KnowBe4, a US security firm, discovered it had unknowingly hired a North Korean hacker who attempted to install malware within its network. CEO Stu Sjouwerman reported that the intruder used a stolen US-based identity and an AI-enhanced photo to pass standard hiring processes, including video interviews and background checks. Although no data breach occurred, the incident, now under FBI investigation, was detected when the hire's activities triggered security alerts from the company's Security Operations Center (SOC). The infiltrator had logged in remotely, likely from North Korea, using a VPN. KnowBe4 emphasized the importance of this incident as an organizational learning moment.

North Korean hacker got hired by US security vendor, immediately loaded malware arstechnica

The Cybersecurity and Infrastructure Security Agency (CISA) has appointed Lisa Einstein as its first Chief Artificial Intelligence Officer, demonstrating the agency's commitment to responsible AI use in enhancing cyber defense and supporting critical infrastructure. Einstein, who has led CISA's AI initiatives since 2023 and served as Executive Director of the CISA Cybersecurity Advisory Committee since 2022, will continue to focus on ensuring AI is used safely and securely. This new position underscores the agency’s dedication to integrating AI into its operations and assisting critical infrastructure partners in safe AI adoption.

CISA Welcomes Lisa Einstein as First Chief AI Officer The Fast Mode

The cybersecurity industry is currently experiencing a consolidation phase, where high-profile acquisitions and alliances aim to streamline cybersecurity solutions through platformization. While platforms promise simplicity and unified management, experts argue that this approach may not adequately address specialized threats and can lead to vendor lock-in and innovation stagnation. Industry leaders emphasize the enduring value of a modular approach, which allows for flexibility, best-of-breed solutions, and easier adaptation to emerging threats. A balanced strategy that integrates the strengths of both platformization and modularity, focusing on interoperability, can offer a more robust and adaptable cybersecurity ecosystem.

The Potential Pitfalls Of Cybersecurity Platformization Forbes

In July, the DataBreaches log noted that six U.S. hospitals disclosed breaches, though some incidents received minimal media attention. Fairfield Memorial Hospital in Illinois appeared on LockBit3.0's leak site, acknowledging network issues but omitting details of the ransomware attack. Hospital Auxilio Mutuo in Puerto Rico reported a breach involving patient data, emphasizing ongoing investigations. Northeast Rehabilitation Hospital Network in New Hampshire detailed a ransomware incident affecting 501 patients. Millinocket Regional Hospital in Maine was claimed by RansomHub, without confirmation of a breach. Delhi Hospital in Louisiana faced attempted negotiations with R&D leak group over exfiltrated patient data. Lastly, Schneider Regional Medical Center in the Virgin Islands experienced network blockage and data theft, reported cooperating with authorities.

Six U.S. hospital breach reports from July; some have flown under the media radar – DataBreaches.Net databreaches.net