Cyber Security News

Sophos MDR and Microsoft 365 aren’t just “better” together, they’re “best” together.

More details have emerged on the arrest of an alleged XSS.is administrator by Ukrainian cyber police. The seizure notice has now appeared on the .onion version of the forum, and threads have been totally removed. As of the time of this update, and while the forum could still be updated before the seizure notice replaced…

In February, DataBreaches reported that an incident involving Australia IVF giant Genea was the work of the Termite gang, who had posted proof of claims and also claimed to have 700 GB of files. Apparently, Genea still hasn’t revealed that to those affected, who only now are receiving notifications that their data was involved and…

The following is a machine translation of an article that originally appeared in French by Sylvain Trinel: The public body that manages employment in France, as well as training and unemployment benefits, has been the victim of a “malicious act,” the third in less than two years. This is a new blow for France Travail…

The Moscow Times reports: A wave of coordinated cyberattacks has paralyzed the digital systems of several major Russian restaurant chains and food service providers, the Vedomosti business daily reported. The attacks, which began on July 18, targeted networks run by automation provider iiko and its hosting partner ESTT. Restaurant chains including McDonald’s successor Vkusno i Tochka, coffee chain…

Rochdi Rais reports:  The Clorox Company and its subsidiary, Clorox Services Co., today filed a $380 million lawsuit in California state court against Cognizant Worldwide Ltd. and its New Jersey affiliate, Cognizant Technology Solutions US Corp. The complaint alleges that Cognizant enabled a “catastrophic” cyberattack on Clorox’s corporate network in August 2023 by handing over sensitive…

Over on SuspectFile, Marco A. De Felice (@amvinfe) considers the troubling use of injunctions, SLAPP suits, and superinjunctions that prohibit the press from performing its duty to inform the public on matters of importance.  The topic was back in the news this week after a superinjunction obtained by the U.K. Ministry of Defence to block…

The Windows banking trojan known as Coyote has become the first known malware strain to exploit the Windows accessibility framework called UI Automation (UIA) to harvest sensitive information. “The new Coyote variant is targeting Brazilian users, and uses UIA to extract credentials linked to 75 banking institutes’ web addresses and cryptocurrency exchanges,” Akamai security researcher…

Actions for Organizations to Take Today to Mitigate Cyber Threats Related to Interlock Ransomware Activity Prevent initial access by implementing domain name system (DNS) filtering and web access firewalls, and training users to spot social engineering attempts. Mitigate known vulnerabilities by ensuring operating systems, software, and firmware are patched and up to date. Segment networks…

Security experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical defense methods. Why? It’s because existing detections rely on brittle heuristics and static rules, which don’t hold up for detecting potential attack patterns in highly variable Kerberos traffic. They frequently generate false positives or miss “low-and-slow” attacks…