Beyond the kill chain: What cybercriminals do with their money (Part 4)
In the fourth of our five-part series, Sophos X-Ops explores threat actors’ real-world criminal business interests
Similar Posts
Discover Practical AI Tactics for GRC — Join the Free Expert Webinar
Bys sArtificial Intelligence (AI) is rapidly transforming Governance, Risk, and Compliance (GRC). It’s no longer a future concept—it’s here, and it’s already reshaping how teams operate. AI’s capabilities are profound: it’s speeding up audits, flagging critical risks faster, and drastically cutting down on time-consuming manual work. This leads to greater efficiency, higher accuracy, and a more
Microsoft Gave FBI Keys To Unlock Encrypted Data, Exposing Major Privacy Concern
Bys sThomas Brewster reports: Early last year, the FBI served Microsoft with a search warrant, asking it to provide recovery keys to unlock encrypted data stored on three laptops. Federal investigators in Guam believed the devices held evidence that would help prove individuals handling the island’s Covid unemployment assistance program were part of a plot to……
Overcoming Risks from Chinese GenAI Tool Usage
Bys sA recent analysis of enterprise data suggests that generative AI tools developed in China are being used extensively by employees in the US and UK, often without oversight or approval from security teams. The study, conducted by Harmonic Security, also identifies hundreds of instances in which sensitive data was uploaded to platforms hosted in China,…
New AI Jailbreak Method ‘Bad Likert Judge’ Boosts Attack Success Rates by Over 60%
Cybersecurity researchers have shed light on a new jailbreak technique that could be used to get past a large language model’s (LLM) safety guardrails and produce potentially harmful or malicious responses. The multi-turn (aka many-shot) attack strategy has been codenamed Bad Likert Judge by Palo Alto Networks Unit 42 researchers Yongzhe Huang, Yang Ji, Wenjun…
New “Cavalry Werewolf” Attack Hits Russian Agencies with FoalShell and StallionRAT
Bys sA threat actor that’s known to share overlaps with a hacking group called YoroTrooper has been observed targeting the Russian public sector with malware families such as FoalShell and StallionRAT. Cybersecurity vendor BI.ZONE is tracking the activity under the moniker Cavalry Werewolf. It’s also assessed to have commonalities with clusters tracked as SturgeonPhisher, Silent Lynx,…
Cyberattacks on Long Island Schools Highlight Growing Threat
Bys sI’d called it an “ongoing threat,” but …. Maggie MacAlpine reports: In a concerning development, over 20 school districts across Long Island have fallen victim to cyberattacks, compromising the personal data of more than 10,000 students. According to state education records, 28 incidents were reported in 2024 alone, affecting districts such as Great Neck, Smithtown,…