Empowering Rural Education: Sophos India’s Volunteering Initiative
Transforming Futures: How Sophos India’s volunteers are driving education and hope in rural communities.
Similar Posts
Black Basta exposed: A look at a cybercrime data leak and a key member, “Tramp”
Bys sIntel471 reports: On Feb. 11, 2025, a mysterious leaker going by the Telegram username ExploitWhispers released one year’s worth of internal communications between members of the Black Basta ransomware group on a Telegram channel. Black Basta is still active in a reduced capacity, but in 2022, it was the third most impactful ransomware group. Its members appeared to be experienced…
Rhadamanthys Stealer Evolves: Adds Device Fingerprinting, PNG Steganography Payloads
Bys sThe threat actor behind Rhadamanthys has also advertised two other tools called Elysium Proxy Bot and Crypt Service on their website, even as the flagship information stealer has been updated to support the ability to collect device and web browser fingerprints, among others. “Rhadamanthys was initially promoted through posts on cybercrime forums, but soon it…
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
Bys sCybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devices and web applications to enroll them into a botnet known as RondoDox. As of December 2025, the activity has been observed leveraging the recently disclosed React2Shell (CVE-2025-55182, CVSS score: 10.0) flaw as an initial access vector, CloudSEK…
Cryptojacking Campaign Exploits DevOps APIs Using Off-the-Shelf Tools from GitHub
Bys sCybersecurity researchers have discovered a new cryptojacking campaign that’s targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and Nomad to illicitly mine cryptocurrencies. Cloud security firm Wiz, which is tracking the activity under the name JINX-0132, said the attackers are exploiting a wide range of known misconfigurations…
Microsoft Revokes 200 Fraudulent Certificates Used in Rhysida Ransomware Campaign
Bys sMicrosoft on Thursday disclosed that it revoked more than 200 certificates used by a threat actor it tracks as Vanilla Tempest to fraudulently sign malicious binaries in ransomware attacks. The certificates were “used in fake Teams setup files to deliver the Oyster backdoor and ultimately deploy Rhysida ransomware,” the Microsoft Threat Intelligence team said in…
The sixth sense for cyber defense: Multimodal AI
Bys sSophos X-Ops’ research, presented at Virus Bulletin 2024, uses ‘multimodal’ AI to classify spam, phishing, and unsafe web content