Strengthening cyber resilience: Introducing Internal Attack Surface Management (IASM) for Sophos Managed Risk
Enhanced vulnerability management delivered as a managed service.
Similar Posts
FunkSec Ransomware Decryptor Released Free to Public After Group Goes Dormant
Bys sCybersecurity experts have released a decryptor for a ransomware strain called FunkSec, allowing victims to recover access to their files for free. “Because the ransomware is now considered dead, we released the decryptor for public download,” Gen Digital researcher Ladislav Zezula said. FunkSec, which emerged towards the end of 2024, has claimed 172 victims, according…
GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections
Bys sCybercriminals associated with a financially motivated group known as GoldFactory have been observed staging a fresh round of attacks targeting mobile users in Indonesia, Thailand, and Vietnam by impersonating government services. The activity, observed since October 2024, involves distributing modified banking applications that act as a conduit for Android malware, Group-IB said in a technical
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security flaws impacting Hikvision and Rockwell Automation products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The critical-severity vulnerabilities are listed below – CVE-2017-7921 (CVSS score: 9.8) – An improper authentication vulnerability affecting
Oklahoma Substantially Amends Its Data Breach Notification Statute
Bys sAshden Fein, Caleb Skeath, Micaela McMurrough, Emily Pehrsson, and Sierra Stubbs of Covington and Burling write: Oklahoma recently enacted Senate Bill 626, which substantially amends the state’s data breach notification law to broaden the scope of notification obligations and add a new regulator notification requirement along with a new “safe harbor”-style provision that provides liability protections if certain…
Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support
Bys sGoogle on Thursday said it observed the North Korea-linked threat actor known as UNC2970 using its generative artificial intelligence (AI) model Gemini to conduct reconnaissance on its targets, as various hacking groups continue to weaponize the tool for accelerating various phases of the cyber attack life cycle, enabling information operations, and even conducting model extraction…
Handala Hackers Alleges Massive Data Breach of Tamir Pardo, Former Mossad Chief
Bys sAs posted by the Iranian news agency, WANA: The hacker group Handala announced that it has released 14 gigabytes of personal and highly confidential documents belonging to Tamir Pardo as proof of concept (PoC). A message from Handala that accompanies some screengrabs offered as proof of claims states, in part: Today, Handala proudly announces that……