Beyond the kill chain: What cybercriminals do with their money (Part 2)
In the second of our five-part series, Sophos X-Ops investigates the so-called ‘white’ (legitimate) business interests of threat actors
Similar Posts
LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets
Bys sAn investigation into the compromise of an Amazon Web Services (AWS)-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro, according to findings from Synacktiv. “This backdoor features functionalities relying on the installation of two eBPF [extended Berkeley Packet Filter] modules, on the one hand to conceal itself, and on the…
How SSL Misconfigurations Impact Your Attack Surface
Bys sWhen assessing an organization’s external attack surface, encryption-related issues (especially SSL misconfigurations) receive special attention. Why? Their widespread use, configuration complexity, and visibility to attackers as well as users make them more likely to be exploited. This highlights how important your SSL configurations are in maintaining your web application security and
Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature
Bys sGoogle’s Mandiant Threat Defense on Monday said it discovered n-day exploitation of a now-patched security flaw in Gladinet’s Triofox file-sharing and remote access platform. The critical vulnerability, tracked as CVE-2025-12480 (CVSS score: 9.1), allows an attacker to bypass authentication and access the configuration pages, resulting in the upload and execution of arbitrary payloads. The
100,000 UK taxpayer accounts hit in £47m phishing attack on HMRC
Bys sNadeem Badshah reports: HM Revenue and Customs has lost £47m after a phishing scam breached tens of thousands of tax accounts, a group of MPs has heard. Two senior civil servants at the tax authority told the Treasury committee on Wednesday that 100,000 people had been contacted, or were in the process of being contacted,…
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
Bys sThreat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that has been used in recent attacks targeting Windows and Linux systems. According to findings from Acronis, the malware artifact may have been distributed by tricking victims into downloading a network troubleshooting utility for Linux environments. “Chaos…
Google Releases Open Source Library for Software Composition Analysis
Bys sGoogle releases OSV-SCALIBR, an open source library for software composition analysis and file system scanning. The post Google Releases Open Source Library for Software Composition Analysis appeared first on SecurityWeek.