Retailers are learning to say no to ransom demands 2025-11-06 at 07:45 By Anamarija Pogorelec Ransomware remains one of the biggest operational risks for retailers, but the latest data shows a shift in how these attacks unfold. Fewer incidents now lead to data encryption, recovery costs have dropped, and businesses are bouncing back faster. Yet […]
React to this headline:
Retailers are learning to say no to ransom demands Read More »
Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) 2025-10-30 at 15:46 By Zeljka Zorz Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers. An out-of-band update Last week’s release of an emergency fix for CVE-2025-59287, a Windows Server Update Services (WSUS) remote code execution vulnerability,
React to this headline:
Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) Read More »
Legit tools, illicit uses: Velociraptor, Nezha turned against victims 2025-10-09 at 19:19 By Zeljka Zorz Threat actors are using an increasing variety of commercial and open-source products to carry out their attacks: according to researchers, Velociraptor and Nezha are the latest additions to their attack toolbox. Velociraptor misuse A suspected China-based ransomware threat actor has
React to this headline:
Legit tools, illicit uses: Velociraptor, Nezha turned against victims Read More »
ScreenConnect admins targeted with spoofed login alerts 2025-08-25 at 17:56 By Zeljka Zorz ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of the attackers is to grab the login credentials and MFA tokens of Super Admins: users who have
React to this headline:
ScreenConnect admins targeted with spoofed login alerts Read More »
Critical Vulnerabilities Patched in Sophos Firewall 2025-07-23 at 14:35 By Ionut Arghire Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code. The post Critical Vulnerabilities Patched in Sophos Firewall appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:
React to this headline:
Critical Vulnerabilities Patched in Sophos Firewall Read More »
Companies negotiate their way to lower ransom payments 2025-06-25 at 07:38 By Help Net Security Nearly 50% of companies paid the ransom to recover their data, the second-highest rate in six years, according to Sophos. How actual payments stack up with the initial demand Ransom payments and recovery costs are on the decline Despite the
React to this headline:
Companies negotiate their way to lower ransom payments Read More »
Attackers hit MSP, use its RMM software to deliver ransomware to clients 2025-05-28 at 14:36 By Zeljka Zorz A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via SimpleHelp, a legitimate remote monitoring and management (RMM) tool. “Sophos MDR has medium
React to this headline:
Attackers hit MSP, use its RMM software to deliver ransomware to clients Read More »
DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities 2025-05-27 at 18:17 By Ionut Arghire Sophos warns that a DragonForce ransomware operator chained three vulnerabilities in SimpleHelp to target a managed service provider. The post DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this
React to this headline:
DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities Read More »
Why CISOs are doubling down on cyber crisis simulations 2025-04-09 at 09:03 By Mirko Zorz Cyber threats aren’t going away, and CISOs know prevention isn’t enough. Being ready to respond is just as important. Cyber crisis simulations offer a way to test that readiness. They let teams walk through real-world scenarios in a controlled setting,
React to this headline:
Why CISOs are doubling down on cyber crisis simulations Read More »
Cybercriminals exfiltrate data in just three days 2025-04-03 at 08:14 By Industry News In 56% of Sophos managed detection and response (MDR) and incident response (IR) cases, attackers gained initial access to networks by exploiting external remote services, including edge devices such as firewalls and VPNs, and by leveraging valid accounts. Compromised credentials remain the
React to this headline:
Cybercriminals exfiltrate data in just three days Read More »
Mastering the cybersecurity tightrope of protection, detection, and response 2025-02-21 at 08:05 By Mirko Zorz In this Help Net Security interview, Chester Wisniewski, Director and Global Field CISO at Sophos, discusses the shifting ransomware landscape, the risks posed by quantum decryption threats, and the role of vendor security validation. Wisniewski notes that cyber resilience is
React to this headline:
Mastering the cybersecurity tightrope of protection, detection, and response Read More »
SailPoint IPO Signals Bright Spot for Cybersecurity 2025-02-14 at 22:18 By SecurityWeek News In a signal move for the cybersecurity sector, identity and access management (IAM) vendor SailPoint has made its return to public markets. The post SailPoint IPO Signals Bright Spot for Cybersecurity appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
React to this headline:
SailPoint IPO Signals Bright Spot for Cybersecurity Read More »
Sophos Completes Acquisition of Secureworks 2025-02-04 at 22:18 By SecurityWeek News Sophos has completed its $859 million all-cash acquisition of SecureWorks. The post Sophos Completes Acquisition of Secureworks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this headline:
React to this headline:
Sophos Completes Acquisition of Secureworks Read More »
Ransomware attackers are “vishing” organizations via Microsoft Teams 2025-01-21 at 14:10 By Zeljka Zorz The “email bombing + posing as tech support via Microsoft Teams” combination is proving fruitful for two threat actors looking to deliver ransomware to organizations, and they seem to be ramping up their efforts. “Sophos MDR has observed more than 15
React to this headline:
Ransomware attackers are “vishing” organizations via Microsoft Teams Read More »
Ransomware in 2024: New players, bigger payouts, and smarter tactics 2024-12-19 at 06:03 By Help Net Security In 2024, ransomware remained the top cybersecurity threat to organizations worldwide. New groups filled the void left by law enforcement crackdowns, targeting businesses with record-breaking ransom demands and sophisticated tactics. In this article, you will find excerpts from
React to this headline:
Ransomware in 2024: New players, bigger payouts, and smarter tactics Read More »
Cleo patches zero-day exploited by ransomware gang 2024-12-12 at 18:34 By Zeljka Zorz Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, VLTrader, and LexiCom instances. Version 5.8.0.24 of the three products, which was pushed out on Wednesday, plugs the
React to this headline:
Cleo patches zero-day exploited by ransomware gang Read More »
Ransomware payments are now a critical business decision 2024-11-28 at 06:03 By Help Net Security Despite the efforts of law enforcement agencies to stop and bring to justice those responsible for ransomware attacks, the situation is not improving. While authorities do not recommend making a ransomware payment, some companies are forced to make that choice
React to this headline:
Ransomware payments are now a critical business decision Read More »
Sophos mounted counter-offensive operation to foil Chinese attackers 2024-10-31 at 16:04 By Help Net Security Sophos conducted defensive and counter-offensive operation over the last five years with multiple interlinked nation-state adversaries based in China targeting perimeter devices, including Sophos Firewalls. Espionage campaigns tied to Chinese hacking groups The attackers used a series of campaigns with
React to this headline:
Sophos mounted counter-offensive operation to foil Chinese attackers Read More »
Attackers deploying red teaming tool for EDR evasion 2024-10-15 at 17:16 By Zeljka Zorz Threat actors are leveraging the open-source EDRSilencer tool to evade endpoint detection and response systems, Trend Micro researchers have noticed. About EDRSilencer The software, which is intended for red teaming, is being abused to “silence” EDR solutions. It works by leveraging
React to this headline:
Attackers deploying red teaming tool for EDR evasion Read More »
The true cost of cybercrime for your business 2024-09-06 at 07:01 By Help Net Security As cybercriminals continue to refine their methods, blending traditional strategies with new technologies, the financial toll on individuals and organizations has reached alarming levels. Businesses are also grappling with mounting cybercrime costs from ransomware and DDoS attacks, which can inflict
React to this headline:
The true cost of cybercrime for your business Read More »