Beyond the kill chain: What cybercriminals do with their money (Part 2)
In the second of our five-part series, Sophos X-Ops investigates the so-called ‘white’ (legitimate) business interests of threat actors
Similar Posts
Webinar: How to Stop Python Supply Chain Attacks—and the Expert Tools You Need
Bys sPython is everywhere in modern software. From machine learning models to production microservices, chances are your code—and your business—depends on Python packages you didn’t write. But in 2025, that trust comes with a serious risk. Every few weeks, we’re seeing fresh headlines about malicious packages uploaded to the Python Package Index (PyPI)—many going undetected until…
U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues
Bys sThe U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns. The development was first reported by Axios. The decision, according to the House Chief Administrative Officer (CAO), was motivated by worries about the app’s security. “The Office of Cybersecurity has deemed WhatsApp a high-risk to…
Private Data and Passwords of Senior U.S. Security Officials Found Online
Bys sThis will likely come as no surprise to many, but Spiegel International reports: Donald Trump’s most important security advisers used Signal to discuss an imminent military strike. Now, reporting by DER SPIEGEL has found that the contact data of some of those officials, including mobile phone numbers, is freely accessible on the internet. According to…
⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More
Bys sMonday is back, and the weekend’s backlog of chaos is officially hitting the fan. We are tracking a critical zero-day that has been quietly living in your PDFs for months, plus some aggressive state-sponsored meddling in infrastructure that is finally coming to light. It is one of those mornings where the gap between a quiet shift and a…
Health Net Federal Services, LLC and Centene Corporation Agree to Pay Over $11 Million to Resolve False Claims Act Liability for Cybersecurity Violations
Bys sFrom the U.S. Department of Justice, February 18, 2025 Note: View the settlement agreement here. Health Net Federal Services Inc. (HNFS) of Rancho Cordova, California and its corporate parent, St. Louis-based Centene Corporation, have agreed to pay $11,253,400 to resolve claims that HNFS falsely certified compliance with cybersecurity requirements in a contract with the U.S. Department…
Iran-Linked Password-Spraying Campaign Targets 300+ Israeli Microsoft 365 Organizations
Bys sAn Iran-nexus threat actor is suspected to be behind a password-spraying campaign targeting Microsoft 365 environments in Israel and the U.A.E. amid ongoing conflict in the Middle East. The activity, assessed to be ongoing, was carried out in three distinct attack waves that took place on March 3, March 13, and March 23, 2026, per Check Point. “The campaign is…