Sophos Firewall v21.5 early access is now available
Say hello to great new features and enhancements in v21.5.
Similar Posts
Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities
Bys sKaspersky has disclosed the details of over a dozen vulnerabilities discovered in a Mercedes-Benz MBUX infotainment system. The post Details Disclosed for Mercedes-Benz Infotainment Vulnerabilities appeared first on SecurityWeek.
Texas Enacts Electronic Health Record Data Localization Law
Bys sHunton Andrews Kurth writes: Texas Governor Greg Abbott recently signed into law S.B. 1188, a bill that regulates the security and storage of electronic health record data and the deployment of artificial intelligence (“AI”) in the health care context. The law creates a data localization requirement, obligating covered entities to physically maintain electronic health records in…
Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner
Bys sAn ongoing phishing campaign is targeting French-speaking corporate environments with fake resumes that lead to the deployment of cryptocurrency miners and information stealers. “The campaign uses highly obfuscated VBScript files disguised as resume/CV documents, delivered through phishing emails,” Securonix researchers Shikha Sangwan, Akshay Gaikwad, and Aaron Beardslee said in a report shared
Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach
Bys sMicrosoft on Monday announced that it has moved the Microsoft Account (MSA) signing service to Azure confidential virtual machines (VMs) and that it’s also in the process of migrating the Entra ID signing service as well. The disclosure comes about seven months after the tech giant said it completed updates to Microsoft Entra ID and…
Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign
Bys sCybersecurity researchers have disclosed details of an active web traffic hijacking campaign that has targeted NGINX installations and management panels like Baota (BT) in an attempt to route it through the attacker’s infrastructure. Datadog Security Labs said it observed threat actors associated with the recent React2Shell (CVE-2025-55182, CVSS score: 10.0) exploitation using malicious NGINX
Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
Bys sFrom Mandiant: UNC3944, which overlaps with public reporting on Scattered Spider, is a financially-motivated threat actor characterized by its persistent use of social engineering and brazen communications with victims. In early operations, UNC3944 largely targeted telecommunications-related organizations to support SIM swap operations. However, after shifting to ransomware and data theft extortion in early 2023, they…