Sophos Partners with Capsule on New Cyber Insurance Program
The partnership rewards real-world, observable security controls, while removing the traditional barriers to insurance coverage.
Similar Posts
New Labels Will Help People Pick Devices Less at Risk of Hacking
Bys sThe US government is rolling out a consumer labeling system designed to help Americans pick smart devices that are less vulnerable to hacking. The post New Labels Will Help People Pick Devices Less at Risk of Hacking appeared first on SecurityWeek.
Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks
Bys sA Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell. “UAT-6382 successfully exploited CVE-2025-0944, conducted reconnaissance, and rapidly deployed a variety of web shells and custom-made malware to maintain long-term access,” Cisco Talos researchers
Canadian Man Charged in $65M Cryptocurrency Hacking Schemes
Bys sA five-count criminal indictment was unsealed today in federal court in New York charging a Canadian man with exploiting vulnerabilities in two decentralized finance protocols to fraudulently obtain about $65 million from the protocols’ investors. According to court documents, from 2021 to 2023, Andean Medjedovic, 22, allegedly exploited vulnerabilities in the automated smart contracts used…
Breaking Up With Edtech Is Hard to Do
Bys sEllen Ullman reports: When Kerri Wall’s school district decided not to renew its five-year contract with an edtech company last spring, she didn’t expect the hardest part to come after the breakup. As the senior digital innovation administrator for the School District of Indian River County in Florida — and designated student data privacy officer……
Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates
Bys sThe China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the threat actors to increase the sophistication and effectiveness of their malware. This includes updated versions of a known backdoor called TONESHELL, as well as a…
Russian Hackers Breach 20+ NGOs Using Evilginx Phishing via Fake Microsoft Entra Pages
Bys sMicrosoft has shed light on a previously undocumented cluster of threat activity originating from a Russia-affiliated threat actor dubbed Void Blizzard (aka Laundry Bear) that it said is attributed to “worldwide cloud abuse.” Active since at least April 2024, the hacking group is linked to espionage operations mainly targeting organizations that are important to Russian…