Year in Review 2024: The major headlines and moments from Sophos this year
From cyber attacks across the geopolitical landscapes, to product updates that help small businesses, Sophos was there in 2024.
Similar Posts
Security Theater: Vanity Metrics Keep You Busy – and Exposed
Bys sAfter more than 25 years of mitigating risks, ensuring compliance, and building robust security programs for Fortune 500 companies, I’ve learned that looking busy isn’t the same as being secure. It’s an easy trap for busy cybersecurity leaders to fall into. We rely on metrics that tell a story of the tremendous efforts we’re expending…
Company that sells software for monitoring sex offenders, terrorists, and hackers was hacked
Bys sMikael Thalen reports: A company that sells spyware that monitors individuals on parole and probation had its data leaked to a cybercrime forum this week. The leak, according to an analysis by Straight Arrow News, exposed highly sensitive information regarding employees of the corrections system and those under court-ordered supervision. The affected company, RemoteCOM, describes itself……
Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments
Bys sVirtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espionage campaign. The activity, observed this year, is primarily designed Now to infiltrate organizations’ VMware ESXi and vCenter environments as well as network appliances, Sygnia said in a new report published today. “The threat actor…
Several more lawsuits filed against Frederick Health Hospital related to data breach, cybersecurity failures
Bys sGabrielle Lewis reports: Four class action lawsuits alleging Frederick Health Hospital failed to protect patients’ sensitive data during a ransomware attack in January were filed this month. These lawsuits accuse FHH of having inadequate cybersecurity measures, neglecting its obligation to protect patient data, improperly notifying the people affected by the data breach and putting individuals…
Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts
Bys sA China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed lures. “In this activity, the group masqueraded as the current Chair of the Select Committee on Strategic Competition between the United States and the Chinese Communist Party (CCP), as well…
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
Bys sRavie Lakshmanan reports: The notorious cybercrime group known as Scattered Spider is targeting VMware ESXi hypervisors in attacks targeting retail, airline, and transportation sectors in North America. “The group’s core tactics have remained consistent and do not rely on software exploits. Instead, they use a proven playbook centered on phone calls to an IT help desk,” Google’s…