Blog

Your blog category

Blog

Sharpening the knife: GOLD BLADE’s strategic evolution

Updates include novel abuse of recruitment platforms, modified infection chains, and expansion into a hybrid operation that combines data theft and ransomware deployment

Read More Sharpening the knife: GOLD BLADE’s strategic evolution
Blog

Introducing Sophos Intelix for Microsoft 365 Copilot

Bringing Sophos threat intelligence directly into Microsoft 365 Copilot.

Read More Introducing Sophos Intelix for Microsoft 365 Copilot
Blog

Introducing Sophos Intelix for Microsoft Security Copilot

Elevating threat intelligence for all Security Copilot users.

Read More Introducing Sophos Intelix for Microsoft Security Copilot
Blog

Intellexa Leaks Reveal Zero-Days and Ads-Based Vector for Predator Spyware Delivery

A human rights lawyer from Pakistan’s Balochistan province received a suspicious link on WhatsApp from an unknown number, marking the first time a civil society member in the country was targeted by Intellexa’s Predator spyware, Amnesty International said in a report. The link, the non-profit organization said, is a “Predator attack attempt based on the…

Read More Intellexa Leaks Reveal Zero-Days and Ads-Based Vector for Predator Spyware Delivery
Blog

“Getting to Yes”: An Anti-Sales Guide for MSPs

Most MSPs and MSSPs know how to deliver effective security. The challenge is helping prospects understand why it matters in business terms. Too often, sales conversations stall because prospects are overwhelmed, skeptical, or tired of fear-based messaging. That’s why we created ”Getting to Yes”: An Anti-Sales Guide for MSPs. This guide helps service providers transform…

Read More “Getting to Yes”: An Anti-Sales Guide for MSPs
Blog

CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People’s Republic of China (PRC) to maintain long-term persistence on compromised systems. “BRICKSTORM is a sophisticated backdoor for VMware vSphere and Windows environments,” the agency said….

Read More CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems
Blog

JPCERT Confirms Active Command Injection Attacks on Array AG Gateways

A command injection vulnerability in Array Networks AG Series secure access gateways has been exploited in the wild since August 2025, according to an alert issued by JPCERT/CC this week. The vulnerability, which does not have a CVE identifier, was addressed by the company on May 11, 2025. It’s rooted in Array’s DesktopDirect, a remote…

Read More JPCERT Confirms Active Command Injection Attacks on Array AG Gateways
Blog

Oracle Identity Manager Pre-Auth RCE

What is the Vulnerability? CVE-2025-61757 is a critical pre-authentication remote code execution vulnerability in Oracle Identity Manager’s REST WebServices. This vulnerability allows an unauthenticated attacker to exploit URI and matrix parameter parsing weaknesses to bypass authentication and execute arbitrary code over HTTP. Successful exploitation results in full compromise of Identity Manager servers- enabling attackers to…

Read More Oracle Identity Manager Pre-Auth RCE
Blog

How Agentic AI Can Boost Cyber Defense

Transurban head of cyber defense Muhammad Ali Paracha shares how his team is automating the triaging and scoring of security threats as part of the Black Hat Middle East conference.

Read More How Agentic AI Can Boost Cyber Defense
Blog

CISA Warns of ‘Ongoing’ Brickstorm Backdoor Attacks

State-sponsored actors tied to China continue to target VMware vSphere environments at government and technology organizations.

Read More CISA Warns of ‘Ongoing’ Brickstorm Backdoor Attacks