Advancing Cybersecurity for Microsoft Environments
From certified MDR services to open threat intelligence frameworks, Sophos is delivering the clarity, context, and confidence organizations need to stay ahead of evolving threats.
Similar Posts
Uganda court charges senior finance officials with corruption over central bank hacking
Bys sSusmita Chaulagain reports: A Ugandan court on Wednesday charged nine senior officials from the Ministry of Finance, Planning, and Economic Development over their alleged involvement in corruption, electronic fraud, and money laundering in connection with a hacking incident that led to a financial loss of at least $21 million from the country’s central bank. The hacking occurred last year…
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time
Bys sGoogle has disclosed that the company’s continued adoption of the Rust programming language in Android has resulted in the number of memory safety vulnerabilities falling below 20% for the first time. “We adopted Rust for its security and are seeing a 1000x reduction in memory safety vulnerability density compared to Android’s C and C++ code….
Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit
Bys sFrom the Google Threat Intelligence Group: Google Threat Intelligence Group (GTIG) has identified a new and powerful exploit kit targeting Apple iPhone models running iOS version 13.0 (released in September 2019) up to version 17.2.1 (released in December 2023). The exploit kit, named “Coruna” by its developers, contained five full iOS exploit chains and a total of……
Mysterious ‘SmudgedSerpent’ Hackers Target U.S. Policy Experts Amid Iran–Israel Tensions
Bys sA never-before-seen threat activity cluster codenamed UNK_SmudgedSerpent has been attributed as behind a set of cyber attacks targeting academics and foreign policy experts between June and August 2025, coinciding with heightened geopolitical tensions between Iran and Israel. “UNK_SmudgedSerpent leveraged domestic political lures, including societal change in Iran and investigation into the
New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification
Bys sResearch analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024. Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise. Specific offenders: Google Tag Manager (8% of violations), Shopify (5%), Facebook Pixel (4%). Download…
EdgeStepper Implant Reroutes DNS Queries to Deploy Malware via Hijacked Software Updates
Bys sThe threat actor known as PlushDaemon has been observed using a previously undocumented Go-based network backdoor codenamed EdgeStepper to facilitate adversary-in-the-middle (AitM) attacks. EdgeStepper “redirects all DNS queries to an external, malicious hijacking node, effectively rerouting the traffic from legitimate infrastructure used for software updates to attacker-controlled infrastructure