3 Things CFOs Need to Know About Mitigating Threats
To reposition cybersecurity as a strategic, business-critical investment, CFOs and CISOs play a critical role in articulating the significant ROI that robust security measures can deliver.
-
-
Russia’s Secret Blizzard APT Gains Embassy Access via ISPs
An ongoing AitM campaign by the infamous Moscow-sponsored cyber threat actor has widened its scope, dropping the dangerous ApolloShadow custom backdoor malware thanks to lawful intercept systems.
-
Experts Detect Multi-Layer Redirect Tactic Used to Steal Microsoft 365 Login Credentials
Cybersecurity researchers have disclosed details of a new phishing campaign that conceals malicious payloads by abusing link wrapping services from Proofpoint and Intermedia to bypass defenses. “Link wrapping is designed by vendors like Proofpoint to protect users by routing all clicked URLs through a scanning service, allowing them to block known malicious destinations at the…
-
Getting a Cybersecurity Vibe Check on Vibe Coding
Following a number of high-profile security and development issues surrounding the use of LLMs and GenAI to code and create applications, it’s worth taking a temperature check to ask: Is this technology ready for prime time?
-
Sophos named a Leader in the 2025 Frost Radar™ for Managed Detection and Response
Being named a Leader in the Frost Radar™ validates the strength of our strategy, the depth of our capabilities, and the value we deliver to customers… but we won’t stop there.
-
What the Coinbase Breach Says About Insider Risk
The lesson from the breach is not just about what went wrong — but what could have gone right.
-
N. Korean Hackers Used Job Lures, Cloud Account Access, and Malware to Steal Millions in Crypto
The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram. “Under the guise of freelance opportunities for software development work, UNC4899 leveraged social engineering techniques to successfully convince the targeted employees to execute malicious Docker containers in their
-
Sophos Endpoint: Consistently AAA rated – Q2 2025 SE Labs Endpoint Protection Report
The secret of success is consistency!
-
Dark Reading Confidential: Funding the CVE Program of the Future
Dark Reading Confidential Episode 8: Federal funding for the CVE Program expires in April 2026, and a trio of experts agree the industry isn’t doing enough to deal with the looming crisis. Bugcrowd’s Trey Ford, expert Adam Shostack, and CVE historian Brian Martin sit down with Dark Reading to help us figure out what a…
-
Low-Code Tools in Microsoft Azure Allowed Unprivileged Access
Using the API Connections for Azure Logic Apps, a security researcher found unauthenticated users could access sensitive data of other customers.