Beyond the kill chain: What cybercriminals do with their money (Part 1)
Sophos X-Ops investigates what financially motivated threat actors invest their ill-gotten profits in, once the dust has settled
Similar Posts
Europe’s GDPR cops dished out €1.2B in fines last year as data breaches piled up
Bys sCarly Page reports: GDPR fines pushed past the £1 billion (€1.2 billion) mark in 2025 as Europe’s regulators were deluged with more than 400 data breach notifications a day, according to a new survey that suggests the post-plateau era of enforcement has well and truly arrived. The figures come from the latest GDPR Fines and Data Breach……
Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware
Bys sCybersecurity researchers have disclosed details of a new campaign that has used cracked software distribution sites as a distribution vector for a new version of a modular and stealthy loader known as CountLoader. The campaign “uses CountLoader as the initial tool in a multistage attack for access, evasion, and delivery of additional malware families,” Cyderes…
CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-25108 (CVSS v4 score: 8.7), is a case of operating system (OS) command injection that could allow an authenticated user to execute
Why Most AI Deployments Stall After the Demo
Bys sThe fastest way to fall in love with an AI tool is to watch the demo. Everything moves quickly. Prompts land cleanly. The system produces impressive outputs in seconds. It feels like the beginning of a new era for your team. But most AI initiatives don’t fail because of bad technology. They stall because what…
Illinois Man Charged in Snapchat Hacking Investigation
Bys sBOSTON – An Illinois man has been charged in federal court in Boston with phishing the Snapchat access codes of nearly 600 women in an effort to hack their Snapchat accounts and steal nude photos, which he kept, sold, or traded on the internet. Kyle Svara, 26, of Oswego, Ill., is charged with aggravated identity……
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
Bys sThe cascading supply chain attack that initially targeted Coinbase before becoming more widespread to single out users of the “tj-actions/changed-files” GitHub Action has been traced further back to the theft of a personal access token (PAT) related to SpotBugs. “The attackers obtained initial access by taking advantage of the GitHub Actions workflow of SpotBugs, a…