Google: Russia’s ColdRiver APT Unleashes Custom ‘Spica’ Malware
Just in time for the US election season, one of the Kremlin's favorite hack-and-leak spy groups — Star Blizzard —…
News
InfoSec 101: Why Data Loss Prevention Is Important to Enterprise Defense
Data is the most valuable asset for any organization — and protecting it is crucial to maintaining business continuity.
Lock Down the Software Supply Chain With ‘Secure by Design’
As zero days and complex networks create gaps for cyberattacks, software developers and agencies, such as CISA, look to the…
Important Sophos Firewall product news
ZTNA, Sophos Central, DNS protection, and more.
$80M in Crypto Disappears Into Drainer-as-a-Service Malware Hell
"Inferno Drainer" campaign represents a dangerous evolution in crypto-drainers, credibly spoofing Coinbase and maintaining a vast infrastructure-for-rent biz.
Strength in Numbers: The Case for Whole-of-State Cybersecurity
WoS cybersecurity creates a united front for governments to defend against threat actors, harden security postures, and protect constituents who…
Nearly 7K WordPress Sites Compromised by Balada Injector
Nearly 200K WordPress sites could be vulnerable to the attack thanks to CVE-2023-6000, lurking in the PopUp Builder plug-in.
Sophisticated macOS Infostealers Get Past Apple’s Built-In Detection
Emerging malware variants can evade various static-signature detection engines, including XProtect, as attackers rapidly evolve to challenge defense systems.
Q&A: How One Company Gauges Its Employees’ Cybersecurity ‘Fluency’
Cybersecurity compliance training is commonplace, but one Jordan-based company has taken an extra step in testing.
CISA: AWS, Microsoft 365 Accounts Under Active ‘Androxgh0st’ Attack
Cyberattackers are targeting Apache webservers and websites using the popular Laravel Web application framework in order to steal credentials for…