Fireside Chat with Measured Insurance
Credit to Author: Sally Adam| Date: Thu, 04 Jan 2024 09:37:56 +0000
Comparing trends observed in 2023 and predictions for 2024
Read moreMonth: January 2024
Akira, again: The ransomware that keeps on taking
Credit to Author: Angela Gunn| Date: Thu, 21 Dec 2023 21:06:11 +0000
Seven months after our first investigation, a fuller portrait of the criminal gang and its tactics emerges
Read moreCryptoGuard: An asymmetric approach to the ransomware battle
Credit to Author: Mark Loman| Date: Wed, 20 Dec 2023 11:00:06 +0000
In the second of our new technical thought leadership series, Sophos X-Ops takes a detailed look at anti-ransomware techniques
Read moreA Season of Giving at Sophos
Credit to Author: Byron Price| Date: Tue, 19 Dec 2023 11:09:49 +0000
As we enter the season of goodwill and 2023 draws to a close, Sophos teams across the globe have been getting involved in a range of charitable and volunteering activities.
Read more“Inhospitality” malspam campaign targets hotel industry
Credit to Author: Andrew Brandt| Date: Tue, 19 Dec 2023 11:00:33 +0000
Social engineering drives password-stealing malware attack against the front desk
Read moreFCC wants cars to make life harder for stalkers
The FCC wants car makers and wireless providers to make it harder for stalkers to use your car against you.
Read moreJoomla! vulnerability is being actively exploited
A vulnerability in the popular Joomla! CMS has been added to CISA’s known exploited vulnerabilities catalog.
Read moreLuring with love, a network of pig butchering “mining” scams robbed millions from victims’ wallets
Credit to Author: gallagherseanm| Date: Mon, 18 Dec 2023 11:00:55 +0000
Three threat groups using the exact same scam kit stole from 90 victims, mostly during the period of June to August, using smart contracts to hijack wallets and transfer their contents without needing to bypass device security. To date, neary $3 million has been stolen by the coordinated groups.
Read moreAct now! Ivanti vulnerabilities are being actively exploited
Several international security agencies are echoing a warning by Ivanti about actively exploited vulnerabilities in its VPN solution.
Read moreFor Patch Tuesday, 48 updates, no zero-day flaws
Microsoft has eased us into the new new year with just 48 updates for the Windows, Office and .NET platforms. There were no zero-days for January, and no reports of publicly exposed vulnerabilities or exploited security issues.
Developers of complex, line-of-business applications might need to pay particular attention to how Microsoft has updated the Message Queue system. Printing has been patched and minor updates to bluetooth and Windows shell sub-systems (shortcuts and wallpaper) require some testing before deployment.
The team at Readiness has crafted a useful infographic that outlines the risks associated with each of the updates for this January release.