The Sophos Annual Threat Report: Cybercrime on Main Street 2025
Ransomware remains the biggest threat, but old and misconfigured network devices are making it too easy
Similar Posts
US govt login portal could be one cyberattack away from collapse, say auditors
Bys sBrandon Vigliarolo reports: The US government’s Login.gov identity verification system could be one cyberattack, or just a routine IT hiccup, away from serious trouble, say auditors, because it hasn’t shown its backup testing policy is actually in use or effective. The US Government Accountability Office reported Tuesday that Login.gov, which is managed by the federal government’s General…
Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks
Bys sBad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control (C2) platform called Matrix Push C2. “This browser-native, fileless framework leverages push notifications, fake alerts, and link redirects to target victims across operating systems,” Blackfog researcher Brenda Robb said in a Thursday report….
AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
Bys sAI is changing everything — from how we code, to how we sell, to how we secure. But while most conversations focus on what AI can do, this one focuses on what AI can break — if you’re not paying attention. Behind every AI agent, chatbot, or automation script lies a growing number of non-human…
Why You Should Swap Passwords for Passphrases
Bys sThe advice didn’t change for decades: use complex passwords with uppercase, lowercase, numbers, and symbols. The idea is to make passwords harder for hackers to crack via brute force methods. But more recent guidance shows our focus should be on password length, rather than complexity. Length is the more important security factor, and passphrases are…
Kazakhstan Considers Criminal Liability for Mass Leaks of Personal Data
Bys sDmitry Pokidaev reports: Kazakhstan is considering tightening legal responsibility for violations related to personal data protection. The Ministry of Artificial Intelligence and Digital Development has proposed introducing criminal liability for mass leaks of citizens’ personal data, along with a significant increase in administrative fines for failing to comply with information security requirements. The proposal was……
Phone location data of top EU officials for sale, report finds
Bys sZack Whittaker reports: Journalists in Europe found it was “easy” to spy on top European Union officials using commercially obtained location histories sold by data brokers, despite the continent having some of the strongest data protection laws in the world. EU officials said they’re “concerned” about the trade of citizen and officials’ mobile phone location……