Cybersecurity

Weekly Update 447

CybersecurityApril 15, 2025

I'm home! Well, for a day, then it's off to the other side of the country (which I just flew over last night on...

Industrial-strength April Patch Tuesday covers 135 CVEs – Sophos News

CybersecurityApril 14, 2025

Microsoft on Tuesday released 135 patches affecting 19 product families. Ten of the addressed issues, all remote code execution issues, are considered by Microsoft...

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit

CybersecurityApril 13, 2025

Apr 11, 2025Ravie LakshmananNetwork Security / Vulnerability Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices...

GOFFEE’s recent attacks: new tools and techniques

CybersecurityApril 12, 2025

GOFFEE is a threat actor that first came to our attention in early 2022. Since then, we have observed malicious activities targeting exclusively entities...

Network Infraxploit [Guest Diary], (Wed, Apr 9th)

CybersecurityApril 11, 2025

Background I recently had the opportunity to get hands on with some Cisco networking devices. Due to being a network engineer prior to my current...

Signalgate sucks, and the quandary of quishing • Graham Cluley

CybersecurityApril 10, 2025

QR codes are being weaponised by scammers — so maybe think twice before scanning that parking...

Grifter – Darknet Diaries

CybersecurityApril 9, 2025

Full Transcript Grifter is a longtime hacker, DEF CON organizer, and respected voice in the infosec community. From his early days...

No, you’re not fired – but beware of job termination scams

CybersecurityApril 8, 2025

Some employment scams take an unexpected turn as cybercriminals shift from “hiring”...

Weekly Update 446

CybersecurityApril 7, 2025

After an unusually long day of travelling from Iceland, we've finally made it to the land of Guinness, Leprechauns, and a tax haven for...

Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream – Sophos News

CybersecurityApril 6, 2025

Late in January 2025, a Managed Service Provider (MSP) administrator received a well-crafted phishing email containing what appeared to be an authentication alert for...

North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages

CybersecurityApril 5, 2025

Apr 05, 2025Ravie LakshmananMalware / Supply Chain Attack The North Korean threat actors behind the ongoing Contagious Interview campaign are spreading their tentacles on the...

The 2025 Sophos Active Adversary Report – Sophos News

CybersecurityApril 4, 2025

The Sophos Active Adversary Report celebrates its fifth anniversary this year. The report grew out of a simple question: What happens after attackers breach...

1...567...13 Page 6 of 13

Cybersecurity

Recent articles

Simple SSH Backdoor – SANS Internet Storm Center

Russian hackers targeted UK Ministry of Defence

Jim Hates Scams – Darknet Diaries

Don’t give your personal data to fraudsters: Dodging Docusign scam emails

Weekly Update 453

DragonForce actors target SimpleHelp vulnerabilities to attack MSP, customers – Sophos News