Human-in-the-loop security will define 2026: Predictions from Sophos experts
Categories: Sophos Insights
Tags: Sophos, Year in Review
Similar Posts
Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year
Bys sIt’s time once again to pay our respects to the once-famous cybersecurity solutions whose usefulness died in the past year. The cybercriminal world collectively mourns the loss of these solutions and the easy access they provide to victim organizations. These solutions, though celebrated in their prime, succumbed to the twin forces of time and advancing…
Virginia Urology Silent on Possible Data Breach as Purported Patient Data Begins to Leak
Bys sThere are various reasons entities may not want to disclose a data breach or respond to journalists’ inquiries. But when entities do not disclose a breach or deny it, and they do not respond to inquiries, they risk threat actors controlling the narrative. And if threat actors control the narrative, the entity may appear to……
Connecticut Senate Bill Raises the Stakes on Data Breach Response
Bys sHayley Steele and Gregory Szewczyk of Ballard Spahr write: A new bill introduced in Connecticut—Connecticut Senate Bill 117, An Act Concerning Breaches of Security Involving Electronic Personal Information—would create mandatory forensic examination requirements for entities that experience a “massive breach of security,” defined as a data breach affecting at least 100,000 Connecticut residents, and imposes……
New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
Bys sCybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model’s (LLM) safety and content moderation guardrails with just a single character change. “The TokenBreak attack targets a text classification model’s tokenization strategy to induce false negatives, leaving end targets vulnerable to attacks that the implemented
2024’s Data Breaches: Breaches Handled Badly
There are always a ton of articles at the end of every year recapping what went wrong. Over on TechCrunch, Zack Whittaker and Carly Page have their annual list of breaches handled poorly. This year’s list includes 23andMe, Change Healthcare, Synnovis, Snowflake, Columbus Ohio, Salt Typhoon, Moneygram, and HotTopic. DataBreaches generally agrees with their recap,…
DPRK Hackers Use ClickFix to Deliver BeaverTail Malware in Crypto Job Scams
Bys sThreat actors with ties to the Democratic People’s Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret. “The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles,”…