Mathew J Schwartz
@mathewjschwartz.bsky.social
Cybersecurity reporter
Major U.S. banks are assessing their exposure to a cybersecurity incident at real estate financial technology company SitusAMC, which disclosed Saturday that a breach may have affected client data. www.databreachtoday.com/major-us-ban...
Major US Banks Gauge Their Exposure to SitusAMC Breach
Major U.S. banks are assessing their exposure to a cybersecurity incident at real estate financial technology company SitusAMC, which disclosed Saturday that a
www.databreachtoday.com
November 25, 2025 at 5:44 PM
Major U.S. banks are assessing their exposure to a cybersecurity incident at real estate financial technology company SitusAMC, which disclosed Saturday that a breach may have affected client data. www.databreachtoday.com/major-us-ban...
Salesforce details supply chain attack targeting Gainsight, as cybercrime group ShinyHunters claims to steal data from 300 organizations www.databreachtoday.com/salesforce-d...
Salesforce Details Supply Chain Attack Targeting Gainsight
The attack that targeted customer data management tool Gainsight resulted in the theft of information from approximately 300 Salesforce-using firms, the Scattered
www.databreachtoday.com
November 25, 2025 at 2:28 PM
Salesforce details supply chain attack targeting Gainsight, as cybercrime group ShinyHunters claims to steal data from 300 organizations www.databreachtoday.com/salesforce-d...
Warnings sounded in United States that recent move by Federal Communications Commission scraps one of its few enforceable cybersecurity tools for the telecom sector.
www.databreachtoday.com/us-fcc-scrap...
www.databreachtoday.com/us-fcc-scrap...
US FCC Scraps CALEA Move, Raising Telecom Security Fears
The U.S. FCC's move to scrap its short-lived interpretation of the Communications Assistance for Law Enforcement Act - the 1994 statute known as CALEA - sparked
www.databreachtoday.com
November 25, 2025 at 11:19 AM
Warnings sounded in United States that recent move by Federal Communications Commission scraps one of its few enforceable cybersecurity tools for the telecom sector.
www.databreachtoday.com/us-fcc-scrap...
www.databreachtoday.com/us-fcc-scrap...
Cisco is vowing to step up warnings to customers who insecurely configure its equipment. Its devices have been at the forefront of hacking campaigns launched by Chinese nation-state attackers against telecoms, resulting in wide-ranging breaches. www.databreachtoday.com/cisco-pledge...
Cisco Pledges More Security in Network Equipment
Cisco says it will proactively alert network administrators when insecure configurations are detected and will eventually disable insecure features by default. The
www.databreachtoday.com
November 24, 2025 at 2:28 PM
Cisco is vowing to step up warnings to customers who insecurely configure its equipment. Its devices have been at the forefront of hacking campaigns launched by Chinese nation-state attackers against telecoms, resulting in wide-ranging breaches. www.databreachtoday.com/cisco-pledge...
Hardware hackers gathering at the latest Hardwear[.]io conference in Amsterdam urge vendor engagement for security success, highlighting the upside of bug bounties both public and private, as well as getting devices into researchers' hands. www.databreachtoday.com/hardware-hac...
Hardware Hackers Urge Vendor Engagement for Security Success
As fresh vulnerabilities in hardware keep coming to light, one question remains: What vendors can do to better prevent, identify and eradiate flaws? One shortlist
www.databreachtoday.com
November 24, 2025 at 11:19 AM
Hardware hackers gathering at the latest Hardwear[.]io conference in Amsterdam urge vendor engagement for security success, highlighting the upside of bug bounties both public and private, as well as getting devices into researchers' hands. www.databreachtoday.com/hardware-hac...
Weekly Cryptohack Roundup
— Samourai Wallet founders and Oklahoma Crypto CEO sentenced
—Obama Twitter account hacker ordered to forfeit $5.3 million
—Chicago crypto ATM CEO charged
—White House reviewing proposed rule to expand crypto oversight by IRS
www.databreachtoday.com/cryptohack-r...
— Samourai Wallet founders and Oklahoma Crypto CEO sentenced
—Obama Twitter account hacker ordered to forfeit $5.3 million
—Chicago crypto ATM CEO charged
—White House reviewing proposed rule to expand crypto oversight by IRS
www.databreachtoday.com/cryptohack-r...
Cryptohack Roundup: Samourai Execs, Crypto CEO Sentenced
Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, Samourai Wallet founders and Oklahoma Crypto CEO sentenced, Obama Twitter hacker
www.databreachtoday.com
November 21, 2025 at 5:44 PM
Weekly Cryptohack Roundup
— Samourai Wallet founders and Oklahoma Crypto CEO sentenced
—Obama Twitter account hacker ordered to forfeit $5.3 million
—Chicago crypto ATM CEO charged
—White House reviewing proposed rule to expand crypto oversight by IRS
www.databreachtoday.com/cryptohack-r...
— Samourai Wallet founders and Oklahoma Crypto CEO sentenced
—Obama Twitter account hacker ordered to forfeit $5.3 million
—Chicago crypto ATM CEO charged
—White House reviewing proposed rule to expand crypto oversight by IRS
www.databreachtoday.com/cryptohack-r...
Weekly Data Breach Roundup
—Root cause of the Cloudflare outage: bot management system
—Fortinet sees exploits of FortiWeb flaws
—Logitech discloses breach
—Microsoft repels record-breaking DDoS attack
—Dutch police seize bulletproof hosting servers
www.databreachtoday.com/breach-round...
—Root cause of the Cloudflare outage: bot management system
—Fortinet sees exploits of FortiWeb flaws
—Logitech discloses breach
—Microsoft repels record-breaking DDoS attack
—Dutch police seize bulletproof hosting servers
www.databreachtoday.com/breach-round...
Breach Roundup: Cloudflare Outage Root Cause
This week, the root cause of the Cloudflare outage, active exploitation of Fortinet flaws, Logitech disclosed a data breach, Microsoft headed off a record-breaking
www.databreachtoday.com
November 21, 2025 at 2:28 PM
Weekly Data Breach Roundup
—Root cause of the Cloudflare outage: bot management system
—Fortinet sees exploits of FortiWeb flaws
—Logitech discloses breach
—Microsoft repels record-breaking DDoS attack
—Dutch police seize bulletproof hosting servers
www.databreachtoday.com/breach-round...
—Root cause of the Cloudflare outage: bot management system
—Fortinet sees exploits of FortiWeb flaws
—Logitech discloses breach
—Microsoft repels record-breaking DDoS attack
—Dutch police seize bulletproof hosting servers
www.databreachtoday.com/breach-round...
Shine a light: How infrared imaging features in hardware hacker Andrew 'Bunnie' Huang's plans for achieving 'higher assurance silicon' www.databreachtoday.com/shine-light-... #hardwear
Shine a Light: Infrared Imaging for Hardware Assurance
Attackers tampering with microchips after they've left the factory but before they get deployed by end users remains a long-running hardware security challenge.
www.databreachtoday.com
November 21, 2025 at 11:19 AM
Shine a light: How infrared imaging features in hardware hacker Andrew 'Bunnie' Huang's plans for achieving 'higher assurance silicon' www.databreachtoday.com/shine-light-... #hardwear
Business email compromise attacks persist as malicious actors refine their tactics
www.databreachtoday.com/business-ema...
www.databreachtoday.com/business-ema...
Business Email Compromise Persists as Actors Refine Tactics
BEC is still one of the most active and costly forms of cybercrime. Using phishing and social engineering, threat actors abuse employee's trust as an entry point.
www.databreachtoday.com
November 19, 2025 at 1:15 PM
Business email compromise attacks persist as malicious actors refine their tactics
www.databreachtoday.com/business-ema...
www.databreachtoday.com/business-ema...
Security gap in US National Institutes of Health's genomics project flagged by inspector general www.databreachtoday.com/inspector-ge...
Inspector General Flags Security Gap in NIH Genomics Project
The sensitive health and genomics data of 1 million Americans used by a National Institutes of Health research project could be at risk for access or theft by bad
www.databreachtoday.com
November 19, 2025 at 11:19 AM
Security gap in US National Institutes of Health's genomics project flagged by inspector general www.databreachtoday.com/inspector-ge...
Google sues operators of Lighthouse SMS phishing (aka smishing) campaign, which has snared over 1 million victims globally
www.databreachtoday.com/google-sues-...
www.databreachtoday.com/google-sues-...
Google Sues Operators of Lighthouse Smishing Campaign
Tech giant Google sued the Chinese-speaking operators of a phishing-as-a-service operation in what it hopes will be a first step to deterring the prolific service
www.databreachtoday.com
November 19, 2025 at 8:52 AM
Google sues operators of Lighthouse SMS phishing (aka smishing) campaign, which has snared over 1 million victims globally
www.databreachtoday.com/google-sues-...
www.databreachtoday.com/google-sues-...
US government says its "Scam Center Strike Force" is targeting scam centers operating from Southeast Asian, tied to romance and cryptocurrency investment scams.
www.databreachtoday.com/us-strike-fo...
www.databreachtoday.com/us-strike-fo...
US Strike Force Takes Aim at Southeast Asian Scam Centers
The U.S. Attorney for the District of Columbia announced the launch of the Scam Center Strike Force to dismantle criminal networks behind romance bait scams. The
www.databreachtoday.com
November 18, 2025 at 5:44 PM
US government says its "Scam Center Strike Force" is targeting scam centers operating from Southeast Asian, tied to romance and cryptocurrency investment scams.
www.databreachtoday.com/us-strike-fo...
www.databreachtoday.com/us-strike-fo...
Costs arising from the hack of automaker Jaguar Land Rover: $260 million (carmaker), $2.5 billion (British economy).
www.databreachtoday.com/jaguar-land-...
www.databreachtoday.com/jaguar-land-...
Jaguar Land Rover Hack Cost $260 Million
The September cyberattack on Jaguar Land Rover resulted in a company loss of roughly $260 million, the British carmaker reported Friday while also announcing a
www.databreachtoday.com
November 18, 2025 at 2:28 PM
Costs arising from the hack of automaker Jaguar Land Rover: $260 million (carmaker), $2.5 billion (British economy).
www.databreachtoday.com/jaguar-land-...
www.databreachtoday.com/jaguar-land-...
Hacker holiday gone wrong? Acting on FBI tip, Thailand detains suspected Russian hacker. The suspect may be a military intelligence officer indicted by U.S. for 2016 election interference. www.databreachtoday.com/acting-on-fb...
Acting on FBI Tip, Thailand Detains Suspected Russian Hacker
Police in Thailand have arrested a Russian citizen suspected of launching hack attacks against targets around the world, who's wanted by the FBI. While the suspect
www.databreachtoday.com
November 18, 2025 at 11:19 AM
Hacker holiday gone wrong? Acting on FBI tip, Thailand detains suspected Russian hacker. The suspect may be a military intelligence officer indicted by U.S. for 2016 election interference. www.databreachtoday.com/acting-on-fb...
Recent Cryptohack News Roundup:
—Sentenced: "Bitcoin Queen," and Samourai Wallet co-founder Keonne Rodriguez
—Coinbase's 21 million euro fine
—Mistrial in $25 million Ethereum exploit case
—China accuses the U.S. government of perpetrating crypto heist.
www.databreachtoday.com/cryptohack-r...
—Sentenced: "Bitcoin Queen," and Samourai Wallet co-founder Keonne Rodriguez
—Coinbase's 21 million euro fine
—Mistrial in $25 million Ethereum exploit case
—China accuses the U.S. government of perpetrating crypto heist.
www.databreachtoday.com/cryptohack-r...
Cryptohack Roundup: 'Bitcoin Queen' Sentenced in Fraud Case
This week, "Bitcoin Queen" sentenced, as was Samourai Wallet co-founder Keonne Rodriguez, Balancer hack post-mortem, Coinbase's 21 million euro fine,
www.databreachtoday.com
November 17, 2025 at 2:28 PM
Recent Cryptohack News Roundup:
—Sentenced: "Bitcoin Queen," and Samourai Wallet co-founder Keonne Rodriguez
—Coinbase's 21 million euro fine
—Mistrial in $25 million Ethereum exploit case
—China accuses the U.S. government of perpetrating crypto heist.
www.databreachtoday.com/cryptohack-r...
—Sentenced: "Bitcoin Queen," and Samourai Wallet co-founder Keonne Rodriguez
—Coinbase's 21 million euro fine
—Mistrial in $25 million Ethereum exploit case
—China accuses the U.S. government of perpetrating crypto heist.
www.databreachtoday.com/cryptohack-r...
Reposted by Mathew J Schwartz
Good for Checkout[.]com
“Last week, we were targeted by a criminal extortion attempt. The attackers gained access to a legacy, third-party cloud file storage system.
…
We are donating the ransom amount to fund cybercrime research.”
“Last week, we were targeted by a criminal extortion attempt. The attackers gained access to a legacy, third-party cloud file storage system.
…
We are donating the ransom amount to fund cybercrime research.”
Protecting our Merchants: Standing up to Extortion
Our statement detailing an incident concerning a legacy system. We outline our commitment to transparency, accountability, and planned investment in cyber security research.
www.checkout.com
November 14, 2025 at 8:12 PM
Good for Checkout[.]com
“Last week, we were targeted by a criminal extortion attempt. The attackers gained access to a legacy, third-party cloud file storage system.
…
We are donating the ransom amount to fund cybercrime research.”
“Last week, we were targeted by a criminal extortion attempt. The attackers gained access to a legacy, third-party cloud file storage system.
…
We are donating the ransom amount to fund cybercrime research.”
Speculative execution: Check out my interview with Mathé Hertogh, part of the team behind 'L1TF Reloaded,' which earned them a record bug bounty from Google Cloud, due to the exploit being able to grab data from any virtual machine on a vulnerable server.
www.databreachtoday.com/speculative-...
www.databreachtoday.com/speculative-...
Speculative Execution: 'L1TF Reloaded' Garners Record Bounty
Speculative execution vulnerabilities, involving CPUs that leak sensitive data through their memory cache, remain a cloud services risk, as proven by Google Cloud
www.databreachtoday.com
November 17, 2025 at 11:19 AM
Speculative execution: Check out my interview with Mathé Hertogh, part of the team behind 'L1TF Reloaded,' which earned them a record bug bounty from Google Cloud, due to the exploit being able to grab data from any virtual machine on a vulnerable server.
www.databreachtoday.com/speculative-...
www.databreachtoday.com/speculative-...
Why microsegmentation still remains just a dream for many IT teams www.databreachtoday.com/microsegment...
Why Microsegmentation Is Just a Dream for Many IT Teams
Microsegmentation has long been touted as the gold standard for restricting lateral movement by hackers. It helps lock down network traffic and reduces the blast
www.databreachtoday.com
November 10, 2025 at 2:15 PM
Why microsegmentation still remains just a dream for many IT teams www.databreachtoday.com/microsegment...
Federally qualified New Jersey medical firm that runs health centers for schools reports ransomware breach www.databreachtoday.com/federally-qu...
Federally Qualified Health Center Reports Ransomware Breach
Central Jersey Medical Center, a federally qualified health center that partners with public schools in Newark, New Jersey, is notifying an undisclosed number of
www.databreachtoday.com
November 8, 2025 at 2:28 PM
Federally qualified New Jersey medical firm that runs health centers for schools reports ransomware breach www.databreachtoday.com/federally-qu...
Nevada state hackers reportedly evaded detection for months, breaching 60 agencies before unleashing ransomware www.databreachtoday.com/report-nevad...
Report: Nevada State Hackers Evaded Detection for Months
A threat actor infiltrated Nevada’s statewide systems undetected for months, ultimately disrupting at least 60 agencies by deleting backups and launching
www.databreachtoday.com
November 8, 2025 at 11:19 AM
Nevada state hackers reportedly evaded detection for months, breaching 60 agencies before unleashing ransomware www.databreachtoday.com/report-nevad...
Longer conversations can break AI safety filters, since open-weight language models can apparently say "no" only for so long. Their safety filters break down when pushed through longer conversations, exposing flaws that one-shot tests fail to catch.
www.databreachtoday.com/longer-conve...
www.databreachtoday.com/longer-conve...
Longer Conversations Can Break AI Safety Filters
Open-weight language models can say "no" only for so long. Their safety filters break down when pushed through longer conversations, exposing flaws that
www.databreachtoday.com
November 8, 2025 at 8:52 AM
Longer conversations can break AI safety filters, since open-weight language models can apparently say "no" only for so long. Their safety filters break down when pushed through longer conversations, exposing flaws that one-shot tests fail to catch.
www.databreachtoday.com/longer-conve...
www.databreachtoday.com/longer-conve...
Weekly Data Breach Roundup
—UPenn suffers email breach
—Australian police bust 55 suspects in new round of Anom chat app arrests
—Hackers stole trucking cargo
—Ukrainian extradited over Conti ransomware allegations
—Supply chain risk: Advanced Installer tool
www.databreachtoday.com/breach-round...
—UPenn suffers email breach
—Australian police bust 55 suspects in new round of Anom chat app arrests
—Hackers stole trucking cargo
—Ukrainian extradited over Conti ransomware allegations
—Supply chain risk: Advanced Installer tool
www.databreachtoday.com/breach-round...
Breach Roundup: UPenn Hit by Email Breach
This week: UPenn hit by email breach, Australian police arrested 55, 'SesameOp' backdoor hid C2 traffic, BEC scammers used AWS, hackers stole trucking cargo,
www.databreachtoday.com
November 7, 2025 at 5:44 PM
Weekly Data Breach Roundup
—UPenn suffers email breach
—Australian police bust 55 suspects in new round of Anom chat app arrests
—Hackers stole trucking cargo
—Ukrainian extradited over Conti ransomware allegations
—Supply chain risk: Advanced Installer tool
www.databreachtoday.com/breach-round...
—UPenn suffers email breach
—Australian police bust 55 suspects in new round of Anom chat app arrests
—Hackers stole trucking cargo
—Ukrainian extradited over Conti ransomware allegations
—Supply chain risk: Advanced Installer tool
www.databreachtoday.com/breach-round...
Weekly Cryptohack Roundup:
—Europol's $692 million fraud network bust
—Sam Bankman-Fried appeals conviction
—PHP exploits fueled cryptomining campaigns
—Sentencing set for Samourai Wallet founders
www.databreachtoday.com/cryptohack-r...
—Europol's $692 million fraud network bust
—Sam Bankman-Fried appeals conviction
—PHP exploits fueled cryptomining campaigns
—Sentencing set for Samourai Wallet founders
www.databreachtoday.com/cryptohack-r...
Cryptohack Roundup: Europol Busts 600M Euro Fraud Network
Every week, Information Security Media Group rounds up cybersecurity incidents in digital assets. This week, Europol's 600 million euro fraud network bust, Sam
www.databreachtoday.com
November 7, 2025 at 2:28 PM
Weekly Cryptohack Roundup:
—Europol's $692 million fraud network bust
—Sam Bankman-Fried appeals conviction
—PHP exploits fueled cryptomining campaigns
—Sentencing set for Samourai Wallet founders
www.databreachtoday.com/cryptohack-r...
—Europol's $692 million fraud network bust
—Sam Bankman-Fried appeals conviction
—PHP exploits fueled cryptomining campaigns
—Sentencing set for Samourai Wallet founders
www.databreachtoday.com/cryptohack-r...
Another cybersecurity vendor is planning to dive into the still waters of an initial public offering. www.databreachtoday.com/armis-gets-4...
Armis Gets $435M Pre-IPO Funding to Grow Exposure Management
Another cybersecurity vendor is planning to dive into the still waters of an initial public offering. Cyber exposure management firm Armis dipped its toe in the
www.databreachtoday.com
November 7, 2025 at 11:19 AM
Another cybersecurity vendor is planning to dive into the still waters of an initial public offering. www.databreachtoday.com/armis-gets-4...
Augmented cyber assists for an AI win? AI-assisted analysts complete investigations up to 61% faster and with higher accuracy than all-manual teams, finds a new Cloud Security Alliance study. www.databreachtoday.com/ai-soc-agent...
AI SOC Agents Slash Alert Response Time, Study Shows
Security operations centers face mounting pressure to work faster without sacrificing investigative quality. A new Cloud Security Alliance study shows AI-assisted
www.databreachtoday.com
November 7, 2025 at 8:52 AM
Augmented cyber assists for an AI win? AI-assisted analysts complete investigations up to 61% faster and with higher accuracy than all-manual teams, finds a new Cloud Security Alliance study. www.databreachtoday.com/ai-soc-agent...