News

Phake phishing: Phundamental or pholly?

Bys s October 31, 2025

Debates over the effectiveness of phishing simulations are widespread. Sophos X-Ops looks at the arguments for and against – and our own phishing philosophy

News

Western Security Agencies Share Advice on Selecting OT Products
Bys s January 14, 2025

CISA and other Western security agencies have shared guidance for OT owners and operators when procuring products. The post Western Security Agencies Share Advice on Selecting OT Products appeared first on SecurityWeek.

Read More Western Security Agencies Share Advice on Selecting OT Products
News

Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
Bys s April 5, 2026

Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild. The vulnerability, tracked as CVE-2026-35616 (CVSS score: 9.1), has been described as a pre-authentication API access bypass leading to privilege escalation. “An improper access control vulnerability [CWE-284] in FortiClient EMS may allow an

Read More Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
News

Keenan & Associates settles 2023 data breach litigation for $14M
Bys s August 15, 2025

Keenan & Associates is a benefits consulting and insurance brokerage provider in California, providing services to several sectors, including healthcare entities and educational facilities. Between August 21, 2023 and August 27, 2023, an unauthorized user accessed information relating to certain of Keenan’s customers, including names, dates of birth, Social Security numbers, passport numbers, driver’s license……

Read More Keenan & Associates settles 2023 data breach litigation for $14M
News

New “Kurd Hackers Forum” Focuses on Middle Eastern Data Breaches and Leaks
Bys s February 14, 2026

Reza abasi notes that there is a new forum called the “Kurd Hacker Forum” that focuses on databreaches in Iran, Syria, and Turkey. The domain was registered January 28, 2026. The forum, which is on the clear net, looks like it has the same format as the classic BreachForums, with the same types of sections……

Read More New “Kurd Hackers Forum” Focuses on Middle Eastern Data Breaches and Leaks
News

APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign
Bys s October 24, 2025

A Pakistan-nexus threat actor has been observed targeting Indian government entities as part of spear-phishing attacks designed to deliver a Golang-based malware known as DeskRAT. The activity, observed in August and September 2025 by Sekoia, has been attributed to Transparent Tribe (aka APT36), a state-sponsored hacking group known to be active since at least 2013….

Read More APT36 Targets Indian Government with Golang-Based DeskRAT Malware Campaign
News

BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks
Bys s April 6, 2026

Germany’s Federal Criminal Police Office (aka BKA or the Bundeskriminalamt) has unmasked the real identity of the main threat actors associated with the now-defunct REvil (aka Sodinokibi) ransomware-as-a-service (RaaS) operation. The threat actor, who went by the alias UNKN, functioned as a representative of the group, advertising the ransomware in June 2019 on the XSS…

Read More BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks

Similar Posts