Game of clones: Sophos and the MITRE ATT&CK Enterprise 2025 Evaluations
Winter is coming – so it must be time for Sophos X-Ops’ report on this year’s MITRE ATT&CK Enterprise Evaluations
Similar Posts
LightSpy Expands to 100+ Commands, Increasing Control Over Windows, macOS, Linux, and Mobile
Bys sCybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram. LightSpy is the name given to a modular spyware that’s capable of infecting both Windows and Apple systems with an aim to…
3 Actively Exploited Zero-Day Flaws Patched in Microsoft’s Latest Security Update
Bys sMicrosoft kicked off 2025 with a new set of patches for a total of 161 security vulnerabilities across its software portfolio, including three zero-days that have been actively exploited in attacks. Of the 161 flaws, 11 are rated Critical, and 149 are rated Important in severity. One other flaw, a non-Microsoft CVE related to a…
Florida Medicare members’ data exposed as Mirra Health improperly outsourced records overseas
Bys sSkyler Shepard reports: State investigators say Mirra Health jeopardized the safety of thousands of Floridians by sharing their sensitive health data with unauthorized companies overseas. Florida Insurance Commissioner Mike Yaworsky suspended Mirra Health Care LLC on Tuesday after investigators found the company sent private medical information to unlicensed companies in India and the Philippines. Mirra Health handles important claims……
Microsoft’s End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now
Bys sFor decades, Microsoft Exchange has been the backbone of business communications, powering emailing, scheduling and collaboration for organizations worldwide. Whether deployed on-premises or in hybrid environments, companies of all sizes rely on Exchange for seamless internal and external communication, often integrating it deeply with their workflows, compliance policies and security frameworks
Alleged Nomad Bridge Hacker Arrested and Faces US Extradition
Bys sTrader Edge reports: A Russian-Israeli citizen allegedly involved in the $190 million Nomad bridge hack from 2022 has been arrested in Israel and faces extradition to the United States. Alexander Gurevich was apprehended at Ben-Gurion Airport on May 1 while attempting to board a flight to Russia. Gurevich is accused of being the first to…
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon
Bys sThe U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. “People’s Republic of China-linked (PRC) malicious cyber actors continue to target U.S. government systems, including…