Beyond MFA: Building true resilience against identity-based attacks
Categories: Sophos Insights
Tags: Identity Security, MFA, Sophos ITDR
Similar Posts
Oops! Catasauqua employees’ Social Security numbers, other data accidentally sent to government watchdog group
Bys sDaniel Patrick Sheehan reports: Responding to a Right-to-Know Law request from a government watchdog group, Catasauqua accidentally released unredacted W-2 tax forms of 70 employees and former employees, exposing their Social Security numbers and other personal data, a borough official confirmed. Borough Manager Glenn Eckhart said the incident happened last month when the group, Open the…
CERT-UA Warns of Cyber Scams Using Fake AnyDesk Requests for Fraudulent Security Audits
Bys sThe Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests. The AnyDesk requests claim to be for conducting an audit to assess the “level of security,” CERT-UA added, cautioning organizations to be on the lookout for such social…
Update: Kering confirms Gucci and other brands hacked; claims no conversations with hackers?
Bys sOn September 11, DataBreaches broke the story that customers of several high-end fashion brands owned by Paris-headquartered Kering had their personal information acquired by ShinyHunters as part of two Salesforce attacks. As we reported, a spokesperson for ShinyHunters claimed to have acquired more than 43 million customer records from Gucci and almost 13 million records……
AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access
Bys sA security vulnerability has been disclosed in AMD’s Secure Encrypted Virtualization (SEV) that could permit an attacker to load a malicious CPU microcode under specific conditions. The flaw, tracked as CVE-2024-56161, carries a CVSS score of 7.2 out of 10.0, indicating high severity. “Improper signature verification in AMD CPU ROM microcode patch loader may allow…
Steward Health Care insurance mess leaves doctors liable for settlements
Bys sKris Olson reports on what sounds like a real mess: The questionable relationship between Steward Health Care and its in-house malpractice insurer is proving to be an unrelenting source of misery for injured plaintiffs, defendant doctors and their attorneys. In recent weeks, a plaintiff’s attorney convinced Superior Court judges in two different counties to put former……
⚡ Weekly Recap: Firewall Exploits, AI Data Theft, Android Hacks, APT Attacks, Insider Leaks & More
Bys sCyber threats last week showed how attackers no longer need big hacks to cause big damage. They’re going after the everyday tools we trust most — firewalls, browser add-ons, and even smart TVs — turning small cracks into serious breaches. The real danger now isn’t just one major attack, but hundreds of quiet ones using…