Introducing Sophos Identity Threat Detection and Response (ITDR)
Neutralize identity-based threats before they can impact your business.
Similar Posts
Detour Dog Caught Running DNS-Powered Malware Factory for Strela Stealer
Bys sA threat actor named Detour Dog has been outed as powering campaigns distributing an information stealer known as Strela Stealer. That’s according to findings from Infoblox, which found the threat actor to maintain control of domains hosting the first stage of the stealer, a backdoor called StarFish. The DNS threat intelligence firm said it has…
QakBot-Linked BC Malware Adds Enhanced DNS Tunneling and Remote Access Features
Bys sCybersecurity researchers have disclosed details of a new BackConnect (BC) malware that has been developed by threat actors linked to the infamous QakBot loader. “BackConnect is a common feature or module utilized by threat actors to maintain persistence and perform tasks,” Walmart’s Cyber Intelligence team told The Hacker News. “The BackConnect(s) in use were ‘DarkVNC’…
Malicious Go Package Exploits Module Mirror Caching for Persistent Remote Access
Bys sCybersecurity researchers have called attention to a software supply chain attack targeting the Go ecosystem that involves a malicious package capable of granting the adversary remote access to infected systems. The package, named github.com/boltdb-go/bolt, is a typosquat of the legitimate BoltDB database module (github.com/boltdb/bolt), per Socket. The malicious version (1.3.1) was published to
Ukraine Warns of CABINETRAT Backdoor + XLL Add-ins Spread via Signal ZIPs
Bys sThe Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new targeted cyber attacks in the country using a backdoor called CABINETRAT. The activity, observed in September 2025, has been attributed to a threat cluster it tracks as UAC-0245. The agency said it spotted the attack following the discovery of software tools taking the…
South Korea: Modetour Network fined 740 million won for hacking incident; Meta loses appeal of 6.7 billion won fine
Bys sThere are two cases in South Korean news this week of note here today involving enforcement actions by South Korea’s Personal Information Protection Commission. One involves a travel agency, Modutour. The other involves a court decision about Meta’s data sharing. Modutour Network Fined by PIPC Yun Ye-won reports that Modutour Network, which neglected safety measures…
27 Malicious npm Packages Used as Phishing Infrastructure to Steal Login Credentials
Bys sCybersecurity researchers have disclosed details of what has been described as a “sustained and targeted” spear-phishing campaign that has published over two dozen packages to the npm registry to facilitate credential theft. The activity, which involved uploading 27 npm packages from six different npm aliases, has primarily targeted sales and commercial personnel at critical