Beyond MFA: Building true resilience against identity-based attacks
Categories: Sophos Insights
Tags: Identity Security, MFA, Sophos ITDR
Similar Posts
What to Look for in an Exposure Management Platform (And What Most of Them Get Wrong)
Bys sEvery security team has a version of the same story. The quarter ends with hundreds of vulnerabilities closed. The dashboards are bursting with green. Then someone in a leadership meeting asks: “So, are we actually safer now?” Crickets. The room goes quiet because an honest answer requires context – which is something that patch counts…
Akira ransomware gang used an unsecured webcam to bypass EDR
Bys sThe Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. Pierluigi Paganini reports: Cybersecurity researchers at S-RM team discovered a novel attack technique used by the Akira ransomware gang. The ransomware group used an unsecured webcam to encrypt systems within a target’s network, bypassing Endpoint Detection…
Chinese hacker “Crazyhunter” behind ransomware attack on MacKay Hospital, others: CIB
Bys sHuang Li-yun and Matthew Mazzetta report that the hacker known as “Crazyhunter” on Breach Forums has been identified and prosecutors are seeking an arrest warrant for him: The Criminal Investigation Bureau (CIB) on Wednesday said it had identified the suspect behind the hacking and attempted extortion of MacKay Memorial Hospital as a 20-year-old Chinese man,…
China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure
Bys sThe China-linked cyber espionage group tracked as APT41 has been attributed to a new campaign targeting government IT services in the African region. “The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware,” Kaspersky researchers Denis Kulik and Daniil Pogorelov said. “One of the C2s [command-and-control servers] was…
When the victimizers become the victims…. RansomHub the victim of a takeover?
Bys sIn February, RansomHub was described as the leading Ransomware-as-a-Service group and as a pervasive threat to critical sectors. Weeks later, Trend Micro analyzed SocGholish’s MaaS framework and its role in deploying RansomHub ransomware. RansomHub was clearly developing and making a significant impact in the ransomware ecosystem. But in the blink of an eye, it seemed,…
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
Bys sMicrosoft has disclosed details of a large-scale credential theft campaign that has leveraged a combination of code of conduct-themed lures and legitimate email services to direct users to attacker-controlled domains and steal authentication tokens. The multi-stage campaign, observed between April 14 and 16, 2026, targeted more than 35,000 users across over 13,000 organizations in 26…