News

AI adoption is booming—but so is cybercrime. Programs disguised as popular AI tools that contain malware are being planted by threat actors hoping to deceive companies jumping in and adopting AI. According to Cisco Talos, Cisco's "threat intelligence research organization", these programs may be downloaded by accident due to search result manipulation, in which tactics are used to make the illegitimate programs appear higher in the search results than others.

In an article titled Healthcare Data Breach Statistics, HIPAA Journal revealed that 2024 saw the single largest healthcare data breach on record, affecting 190 million individual records. This followed a record-breaking 2023, which saw 725 breaches containing over 133 million records exposed.

A 19-year-old from Massachusetts has pled guilty to being behind last year’s PowerSchool data breach, which affected 18,476 Massachusetts residents, with some students, families, and staff having their social security numbers and medical records exposed.

In April, Direct iT President and CEO David Javaheri flew out to a cybersecurity conference to present on the same stage as business luminaries Daymond John, Robert Herjavec, and Kevin O’Leary.

Javaheri believes that small businesses are being targeted by threat actors more frequently than ever before.

The FBI's Internet Crime Complaint Center (IC3) has issued an alert regarding a smishing scam impersonating road toll services. Smishing, a form of phishing that uses text messages to deceive recipients into providing personal information or clicking on malicious links, is a growing threat as more people rely on their mobile devices for communication and transactions.

According to a blog post on their website, Socure, a “leading provider of AI-powered digital identity verification and fraud prevention solutions”, has identified “over 9,100 fraudulent checking and credit applications spanning multiple financial institutions” that are created with the stolen identities of Massachusetts residents born between 1975 and 1990.

The attackers have been using specific email domains, such as Outlook.

The United States Attorney’s Office for the District of Massachusetts has secured the forfeiture of over $5 million, originating from victims of a sophisticated business email compromise (BEC) scheme. A BEC is a type of cybercrime where attackers use email fraud to deceive organizations into transferring money or sensitive information.

An educational vendor whose technology is integrated into numerous public schools in the state of Massachusetts has suffered a data breach that affected 18,476 Massachusetts residents, with some students, families, and staff having their social security numbers and medical records exposed.

The number of ransomware incidents reported by healthcare organizations from 2024 compared to 2023 spiked 32%, according to the “Healthcare Under Ransomware Attack 2025” report by Black Kite Security. This now puts Healthcare as the third most-targeted industry, behind manufacturing and scientific research.

The Securities and Exchange Commission (SEC) has announced the creation of the Cyber and Emerging Technologies Unit (CETU) to “focus on combating cyber-related misconduct and to protect retail investors from bad actors in the emerging technologies space,” according to a Feb 20 press release on their website.