Beyond the kill chain: What cybercriminals do with their money (Part 5)
In the last of our five-part series, Sophos X-Ops explores the implications and opportunities arising from threat actors’ involvement in real-world industries and crimes
Similar Posts
LeakBase Admin Arrested in Russia Over Massive Stolen Credential Marketplace
Bys sThe alleged administrator of the LeakBase cybercrime forum has been arrested by Russian law enforcement authorities, state media reported Thursday. According to TASS and MVD Media, a news website linked to the Russian Interior Ministry, the suspect is a resident of the city of Taganrog. The suspect is said to have been detained for creating…
Microsoft Extends Windows 10 Security Updates for One Year with New Enrollment Options
Bys sMicrosoft on Tuesday announced that it’s extending Windows 10 Extended Security Updates (ESU) for an extra year by letting users either pay a small fee of $30 or by sync their PC settings to the cloud. The development comes ahead of the tech giant’s upcoming October 14, 2025, deadline, when it plans to officially end…
Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls
Bys sFortinet has officially confirmed that it’s working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls. “In the last 24 hours, we have identified a number of cases where the exploit was to a device that had been fully upgraded to the latest release at the…
Hospital Español Auxilio Mutuo de Puerto Rico notifies patients of September 2023 cyberattack
Bys sHospital Español Auxilio Mutuo de Puerto Rico didn’t discover on their own that their systems had been compromised, and then, despite outside expert help, they were unable to determine with precise confidence whose data was exfiltrated or whether it has been misused, but the hospital has now started notifying patients potentially affected by a breach…
Are Scattered Spider and ShinyHunters one group or two? And who did France arrest?
Bys sWhen DataBreaches was a kid, the “new math” they were experimenting with had us learning binary and other systems. It didn’t go over well with us, our teachers, or our parents back then. Now the “new math” for me is UNCs — specifically 6040, 5537, 3944, and 6240. 6040+5537+3944 +6240 = Scattered Spider + ShinyHunters…
Anubis: A Closer Look at an Emerging Ransomware with Built-in Wiper
Bys sMaristel Policarpio, Sarah Pearl Camiling, and Sophia Nilette Robles write: A new ransomware-as-a-service (RaaS) group has emerged and has been making a name for itself in 2025. Anubis is a recently identified group that sets itself apart by partnering encryption with more destructive capabilities—wiping directories which severely impact chances of file recovery. Given its brief history and…