
—PHP exploits fueled cryptomining campaigns
—Sentencing set for Samourai Wallet founders
www.databreachtoday.com/cryptohack-r...
—Europol's $692 million fraud network bust
—Sam Bankman-Fried appeals conviction
—PHP exploits fueled cryptomining campaigns
—Sentencing set for Samourai Wallet founders
www.databreachtoday.com/cryptohack-r...
Another cybersecurity vendor is planning to dive into the still waters of an initial public offering. www.databreachtoday.com/armis-gets-4...
Armis Gets $435M Pre-IPO Funding to Grow Exposure Management
Another cybersecurity vendor is planning to dive into the still waters of an initial public offering. Cyber exposure management firm Armis dipped its toe in the
www.databreachtoday.com
November 7, 2025 at 11:19 AM
Another cybersecurity vendor is planning to dive into the still waters of an initial public offering. www.databreachtoday.com/armis-gets-4...
Augmented cyber assists for an AI win? AI-assisted analysts complete investigations up to 61% faster and with higher accuracy than all-manual teams, finds a new Cloud Security Alliance study. www.databreachtoday.com/ai-soc-agent...
AI SOC Agents Slash Alert Response Time, Study Shows
Security operations centers face mounting pressure to work faster without sacrificing investigative quality. A new Cloud Security Alliance study shows AI-assisted
www.databreachtoday.com
November 7, 2025 at 8:52 AM
Augmented cyber assists for an AI win? AI-assisted analysts complete investigations up to 61% faster and with higher accuracy than all-manual teams, finds a new Cloud Security Alliance study. www.databreachtoday.com/ai-soc-agent...
US prosecutors spy malicious cyber insiders: Three former employees of two cybersecurity firms stand accused of using AlphV/BlackCat ransomware in a conspiracy to extort five firms, including three healthcare organizations. www.databreachtoday.com/2-ex-cyber-s...
2 Ex-Cyber Specialists Indicted for Alleged BlackCat Attacks
Three former employees of two cybersecurity firms stand accused of using BlackCat ransomware in a conspiracy to extort five U.S. companies, including three in the
www.databreachtoday.com
November 6, 2025 at 5:44 PM
US prosecutors spy malicious cyber insiders: Three former employees of two cybersecurity firms stand accused of using AlphV/BlackCat ransomware in a conspiracy to extort five firms, including three healthcare organizations. www.databreachtoday.com/2-ex-cyber-s...
Russia's destructive wiper malware attacks on Ukraine rise again www.databreachtoday.com/russias-dest...
Russia's Destructive Wiper Attacks on Ukraine Rise Again
Russia's nation-state hacking groups have returned to pummeling Ukrainian targets with destructive, wiper malware, including in apparent attempts to disrupt its
www.databreachtoday.com
November 6, 2025 at 5:34 PM
Russia's destructive wiper malware attacks on Ukraine rise again www.databreachtoday.com/russias-dest...
Nation-state hackers abusing malicious shortcut files in Windows? (B)lnk twice if you've heard this one before … www.databreachtoday.com/unpatched-wi...
Unpatched Windows Flaw a Boon for Nation-State Hackers
Chinese nation-state hackers are exploiting a Windows vulnerability to hack European diplomatic outposts, say security researchers - but operating system giant
www.databreachtoday.com
November 6, 2025 at 2:28 PM
Nation-state hackers abusing malicious shortcut files in Windows? (B)lnk twice if you've heard this one before … www.databreachtoday.com/unpatched-wi...
Surveillance state: A Department of Homeland Security move to broaden an immigration verification database into a voter verification tool could expose sensitive information to security threats. www.databreachtoday.com/immigration-...
Immigration Database Pressed by DHS Into Voter Verification
A Department of Homeland Security move to broaden an immigration verification database into a voter verification tool could expose sensitive information to security
www.databreachtoday.com
November 6, 2025 at 11:19 AM
Surveillance state: A Department of Homeland Security move to broaden an immigration verification database into a voter verification tool could expose sensitive information to security threats. www.databreachtoday.com/immigration-...
The scale of all the email addresses and passwords being exposed in breaches is complicating efforts to index it all when it leaks, and directly notify affected victims (with a big hat tip to Have I Been Pwned for the great work it does) www.troyhunt.com/2-billion-em...
2 Billion Email Addresses Were Exposed, and We Indexed Them All in Have I Been Pwned
I hate hyperbolic news headlines about data breaches, but for the "2 Billion Email Addresses" headline to be hyperbolic, it'd need to be exaggerated or overstated - and it isn't. It's rounded up from…
www.troyhunt.com
November 6, 2025 at 9:41 AM
The scale of all the email addresses and passwords being exposed in breaches is complicating efforts to index it all when it leaks, and directly notify affected victims (with a big hat tip to Have I Been Pwned for the great work it does) www.troyhunt.com/2-billion-em...
Police bust 18 suspects as part of a global crackdown targeting three money-laundering fraudster networks suspected of using millions of cardholders' stolen data to sign them up to fake dating, pornography and streaming sites that billed monthly. www.bankinfosecurity.com/cops-cuff-18...
Cops Cuff 18 Suspects Over $345M Credit Card Fraud Scheme
Police have arrested 18 suspects as part of a global crackdown targeting fraud and money laundering networks tied to the theft of $345 million by using 4.3 million
www.bankinfosecurity.com
November 5, 2025 at 5:44 PM
Police bust 18 suspects as part of a global crackdown targeting three money-laundering fraudster networks suspected of using millions of cardholders' stolen data to sign them up to fake dating, pornography and streaming sites that billed monthly. www.bankinfosecurity.com/cops-cuff-18...
Bugcrowd purchases Mayhem to expand application security testing platform www.databreachtoday.com/bugcrowd-pur...
Bugcrowd Purchases Mayhem to Expand AppSec Testing Platform
Bugcrowd acquired Mayhem Security to integrate automated application testing with human-led testing capabilities. The company plans to embed Pittsburgh-based
www.databreachtoday.com
November 5, 2025 at 5:44 PM
Bugcrowd purchases Mayhem to expand application security testing platform www.databreachtoday.com/bugcrowd-pur...
Reposted by Mathew J Schwartz
There's some really big caveats to this. A thread.
New: Google says it has discovered at least 5 malware families that use AI to rewrite their code and generate new capabilities on the fly, suggesting AI-powered malware is finally starting to take off. cloud.google.com/blog/topics/...
Report also has interesting stories about state actors' AI use.
Report also has interesting stories about state actors' AI use.
November 5, 2025 at 3:52 PM
There's some really big caveats to this. A thread.
Post-hack attack lawsuits and investigations are piling up for business process outsourcing firm Conduent after it suffered the biggest known data breach (so far) of 2025, affecting 10.5 million individuals.
www.databreachtoday.com/lawsuits-inv...
www.databreachtoday.com/lawsuits-inv...
Lawsuits, Investigations Piling Up in Conduent Hack
Proposed federal class action litigation and various investigations are piling up against Conduent Business Solutions following its recent public disclosure that an
www.databreachtoday.com
November 5, 2025 at 2:28 PM
Post-hack attack lawsuits and investigations are piling up for business process outsourcing firm Conduent after it suffered the biggest known data breach (so far) of 2025, affecting 10.5 million individuals.
www.databreachtoday.com/lawsuits-inv...
www.databreachtoday.com/lawsuits-inv...
'It's been a mess': US government shutdown continues to slow federal response to F5 hack www.govinfosecurity.com/its-been-mes...
'It's Been a Mess': Shutdown Slows Federal F5 Hack Response
Current and former federal officials tell Information Security Media Group furloughs and leadership gaps across the federal cyber ecosystem have hindered the U.S.
www.govinfosecurity.com
November 5, 2025 at 11:19 AM
'It's been a mess': US government shutdown continues to slow federal response to F5 hack www.govinfosecurity.com/its-been-mes...
Cloud identity exposure is a fast-rising cybersecurity "critical point of failure," as attackers continue to obtain and exploit cloud credentials and pivot inside victims' networks thanks to "over-permissioning," experts warn www.databreachtoday.com/cloud-identi...
Cloud Identity Exposure Is 'a Critical Point of Failure'
Attackers keep hammering cloud-based identities to help them bypass endpoint and network defenses, logging in using inadvertently exposed credentials - or ones
www.databreachtoday.com
November 5, 2025 at 9:40 AM
Cloud identity exposure is a fast-rising cybersecurity "critical point of failure," as attackers continue to obtain and exploit cloud credentials and pivot inside victims' networks thanks to "over-permissioning," experts warn www.databreachtoday.com/cloud-identi...
Loss-making OpenAI added to a string deals with a $38 billion commitment on Monday to using compute resources provided by Amazon Web Services. The AI giant said AWS will build out server clusters using Nvidia flagship Blackwell chips for the next seven years. www.databreachtoday.com/openai-signs...
OpenAI Signs $38B Deal With Amazon for Compute
Loss-making OpenAI added to a string of deals with a $38 billion commitment on Monday to using compute resources provided by Amazon Web Services. The AI giant said
www.databreachtoday.com
November 4, 2025 at 11:25 AM
Loss-making OpenAI added to a string deals with a $38 billion commitment on Monday to using compute resources provided by Amazon Web Services. The AI giant said AWS will build out server clusters using Nvidia flagship Blackwell chips for the next seven years. www.databreachtoday.com/openai-signs...
Cyberattacks: Nation-state, cyber and hacktivist threats pummel Europe, with adversaries especially targeting identity and cloud stacks to find new ways in, experts warn www.databreachtoday.com/nation-state...
Nation-State, Cyber and Hacktivist Threats Pummel Europe
Cyberattacks targeting European organizations continue to shape and be shaped by geopolitical events, whether they involve nation-state hackers, financially
www.databreachtoday.com
November 4, 2025 at 10:37 AM
Cyberattacks: Nation-state, cyber and hacktivist threats pummel Europe, with adversaries especially targeting identity and cloud stacks to find new ways in, experts warn www.databreachtoday.com/nation-state...
Denmark is withdrawing a proposal that would have required online service providers to scan communications and files on user devices for child sexual abuse material after domestic and international opposition.
www.databreachtoday.com/denmark-with...
www.databreachtoday.com/denmark-with...
Denmark Withdraws Chat Control Proposal Amid Controversy
Denmark withdrawing a proposal that would have required online service providers to scan communications and files on user devices for child sexual abuse material
www.databreachtoday.com
November 3, 2025 at 2:28 PM
Denmark is withdrawing a proposal that would have required online service providers to scan communications and files on user devices for child sexual abuse material after domestic and international opposition.
www.databreachtoday.com/denmark-with...
www.databreachtoday.com/denmark-with...
A nation-state threat actor carried out a supply chain attack targeting Ribbon Communications, a leading U.S. provider of telecom and networking infrastructure, and may have maintained access within its systems for nearly a year. www.databreachtoday.com/nation-state...
Nation-State Breach Hits Ribbon Communications
A nation-state threat actor carried out a supply chain attack targeting Ribbon Communications, a leading U.S. provider of telecom and networking infrastructure, and
www.databreachtoday.com
November 3, 2025 at 11:19 AM
A nation-state threat actor carried out a supply chain attack targeting Ribbon Communications, a leading U.S. provider of telecom and networking infrastructure, and may have maintained access within its systems for nearly a year. www.databreachtoday.com/nation-state...
Want to avoid North Korean IT worker scammers/hackers infiltrating your workplace? Attorney Jonathan Armstrong offers must-have strategies for blocking them, from better vetting of Job Applicants, red flags to beware and required compliance checks.
www.databreachtoday.com/how-to-block...
www.databreachtoday.com/how-to-block...
How to Block North Korean IT Worker Scams in Remote Hiring
North Korean operatives are using fake identities and remote job listings to bypass sanctions and infiltrate companies. But employers can avoid becoming unwitting
www.databreachtoday.com
November 1, 2025 at 5:44 PM
Want to avoid North Korean IT worker scammers/hackers infiltrating your workplace? Attorney Jonathan Armstrong offers must-have strategies for blocking them, from better vetting of Job Applicants, red flags to beware and required compliance checks.
www.databreachtoday.com/how-to-block...
www.databreachtoday.com/how-to-block...
Planning for cyber chaos: Hospitals urged to focus on resilience
www.databreachtoday.com/planning-for...
www.databreachtoday.com/planning-for...
Planning for Cyber Chaos: Healthcare's Resilience Test
When a hospital, healthcare system or one of their critical third-party vendors is hit with a ransomware attack, all hell can break loose quickly. That can mean
www.databreachtoday.com
November 1, 2025 at 2:28 PM
Planning for cyber chaos: Hospitals urged to focus on resilience
www.databreachtoday.com/planning-for...
www.databreachtoday.com/planning-for...