Beyond MFA: Building true resilience against identity-based attacks
Categories: Sophos Insights
Tags: Identity Security, MFA, Sophos ITDR
Similar Posts
Crypto wallet firm Ledger faces customer data breach through payment processor Global-e
Bys sOmkar Godbole and AI Boost write: Hardware wallet giant Ledger is grappling with a data exposure incident, this time linked to its third-party payment processor, Global-e. An email notification sent to customers by Global-e and initially shared by pseudonymous blockchain sleuth ZachXBT on X said the breach involved unauthorized access to Ledger users’ personal details like names……
Data from Insight Hospital and Medical Center Leaked on Dark Web
Bys sOn or about January 26, 2026, Insight Hospital and Medical Center (“Insight”) in Chicago issued a substitute notice. It states that in September 2025, Insight learned of unusual activity within its network. An investigation subsequently determined that an unauthorized individual accessed the network between August 22, 2025 and September 11, 2025. As of the date……
Casual White House Starlink Use Is A Cybersecurity Nightmare, A Transparency Problem, And A Weird Marketing Stunt
Bys sfrom the but-her-emails dept at TechDirt: Wed, Mar 19th 2025 05:26am – Karl Bode It’s best to view Elon Musk’s DOGE as an attack. While right wing propaganda (and gullible media outlets and politicians) frame DOGE as a “cost saving” effort at “improving government efficiency,” that’s just flimsy-ass cover for its real purpose: the dismantling of corporate…
How To Automate Alert Triage With AI Agents and Confluence SOPs Using Tines
Bys sRun by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community – all free to import and deploy through the platform’s Community Edition. The workflow we are highlighting streamlines security alert handling by automatically identifying and executing the appropriate…
Top 5 Malware Threats to Prepare Against in 2025
Bys s2024 had its fair share of high-profile cyber attacks, with companies as big as Dell and TicketMaster falling victim to data breaches and other infrastructure compromises. In 2025, this trend will continue. So, to be prepared for any kind of malware attack, every organization needs to know its cyber enemy in advance. Here are 5…
Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
Bys sThreat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT. The vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that could allow remote attackers to run arbitrary code. Cybersecurity company