Sophos ZTNA Updates
New Let’s Encrypt and regional support.
Similar Posts
Insider Threat: Tackling the Complex Challenges of the Enemy Within
Bys sThe insider threat problem will worsen, and the solutions will widen, in the age of generative-AI. The post Insider Threat: Tackling the Complex Challenges of the Enemy Within appeared first on SecurityWeek.
Attorney General James Secures $500,000 from Capital Region Health Care Provider for Failing to Protect Patients’ Information
Bys sThis is the press release referred to in a recent post: NEW YORK – New York Attorney General Letitia James today announced that her office has secured $500,000 in penalties from OrthopedicsNY, LLP (OrthopedicsNY) for failing to protect patients’ private information. OrthopedicsNY is an orthopedics medicine and surgery practice that operates clinics and surgery centers across……
Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign
Bys sExposed PostgreSQL instances are the target of an ongoing campaign designed to gain unauthorized access and deploy cryptocurrency miners. Cloud security firm Wiz said the activity is a variant of an intrusion set that was first flagged by Aqua Security in August 2024 that involved the use of a malware strain dubbed PG_MEM. The campaign…
BatShadow Group Uses New Go-Based ‘Vampire Bot’ Malware to Hunt Job Seekers
Bys sA Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and digital marketing professionals to deliver a previously undocumented malware called Vampire Bot. “The attackers pose as recruiters, distributing malicious files disguised as job descriptions and corporate documents,” Aryaka Threat Research Labs
DOJ investigates ex-ransomware negotiator over extortion kickbacks
Bys sLawrence Abrams reports: An ex-ransomware negotiator is under criminal investigation by the Department of Justice for allegedly working with ransomware gangs to profit from extortion payment deals. The suspect is a former employee of DigitalMint, a Chicago-based incident response and digital asset services company that specializes in ransomware negotiation and facilitating cryptocurrency payments to receive a…
PhantomRaven Malware Found in 126 npm Packages Stealing GitHub Tokens From Devs
Bys sCybersecurity researchers have uncovered yet another active software supply chain attack campaign targeting the npm registry with over 100 malicious packages that can steal authentication tokens, CI/CD secrets, and GitHub credentials from developers’ machines. The campaign has been codenamed PhantomRaven by Koi Security. The activity is assessed to have begun in August 2025, when the…