The Bite from Inside: The Sophos Active Adversary Report
A sea change in available data fuels fresh insights from the first half of 2024
Similar Posts
Bitcoin holds steady as hackers drain over $40 million from CoinCDX, India’s top exchange
Bys sKri reports: Bitcoin (BTC) has remained resilient in its price action following another cryptocurrency exchange hacking incident, this time involving India’s CoinDCX. … The calm in Bitcoin’s price comes even after blockchain investigator ZachXBT revealed that CoinDCX had been drained of approximately $44.2 million in a targeted cyberattack during the early hours of Saturday. The initial activity…
Battlefords Union Hospitals notifies patients of employee snooping in their records
Bys sToday’s reminder of the insider threat comes to us from Battlefords Union Hospitals in Canada. Battlefords Now reports that between October 1, 2024 and April 4, 2025, an operating room scheduler accessed the MedAccess EHR system to look at personal and primary care medical information for hundreds of patients without a legitimate purpose. That same…
Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware
Bys sCybersecurity researchers have disclosed a malware campaign that uses fake software installers masquerading as popular tools like LetsVPN and QQ Browser to deliver the Winos 4.0 framework. The campaign, first detected by Rapid7 in February 2025, involves the use of a multi-stage, memory-resident loader called Catena. “Catena uses embedded shellcode and configuration switching logic to…
Google Ties Suspected Russian Actor to CANFAIL Malware Attacks on Ukrainian Orgs
Bys sA previously undocumented threat actor has been attributed to attacks targeting Ukrainian organizations with malware known as CANFAIL. Google Threat Intelligence Group (GTIG) described the hack group as possibly affiliated with Russian intelligence services. The threat actor is assessed to have targeted defense, military, government, and energy organizations within the Ukrainian regional and
South Korea blames Coupang data breach on management failure, not sophisticated attack
Bys sHeekyong Yang and Hyunjoo Jin report: South Korean officials blamed a massive data leak last year at Coupang on management failure, rather than a sophisticated cyberattack, and urged the e-commerce giant to fix vulnerabilities in its security systems. Announcing the first findings of a government-led probe, the Science Ministry said on Tuesday a former Coupang……
⚡ Weekly Recap: Telecom Sleeper Cells, LLM Jailbreaks, Apple Forces U.K. Age Checks and More
Bys sSome weeks are loud. This one was quieter but not in a good way. Long-running operations are finally hitting courtrooms, old attack methods are showing up in new places, and research that stopped being theoretical right around the time defenders stopped paying attention. There’s a bit of everything this week. Persistence plays, legal wins, influence…