Sophos Firewall v22: Health Check

A new global phishing threat called “Meta Mirage” has been uncovered, targeting businesses using Meta’s Business Suite. This campaign specifically aims at hijacking high-value accounts, including those managing advertising and official brand pages. Cybersecurity researchers at CTM360 revealed that attackers behind Meta Mirage impersonate official Meta communications, tricking users into handing

A new agentic browser attack targeting Perplexity’s Comet browser that’s capable of turning a seemingly innocuous email into a destructive action that wipes a user’s entire Google Drive contents, findings from Straiker STAR Labs show. The zero-click Google Drive Wiper technique hinges on connecting the browser to services like Gmail and Google Drive to automate…

This is the stuff some nightmares are made of. Times of India reports from New Delhi: Indian aircraft deployed to provide rescue and relief supplies to quake-hit Myanmar, under Operation Brahma since March 29, have faced cyber-attacks in the form of “spoofing” of their satellite-based GPS signals. Sources said it’s difficult to establish the forces…

Here’s today’s reminder of the insider threat. And also the external threat. Consider it a pre-holiday twofer. DataBreaches was contacted yesterday by “0mid16B,” the same individual who was responsible for previously hacking The1 Card, Thailand’s most popular loyalty program. In their latest contact, they claim to have successfully attacked Ardyss[.]com and ArdyssLife[.]com, telling DataBreaches, “In…

Analysis of the tradecraft evolution across 6 months and 11 incidents

The China-nexus cyber espionage group tracked as UNC3886 has been observed targeting end-of-life MX routers from Juniper Networks as part of a campaign designed to deploy custom backdoors, highlighting their ability to focus on internal networking infrastructure. “The backdoors had varying custom capabilities, including active and passive backdoor functions, as well as an embedded script…