Sophos Firewall v21.5 is now available
New innovations and top-requested features
Similar Posts
Kimsuky Spreads DocSwap Android Malware via QR Phishing Posing as Delivery App
Bys sThe North Korean threat actor known as Kimsuky has been linked to a new campaign that distributes a new variant of Android malware called DocSwap via QR codes hosted on phishing sites mimicking Seoul-based logistics firm CJ Logistics (formerly CJ Korea Express). “The threat actor leveraged QR codes and notification pop-ups to lure victims into…
86% of businesses refused to pay cyber ransoms in 2025 — Coalition Insurance
Bys sTwo firms recently told DataBreaches that about 30% or more of their clients pay ransom after a cyberattack. But you may get a different impression from other findings. The Actuary reports: Initial ransom demands by cyber attackers surged by 47% last year but record numbers of businesses declined to pay up, according to a specialist……
Hackers claim access to law enforcement portals, but do they really have access?
Bys sOn September 11, after posting a lengthy “Goodbye” message on BreachForums[.]hn and linking to it on Telegram, the individuals calling themselves Scattered LAPSUS$ Hunters 4.0 seemed to have some difficulty with sticking to the “going silent” part of their farewell message. In short order, they posted four screenshots suggesting that they had access to the……
ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts
Bys sMalicious actors can exploit default configurations in ServiceNow’s Now Assist generative artificial intelligence (AI) platform and leverage its agentic capabilities to conduct prompt injection attacks. The second-order prompt injection, according to AppOmni, makes use of Now Assist’s agent-to-agent discovery to execute unauthorized actions, enabling attackers to copy and exfiltrate sensitive
Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks
Bys sAs GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Forward-thinking security teams are looking for security controls and strategies to address these risks, but they do not always know which risks to prioritize. In some cases,…
A guilty plea in the PowerSchool case still leaves unanswered questions
Bys sOn June 6, 19-year-old Matthew D. Lane pleaded guilty in federal court in Massachusetts to one count each of conspiracy to commit cyber extortion, cyber extortion, unauthorized access to protected computers, and aggravated identity theft. The first two charges were related to an unnamed telecom company identified as “Victim 1.” The third and fourth charges…