Author: s s

Combining advanced technologies with human expertise to defend against evolving threats.

Some wines benefit from aging. Breach notification letters do not. On or about December 28, 2023, Alpha Omega Winery in California experienced what they report as a ransomware incident. According to their notification, the types of personal information may have included, and potentially were not limited to: name, date of birth, Social Security number, driver’s……

Amazon’s threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware. “This discovery highlights the trend of threat actors focusing on critical identity and network access control…

Get involved in the Sophos Firewall v22 Early Access Program today!

Julia Dowling reports: The Court of Appeal has reaffirmed the Malta Financial Services Authority (MFSA) bears responsibility for an unauthorised disclosure of confidential data to the investigative website ‘OffshoreAlert’. The decision marks the latest development in a long-running legal battle over accountability and data protection standards within Malta’s financial regulator. This latest judgment, delivered on……

Every day, security teams face the same problem—too many risks, too many alerts, and not enough time. You fix one issue, and three more show up. It feels like you’re always one step behind. But what if there was a smarter way to stay ahead—without adding more work or stress? Join The Hacker News and…

Microsoft on Tuesday released patches for 63 new security vulnerabilities identified in its software, including one that has come under active exploitation in the wild. Of the 63 flaws, four are rated Critical and 59 are rated Important in severity. Twenty-nine of these vulnerabilities are related to privilege escalation, followed by 16 remote code execution,…

Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD’s importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making it the ultimate target. For attackers, it represents the holy grail: compromise Active

Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud. The company said it has built Private AI Compute to “unlock the full speed and power of Gemini cloud models for AI experiences, while ensuring your personal data stays private…

Threat hunters have uncovered similarities between a banking malware called Coyote and a newly disclosed malicious program dubbed Maverick that has been propagated via WhatsApp. According to a report from CyberProof, both malware strains are written in .NET, target Brazilian users and banks, and feature identical functionality to decrypt, targeting banking URLs and monitor banking…