Nineteen Sophos Women Recognized by CRN’s Women of the Channel
CRN honors Sophos women whose channel expertise and vision are deserving of recognition.
Similar Posts
New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events
Bys sCybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and perform fraudulent transactions by preying on the elderly. Dutch mobile security company ThreatFabric said it discovered the campaign in August 2025 after users in Australia reported scammers managing Facebook groups promoting “active senior
SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution
Bys sSolarWinds has released updates to address four critical security flaws in its Serv-U file transfer software that, if successfully exploited, could result in remote code execution. The vulnerabilities, all rated 9.1 on the CVSS scoring system, are listed below – CVE-2025-40538 – A broken access control vulnerability that allows an attacker to create a system…
Hackers Target Over 70 Microsoft Exchange Servers to Steal Credentials via Keyloggers
Bys sUnidentified threat actors have been observed targeting publicly exposed Microsoft Exchange servers to inject malicious code into the login pages that harvest their credentials. Positive Technologies, in a new analysis published last week, said it identified two different kinds of keylogger code written in JavaScript on the Outlook login page – Those that save collected…
Alert: Scattered Spider has added North American airline and transportation organizations to their target list
Bys sCharles Carmakal posted the following alert on LinkedIn: ALERT: Scattered Spider has added North American airline and transportation organizations to their target list. 🚨 Mandiant (part of Google Cloud) is aware of multiple incidents in the airline and transportation sector which resemble the operations of UNC3944 or Scattered Spider. We recommend that the industry immediately…
Call for Public Input: Essential Cybersecurity Protections for K-12 Schools (2025-26 SY)
Bys sAs posted at K12 SIX: The K12 SIX Technical Working Group is pleased to open a call for public input into the fourth annual update and revision to the K12 SIX Essential Cybersecurity Protections Series. The goal of the K12 SIX Essential Cybersecurity Protections is to communicate the most important defenses that K-12 school systems…
PHP-CGI RCE Flaw Exploited in Attacks on Japan’s Tech, Telecom, and E-Commerce Sectors
Bys sThreat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. “The attacker has exploited the vulnerability CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation of PHP on Windows, to gain initial access to victim machines,” Cisco Talos researcher Chetan Raghuprasad said in…