Year in Review 2024: The major headlines and moments from Sophos this year

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting SysAid IT support software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities in question are listed below – CVE-2025-2775 (CVSS score: 9.3) – An improper restriction of XML external entity (XXE) reference vulnerability in the

Categories: Products & Services Tags: Ransomware, Enterprise, Solutions, The State of Ransomware

Joseph Lazzarotti of JacksonLewis writes: According to one survey, Florida is fourth on the list of states with the most reported data breaches. No doubt, data breaches continue to be a significant risk for all business, large and small, across the U.S., including the Sunshine State. Perhaps more troubling is that class action litigation is more…

Russell Kinsaul reports a serious situation in St. Louis, Missouri: A cyberattack has caused a nationwide outage of the Code Red emergency notification system, leaving cities and counties across the St. Louis region unable to use the popular system to send tornado warnings and other emergency alerts directly to residents’ phones. Code Red has been……

Alexander Martin reports: Japan on Friday enacted a new law that would permit the country’s authorities to preemptively engage with adversaries through offensive cyber operations to ensure threats are suppressed before they cause significant damage. The new law, which was first mooted in 2022, is intended to help Japan strengthen its cyber defense “to a level equal…

Palo Alto Networks has patched CVE-2024-3393, a vulnerability that has been exploited for DoS attacks against the company’s firewalls. The post Palo Alto Networks Patches Firewall Zero-Day Exploited for DoS Attacks appeared first on SecurityWeek.