The Bite from Inside: The Sophos Active Adversary Report
A sea change in available data fuels fresh insights from the first half of 2024
Similar Posts
SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
Bys sThe latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider’s storage security controls and default settings. “In just the past…
Italy’s data protection regulator fined Intesa Sanpaolo €31.8 million over insider data breach
Bys sFrom the Garante’s press release, below, it sounds like the banking group experienced an insider-wrongdoing breach in which an employee improperly accessed 3,573 customer accounts over a period of two years. Data breach: The Italian Data Protection Authority fines Intesa Sanpaolo €31.8 million for unauthorized access to the banking information of over 3,500 customers for……
Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat
Bys sSource: Securonix Cybersecurity researchers have disclosed details of a new campaign dubbed PHALT#BLYX that has leveraged ClickFix-style lures to display fixes for fake blue screen of death (BSoD) errors in attacks targeting the European hospitality sector. The end goal of the multi-stage campaign is to deliver a remote access trojan known as DCRat, according to…
Zero-Click Agentic Browser Attack Can Delete Entire Google Drive Using Crafted Emails
Bys sA new agentic browser attack targeting Perplexity’s Comet browser that’s capable of turning a seemingly innocuous email into a destructive action that wipes a user’s entire Google Drive contents, findings from Straiker STAR Labs show. The zero-click Google Drive Wiper technique hinges on connecting the browser to services like Gmail and Google Drive to automate…
Senator Chides FBI for Weak Advice on Mobile Security
Bys sBrian Krebs reports: Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of Staff Susie Wiles was reportedly used to fuel a series of text messages and phone calls impersonating her to U.S….
On Reports of an Alleged Data Breach Involving G-Xchange, Inc. (GCash)
Bys sFrom the National Privacy Commission of the Philippines: October 27, 2025 10:57 AM Last Edit: October 27th, 2025 The National Privacy Commission (NPC) urges the public to exercise heightened vigilance following reports of data leak allegedly involving G-Xchange, Inc., operator of GCash, which surfaced online on 26 October 2025. The NPC has immediately launched an……