Sophos India Volunteers Bring Color to Local Schools
Sophos India volunteers transformed two rural schools with vibrant murals, enhancing learning spaces and strengthening community ties.
-
-
From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains
Introduction Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, cloud-based services, and global logistics networks, cybercriminals are exploiting vulnerabilities within these interconnected systems to launch attacks. By first infiltrating a third-party vendor with undetected
-
New BPFDoor Controller Enables Stealthy Lateral Movement in Linux Server Attacks
Cybersecurity researchers have unearthed a new controller component associated with a known backdoor called BPFDoor as part of cyber attacks targeting telecommunications, finance, and retail sectors in South Korea, Hong Kong, Myanmar, Malaysia, and Egypt in 2024. “The controller could open a reverse shell,” Trend Micro researcher Fernando Mercês said in a technical report published…
-
Product Walkthrough: A Look Inside Wing Security’s Layered SaaS Identity Defense
Intro: Why hack in when you can log in? SaaS applications are the backbone of modern organizations, powering productivity and operational efficiency. But every new app introduces critical security risks through app integrations and multiple users, creating easy access points for threat actors. As a result, SaaS breaches have increased, and according to a May…
-
Sophos Annual Threat Report appendix: Most frequently encountered malware and abused software
These are the tools of the trade Sophos detected in use by cybercriminals over 2024
-
The Sophos Annual Threat Report: Cybercrime on Main Street 2025
Ransomware remains the biggest threat, but old and misconfigured network devices are making it too easy
-
Chinese Android Phones Shipped with Fake WhatsApp, Telegram Apps Targeting Crypto Users
Cheap Android smartphones manufactured by Chinese companies have been observed pre-installed with trojanized apps masquerading as WhatsApp and Telegram that contain cryptocurrency clipper functionality as part of a campaign since June 2024. While using malware-laced apps to steal financial information is not a new phenomenon, the new findings from Russian antivirus vendor Doctor Web point…
-
U.S. Govt. Funding for MITRE’s CVE Ends April 16, Cybersecurity Community on Alert
The U.S. government funding for non-profit research giant MITRE to operate and maintain its Common Vulnerabilities and Exposures (CVE) program will expire Wednesday, an unprecedented development that could shake up one of the foundational pillars of the global cybersecurity ecosystem. The 25-year-old CVE program is a valuable tool for vulnerability management, offering a de facto…
-
Accounting Firms Can’t Skimp on Cybersecurity
Cybercriminals capitalize on tax preparation stress, technology sprawl, and lax communications. Accounting teams can’t afford to treat cybersecurity as an afterthought.
-
Max Severity Bug in Apache Roller Enabled Persistent Access
The remediated flaw gave adversaries a way to maintain access to the app through password resets.