Beyond the kill chain: What cybercriminals do with their money (Part 3)
In the third of our five-part series, Sophos X-Ops explores the more legally and ethically dubious business interests of financially motivated threat actors
Similar Posts
Silent Lynx Using PowerShell, Golang, and C++ Loaders in Multi-Stage Cyberattacks
Bys s
A previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan. “This threat group has previously targeted entities around Eastern Europe and Central Asian government think tanks involved in economic decision making and banking sector,” Seqrite Labs researcher Subhajeet Singha said in a technical…
Indiana Man Sentenced to 20 Years in Federal Prison for Conspiracies Involving Cyber Intrusion and a Massive $37 Million Cryptocurrency Theft
Bys s
SIOUX FALLS – United States Attorney Alison J. Ramsdell announced today that U.S. Chief Judge Roberto A. Lange has sentenced a Lebanon, Indiana, man convicted of Conspiracy to Commit Wire Fraud and Conspiracy to Launder Monetary Instruments. The sentencing took place on February 6, 2025. Evan Frederick Light, age 22, was sentenced to 20 years…
5 Reasons Device Management Isn’t Device Trust
Bys s
The problem is simple: all breaches start with initial access, and initial access comes down to two primary attack vectors – credentials and devices. This is not news; every report you can find on the threat landscape depicts the same picture. The solution is more complex. For this article, we’ll focus on the device threat…
Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities
Bys s
Chrome and Firefox updates released this week resolve high-severity vulnerabilities in the two popular browsers. The post Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Hacked on Christmas, DEphoto starts notifying customers, only to be attacked again
The threat actor known as 0mid16B contacted DataBreaches this morning to alert this site to a breach involving a U.K. photo business, DEphoto (DEphoto[.]biz). DEphoto is an established business for school, sports, club, and event photography. According to 0mid16B, they attacked DEphoto on December 25, and acquired the personal information of 555,952 customers, 429,597 orders…
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
Bys s
A novel attack technique named EchoLeak has been characterized as a “zero-click” artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 Copilot’s context sans any user interaction. The critical-rated vulnerability has been assigned the CVE identifier CVE-2025-32711 (CVSS score: 9.3). It requires no customer action and has been already