Cybersecurity

Sophos’ Secure by Design 2025 Progress – Sophos News

CybersecurityJuly 30, 2025

In 2024, we became one of the first organizations to commit to CISA’s Secure by Design initiative. Aligned with our core organizational values around...

Analysis of the ToolShell vulnerabilities and exploit code

CybersecurityJuly 29, 2025

On July 19–20, 2025, various security companies and national CERTs published alerts about active exploitation of on-premise SharePoint servers. According to the reports, observed...

Sinkholing Suspicious Scripts or Executables on Linux

CybersecurityJuly 28, 2025

When you need to analyze some suspicious pieces of code, it's interesting to detonate them in a sandbox. If you don't have a complete sandbox...

Phishers Target Aviation Execs to Scam Customers – Krebs on Security

CybersecurityJuly 27, 2025

KrebsOnSecurity recently heard from a reader whose boss’s email account got phished and was used to trick one of the company’s customers into sending...

Free decryptor for victims of Phobos ransomware released

CybersecurityJuly 26, 2025

There is good news for any organisation which has been hit by the Phobos ransomware. Japanese police have released a free decryptor capable of recovering...

Deviant – Darknet Diaries

CybersecurityJuly 25, 2025

Full Transcript Deviant Ollam is a physical penetration specialist. That means he’s paid to break into buildings to see if the...

Why is your data worth so much?

CybersecurityJuly 24, 2025

Behind every free online service, there's a price being paid. Learn why...

11 Years of Microsoft Regional Director and 15 Years of MVP

CybersecurityJuly 23, 2025

I often wonder how much people in other professions genuinely love the...

SharePoint ‘ToolShell’ vulnerabilities being exploited in the wild – Sophos News

CybersecurityJuly 22, 2025

On July 18, 2025, Sophos MDR (Managed Detection and Response) analysts observed an influx of malicious activity targeting on-premises SharePoint instances, including malicious PowerShell...

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse

CybersecurityJuly 21, 2025

Jul 21, 2025Ravie LakshmananThreat Intelligence / Authentication Cybersecurity researchers have disclosed a novel attack technique that allows threat actors to bypass Fast IDentity Online (FIDO)...

GhostContainer backdoor for Exchange servers

CybersecurityJuly 20, 2025

In a recent incident response (IR) case, we discovered highly customized malware targeting Exchange infrastructure within government environments. Analysis of detection logs and clues...

Veeam Phishing via Wav File

CybersecurityJuly 19, 2025

A interesting phishing attempt was reported by a contact. It started with a simple email that looked like a voice mail notification like many...

1...345...24 Page 4 of 24

Cybersecurity

Recent articles

Sam the Vendor – Darknet Diaries

‘What happens online stays online’ and other cyberbullying myths, debunked

Weekly Update 465

August Patch Tuesday includes blasts from the (recent) past – Sophos News

PyPI Blocks 1,800 Expired-Domain Emails to Prevent Account Takeovers and Supply Chain Attacks

Phishing and scams: how fraudsters are deceiving users in 2025