Beyond the kill chain: What cybercriminals do with their money (Part 5)
In the last of our five-part series, Sophos X-Ops explores the implications and opportunities arising from threat actors’ involvement in real-world industries and crimes
Similar Posts
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence
Bys s
A critical security vulnerability has been disclosed in the Apache Roller open-source, Java-based blogging server software that could allow malicious actors to retain unauthorized access even after a password change. The flaw, assigned the CVE identifier CVE-2025-24859, carries a CVSS score of 10.0, indicating maximum severity. It affects all versions of Roller up to and…
BADBOX 2.0 Botnet Infects 1 Million Android Devices for Ad Fraud and Proxy Abuse
Bys s
At least four different threat actors have been identified as involved in an updated version of a massive ad fraud and residential proxy scheme called BADBOX, painting a picture of an interconnected cybercrime ecosystem. This includes SalesTracker Group, MoYu Group, Lemon Group, and LongTV, according to new findings from the HUMAN Satori Threat Intelligence and…
Majority of Browser Extensions Can Access Sensitive Enterprise Data, New Report Finds
Bys s
Everybody knows browser extensions are embedded into nearly every user’s daily workflow, from spell checkers to GenAI tools. What most IT and security people don’t know is that browser extensions’ excessive permissions are a growing risk to organizations. LayerX today announced the release of the Enterprise Browser Extension Security Report 2025, This report is the…
Ransomware on ESXi: The mechanization of virtualized attacks
Bys s
In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet (according to Shodan), the operational and business impact of these attacks is profound. Most of the Ransomware strands that are attacking ESXi servers nowadays, are…
Wallet Drainer Malware Used to Steal $500 Million in Cryptocurrency in 2024
Close to $500 million in cryptocurrency from over 332,000 addresses was stolen in 2024 using wallet drainer malware. The post Wallet Drainer Malware Used to Steal $500 Million in Cryptocurrency in 2024 appeared first on SecurityWeek.
The art of restraint: why not every system should be owned
Bys s
Jesse William McGraw writes: Greetings, reader! I want to talk about my former life as a blackhat hacker because it never makes any sense. Many of my rampant hacking campaigns focused on breaking into big servers across several industries but not on seizing the networks by the throat and forcing them to their knees. I…