Game of clones: Sophos and the MITRE ATT&CK Enterprise 2025 Evaluations
Winter is coming – so it must be time for Sophos X-Ops’ report on this year’s MITRE ATT&CK Enterprise Evaluations
Similar Posts
Romanian Men Indicted For Access Device Fraud
Bys sNEW ORLEANS, LOUISIANA – United States Attorney Duane A. Evans announced that ANDREI FAGARAS (“FAGARAS”), age 35, and TAMAS KOLOZSVARI (“KOLOZSVARI “), age 30, Romanian nationals, were indicted on January 31, 2025 on three counts of access device fraud, in violation of Title 18, United States Code, Section 1029(a)(4). According to court documents, on November 13, 2024 and November 14,2024, FAGARAS and KOLOZSVARI possessed device-making…
SentinelOne Uncovers Chinese Espionage Campaign Targeting Its Infrastructure and Clients
Bys sCybersecurity company SentinelOne has revealed that a China-nexus threat cluster dubbed PurpleHaze conducted reconnaissance attempts against its infrastructure and some of its high-value customers. “We first became aware of this threat cluster during a 2024 intrusion conducted against an organization previously providing hardware logistics services for SentinelOne employees,” security
AI SOC 101: Key Capabilities Security Leaders Need to Know
Bys sSecurity operations have never been a 9-to-5 job. For SOC analysts, the day often starts and ends deep in a queue of alerts, chasing down what turns out to be false positives, or switching between half a dozen tools to piece together context. The work is repetitive, time-consuming, and high-stakes, leaving SOCs under constant pressure…
White House Clears HIPAA Security Rule Update
Chris Riotta reports: The U.S. Department of Health and Human Services is ramping up digital efforts to protect Americans in a year that’s witnessed hackers targeting sensitive patient data and major breaches at Ascension and UnitedHealth. HHS is set to unveil a notice of proposed rulemaking requiring healthcare companies to encrypt data, conduct routine compliance…
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition. The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 (CVSS score: 7.5). It was addressed by Microsoft as part of Patch Tuesday updates for December 2024, alongside CVE-2024-49112 (
Unpatched Versa Concerto Flaws Let Attackers Escape Docker and Compromise Host
Bys sCybersecurity researchers have uncovered multiple critical security vulnerabilities impacting the Versa Concerto network security and SD-WAN orchestration platform that could be exploited to take control of susceptible instances. It’s worth noting that the identified shortcomings remain unpatched despite responsible disclosure on February 13, 2025, prompting a public release of the issues