Keeping it real: Sophos and the 2024 MITRE ATT&CK Evaluations: Enterprise
Sophos X-Ops looks at the realism of this year’s MITRE ATT&CK Evaluations
Similar Posts
Palo Alto Networks Warns of Brute-Force Attempts Targeting PAN-OS GlobalProtect Gateways
Bys sPalo Alto Networks has revealed that it’s observing brute-force login attempts against PAN-OS GlobalProtect gateways, days after threat actors warned of a surge in suspicious login scanning activity targeting its appliances. “Our teams are observing evidence of activity consistent with password-related attacks, such as brute-force login attempts, which does not indicate exploitation of a
Initial Access Brokers Target Brazil Execs via NF-e Spam and Legit RMM Trials
Bys sCybersecurity researchers are warning of a new campaign that’s targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management (RMM) software since January 2025. “The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and accessing malicious content hosted in Dropbox,” Cisco…
PA: York County alerts residents of potential data breach
Bys sSean Adams reports: York County officials have released a warning to residents that a “data privacy event” might have put their information at risk. County officials shared that “in early 2025, the county was notified of a possible data security incident” involving a vendor working with them. An employee of that vendor had been hired…
European Space Agency confirms breach of “external servers”
Bys sSergiu Gatlan reports: The European Space Agency (ESA) confirmed that attackers recently breached servers outside its corporate network, which contained what it described as “unclassified” information on collaborative engineering activities. Founded 50 years ago and headquartered in Paris, ESA is an intergovernmental organization that coordinates the space activities of 23 member states. ESA has around……
New Android Banking Trojan “Klopatra” Uses Hidden VNC to Control Infected Smartphones
Bys sA previously undocumented Android banking trojan called Klopatra has compromised over 3,000 devices, with a majority of the infections reported in Spain and Italy. Italian fraud prevention firm Cleafy, which discovered the sophisticated malware and remote access trojan (RAT) in late August 2025, said it leverages Hidden Virtual Network Computing (VNC) for remote control of…
FireScam Android Malware Packs Infostealer, Spyware Capabilities
The FireScam Android infostealer monitors app notifications and harvests credentials and financial data and sends it to a Firebase database. The post FireScam Android Malware Packs Infostealer, Spyware Capabilities appeared first on SecurityWeek.