Sophos Recognized as Top Employer in British Columbia, Canada

CISA and other agencies call to action for the US government to take steps to close the software understanding gap. The post US Government Agencies Call for Closing the Software Understanding Gap appeared first on SecurityWeek.

From cyber attacks across the geopolitical landscapes, to product updates that help small businesses, Sophos was there in 2024.

Cybersecurity researchers are warning of a “widespread and ongoing” SMS phishing campaign that’s been targeting toll road users in the United States for financial theft since mid-October 2024. “The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by ‘Wang Duo Yu,’” Cisco Talos researchers…

The US government shared exploit chains, IOCs and post-incident forensics data to help network defenders hunt for signs of Chinese hacking gangs. The post FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know appeared first on SecurityWeek.

Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user’s Git credentials. “Git implements a protocol called Git Credential Protocol to retrieve credentials from the credential helper,” GMO Flatt Security researcher Ry0taK, who discovered the…

The U.K. National Crime Agency (NCA) on Thursday announced that four people have been arrested in connection with cyber attacks targeting major retailers Marks & Spencer, Co-op, and Harrods. The arrested individuals include two men aged 19, a third aged 17, and a 20-year-old woman. They were apprehended in the West Midlands and London on…