The Bite from Inside: The Sophos Active Adversary Report
A sea change in available data fuels fresh insights from the first half of 2024
Similar Posts
How Interlock Ransomware Infects Healthcare Organizations
Bys sRansomware attacks have reached an unprecedented scale in the healthcare sector, exposing vulnerabilities that put millions at risk. Recently, UnitedHealth revealed that 190 million Americans had their personal and healthcare data stolen during the Change Healthcare ransomware attack, a figure that nearly doubles the previously disclosed total. This breach shows just how deeply ransomware
Canadian woman stuck since 2021 in Mauritius after passport withheld
Bys sDataBreaches can’t recall any recent cases in the news involving one spouse hacking another’s email, but this one seems a bit unusual. Geoffrey York reports: A Canadian woman says she has been stuck in the Indian Ocean country of Mauritius for the past five years, unable to return home, partly because Canada refuses to release……
Vietnam’s national credit registration and reporting agency hacked; most of the population affected
Bys sSome data breaches make headlines for the number of people affected globally, such as a Facebook scraping incident in 2019 that affected 553 million people worldwide. Then there are breaches that affect a country’s entire population or much of it, such as a misconfigured database that exposed almost the entire population of Ecuador in 2019,……
Chicago firm that resolves ransomware attacks had rogue workers carrying out their own hacks, FBI says
Bys sTom Schuba reports: Rogue employees of a Chicago company that specializes in negotiating ransoms to mitigate cyber attacks were carrying out their own piracy in a plot to extort millions of dollars from a series of companies, prosecutors say. Kevin Tyler Martin, a ransomware threat negotiator for River North-based DigitalMint at the time of the……
CISO’s Expert Guide To AI Supply Chain Attacks
Bys sAI-enabled supply chain attacks jumped 156% last year. Discover why traditional defenses are failing and what CISOs must do now to protect their organizations. Download the full CISO’s expert guide to AI Supply chain attacks here. TL;DR AI-enabled supply chain attacks are exploding in scale and sophistication – Malicious package uploads to open-source repositories jumped…
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
Bys sCloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS). The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF)…