Introducing Sophos Identity Threat Detection and Response (ITDR)
Neutralize identity-based threats before they can impact your business.
Similar Posts
Chaos RaaS Emerges After BlackSuit Takedown, Demanding $300K from U.S. Victims
Bys sA newly emerged ransomware-as-a-service (RaaS) gang called Chaos is likely made up of former members of the BlackSuit crew, as the latter’s dark web infrastructure has been the subject of a law enforcement seizure. Chaos, which sprang forth in February 2025, is the latest entrant in the ransomware landscape to conduct big-game hunting and double…
67 Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
Bys sCybersecurity researchers have uncovered a new campaign in which the threat actors have published more than 67 GitHub repositories that claim to offer Python-based hacking tools, but deliver trojanized payloads instead. The activity, codenamed Banana Squad by ReversingLabs, is assessed to be a continuation of a rogue Python campaign that was identified in 2023 as…
Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
Bys sResearchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years. The vulnerability, referred to as Branch Privilege Injection (BPI), “can be…
U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation
Bys sThe U.S. Department of Justice (DoJ) on Thursday announced the disruption of the online infrastructure associated with DanaBot (aka DanaTools) and unsealed charges against 16 individuals for their alleged involvement in the development and deployment of the malware, which it said was controlled by a Russia-based cybercrime organization. The malware, the DoJ said, infected more…
Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign
Bys sThreat actors with suspected ties to Russia have been observed taking advantage of a Google account feature called application specific passwords (or app passwords) as part of a novel social engineering tactic designed to gain access to victims’ emails. Details of the highly targeted campaign were disclosed by Google Threat Intelligence Group (GTIG) and the…
North Korea Uses GitHub in Diplomat Cyber Attacks as IT Worker Scheme Hits 320+ Firms
Bys sNorth Korean threat actors have been attributed to a coordinated cyber espionage campaign targeting diplomatic missions in their southern counterpart between March and July 2025. The activity manifested in the form of at least 19 spear-phishing emails that impersonated trusted diplomatic contacts with the goal of luring embassy staff and foreign ministry personnel with convincing…