Sophos Firewall v21.5 is now available
New innovations and top-requested features
Similar Posts
Manassas City Public Schools close on Monday due to cyberattack
Bys sAlan Henney reports: Manassas City Public Schools (MCPS) are closed on Monday due to a cybersecurity incident that has led to connectivity disruptions and phone outages across the school system, officials said. Dr. Kevin Newman, MCPS superintendent, said in a post on Facebook on Sunday that all MCPS schools will be closed on Monday, November……
FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux
Bys sThreat hunters have shed light on a new campaign targeting the foreign ministry of an unnamed South American nation with bespoke malware capable of granting remote access to infected hosts. The activity, detected in November 2024, has been attributed by Elastic Security Labs to a threat cluster it tracks as REF7707. Some of the other…
Legacy Stripe API Exploited to Validate Stolen Payment Cards in Web Skimmer Campaign
Bys sThreat hunters are warning of a sophisticated web skimmer campaign that leverages a legacy application programming interface (API) from payment processor Stripe to validate stolen payment information prior to exfiltration. “This tactic ensures that only valid card data is sent to the attackers, making the operation more efficient and potentially harder to detect,” Jscrambler researchers…
Oracle Rushes Patch for CVE-2025-61882 After Cl0p Exploited It in Data Theft Attacks
Bys sOracle has released an emergency update to address a critical security flaw in its E-Business Suite that it said has been exploited in the recent wave of Cl0p data theft attacks. The vulnerability, tracked as CVE-2025-61882 (CVSS score: 9.8), concerns an unspecified bug that could allow an unauthenticated attacker with network access via HTTP to…
Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack
Bys sApple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in question is CVE-2025-43300 (CVSS score: 8.8), an out-of-bounds write issue in the ImageIO component that could result in memory corruption when processing a malicious image file. “Apple is aware of a report that…
Silver Fox Targets Indian Users With Tax-Themed Emails Delivering ValleyRAT Malware
Bys sThe threat actor known as Silver Fox has turned its focus to India, using income tax-themed lures in phishing campaigns to distribute a modular remote access trojan called ValleyRAT (aka Winos 4.0). “This sophisticated attack leverages a complex kill chain involving DLL hijacking and the modular Valley RAT to ensure persistence,” CloudSEK researchers Prajwal Awasthi…