Cyber Security News

In the last of our five-part series, Sophos X-Ops explores the implications and opportunities arising from threat actors’ involvement in real-world industries and crimes

Powerful new capabilities enable Sophos MDR analysts to respond to M365 attacks on your behalf.

Tanaya Macheel reports on what appears to be a very costly attack that involved bribing overseas agents: Coinbase on Thursday reported that cyber criminals bribed overseas support agents to steal customer data to use in social engineering attacks. The incident may cost Coinbase up to $400 million to fix, the company estimated. The crypto exchange operator…

Ionut Arghire reports: A Chinese threat actor was seen disrupting the drone supply chain in multi-wave attacks against various organizations in Taiwan and South Korea, Trend Micro reports. Dubbed Earth Ammit and believed to be tied to Chinese APTs, the hacking group was seen launching two attack campaigns between 2023 and 2024, targeting organizations across…

Imagine this: Your organization completed its annual penetration test in January, earning high marks for security compliance. In February, your development team deployed a routine software update. By April, attackers had already exploited a vulnerability introduced in that February update, gaining access to customer data weeks before being finally detected. This situation isn’t theoretical: it

Cybersecurity researchers have discovered a malicious package named “os-info-checker-es6” that disguises itself as an operating system information utility to stealthily drop a next-stage payload onto compromised systems. “This campaign employs clever Unicode-based steganography to hide its initial malicious code and utilizes a Google Calendar event short link as a dynamic dropper for its final

A Russia-linked threat actor has been attributed to a cyber espionage operation targeting webmail servers such as Roundcube, Horde, MDaemon, and Zimbra via cross-site scripting (XSS) vulnerabilities, including a then-zero-day in MDaemon, according to new findings from ESET. The activity, which commenced in 2023, has been codenamed Operation RoundPress by the Slovak cybersecurity company. It…

Ransomware has evolved into a deceptive, highly coordinated and dangerously sophisticated threat capable of crippling organizations of any size. Cybercriminals now exploit even legitimate IT tools to infiltrate networks and launch ransomware attacks. In a chilling example, Microsoft recently disclosed how threat actors misused its Quick Assist remote assistance tool to deploy the destructive

Colin Wood reports: Indiana state agencies on Tuesday are warning residents to delete phony emails sent using official state government email addresses. Phishing emails emanating from numerous departments — from the Department of Child Services to the Indiana Horse Racing Commission — fraudulently inform recipients of unpaid toll fees and warn of financial penalties or…

Another day, another school district hit. KDRV in Oregon reports: Central Point School District 6 is addressing a cybersecurity incident that impacted its digital systems. According to the district, unauthorized access was detected on Wednesday, leading to immediate activation of cybersecurity protocols. The affected systems were isolated to prevent further issues. Cybersecurity experts and law…