The Sophos Annual Threat Report: Cybercrime on Main Street 2025
Ransomware remains the biggest threat, but old and misconfigured network devices are making it too easy
Similar Posts
Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines
Bys sFrom Mandiant: UNC3944, which overlaps with public reporting on Scattered Spider, is a financially-motivated threat actor characterized by its persistent use of social engineering and brazen communications with victims. In early operations, UNC3944 largely targeted telecommunications-related organizations to support SIM swap operations. However, after shifting to ransomware and data theft extortion in early 2023, they…
GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites
Bys sThe malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress. The cybersecurity company said it observed three GootLoader infections since October 27, 2025, out of which two resulted in hands-on keyboard intrusions with domain controller compromise taking place within 17 hours…
Beyond the kill chain: What cybercriminals do with their money (Part 5)
Bys sIn the last of our five-part series, Sophos X-Ops explores the implications and opportunities arising from threat actors’ involvement in real-world industries and crimes
Attorney General James Secures $975,000 from Auto Insurance Company over Data Breach
Bys sFrom a March 20 press release from NY Attorney General Letitia James: NEW YORK – New York Attorney General Letitia James today secured $975,000 in penalties from Root, an auto insurance company, for failing to protect the personal information of approximately 45,000 New Yorkers. The data breach was part of an industry-wide campaign to steal consumers’…
Developer jailed for taking down employer’s network with kill switch malware
Bys sIain Thomson reports an update to a case previously reported on this site: A US court sentenced a former developer at power management biz Eaton to four years in prison after he installed malware on the company’s servers. Davis Lu, 55, spent a dozen years at Eaton and rose to become a senior developer of……
Iran’s Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware
The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao. Russian cybersecurity company Kaspersky, which dubbed the new version BellaCPP, said it discovered the artifact as part of a “recent” investigation into a compromised machine in Asia that was also infected with the…