Strengthening cyber resilience: Introducing Internal Attack Surface Management (IASM) for Sophos Managed Risk
Enhanced vulnerability management delivered as a managed service.
Similar Posts
Romanian National Sentenced for Selling Access to Networks of Oregon State Government Office
Bys sA Department of Justice press release on May 27 reports that a Romanian national who faced seven years in prison for selling access to an Oregon state government office in 2021 and other U.S. entities has been sentenced to 56 months in prison: According to court documents, Catalin Dragomir, 46, formerly of Constanta, Romania, sold……
16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft
A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft. The attack targeted publishers of browser extensions on the Chrome Web Store via a phishing campaign and used their access permissions to insert malicious code into…
Pittsburgh Regional Transit dealing with ransomware attack that slowed light rail system last week
One unfortunate holiday tradition seems to be that ransomware groups will attack at holiday times when entities are less likely to have full IT support from staff. One attack, however, reportedly started last week. Ed Blazina reports: What Pittsburgh Regional Transit last week thought was a computer glitch that affected rail service has turned out…
When “Goodbye” isn’t the end: Scattered LAPSUS$ Hunters hack on
Bys s“Goodbye isn’t the end. It’s the beginning of what happens next.” — Joshua Shaw Reading the news, I see some headlines suggesting that “Scattered LAPSUS$ Hunters” lied in their “Goodbye” message. One headline read, “Security Industry Skeptical of Scattered Spider-ShinyHunters Retirement Claims.” Another read, “Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims,” and……
Hackers leak purported Aeroflot data as Russia denies breach
Bys s“Information… has not been confirmed.” — Victim “Hold my beer.” — Hacker Daryna Antoniuk reports: Hackers have leaked flight records allegedly belonging to the CEO of the Russian airline Aeroflot following a major cyberattack that grounded flights, as Moscow denies any data breach occurred. Russia’s internet watchdog Roskomnadzor said there was no confirmation that data had been leaked from…
Zoom and Xerox Release Critical Security Updates Fixing Privilege Escalation and RCE Flaws
Bys sZoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could allow privilege escalation and remote code execution. The vulnerability impacting Zoom Clients for Windows, tracked as CVE-2025-49457 (CVSS score: 9.6), relates to a case of an untrusted search path that could pave the way for privilege escalation….