The Bite from Inside: The Sophos Active Adversary Report
A sea change in available data fuels fresh insights from the first half of 2024
Similar Posts
Pinehurst Radiology Associates remains closed more than 1 month after cyberattack
Bys sMarty Stempniak reports: An East Coast imaging group remains closed more than one month after a cyberattack, according to reports from local media. Pinehurst Radiology Associates recently gave notice of the incident, launching an investigation amid suspicious activity on its network. Located in the Sandhills of North Carolina’s Moore County, the practice hired legal counsel…
ShinyHunters sent Google an extortion demand; Shiny comments on current activities
Bys sYesterday morning, DataBreaches woke up to a message on Telegram: Even the NSA can’t stop or identify us anymore. The FBI and everyone else is irrelevant and incompetent as far as we’re concerned :). When DataBreaches asked ShinyHunters if anything in particular had inspired that statement, “Shiny1” responded: I heard the NSA is investigating and…
Android’s New Feature Blocks Fraudsters from Sideloading Apps During Calls
Bys sGoogle is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress. Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granting accessibility access. The development was first reported by Android Authority….
Blockchain Offers Security Benefits – But Don’t Neglect Your Passwords
Bys sBlockchain is best known for its use in cryptocurrencies like Bitcoin, but it also holds significant applications for online authentication. As businesses in varying sectors increasingly embrace blockchain-based security tools, could the technology one day replace passwords? How blockchain works Blockchain is a secure way to maintain, encrypt, and exchange digital records of transactions.
China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware
Bys sCybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between late 2025 and early 2026. The activity, discovered by Cisco Talos, has targeted vulnerable Internet Information Services (IIS) servers located across Asia, but with a specific focus on targets in Thailand and Vietnam. The scale…
North Korea-Linked Hackers Target Developers via Malicious VS Code Projects
Bys sThe North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio Code (VS Code) projects as lures to deliver a backdoor on compromised endpoints. The latest finding demonstrates continued evolution of the new tactic that was first discovered in December 2025, Jamf Threat Labs said. “This…