Author: admin

A joint US government advisory highlighted novel initial access techniques deployed by Interlock, and urged businesses and critical infrastructure to stay vigilant

NCC Group observed a 43% drop in ransomware attacks in Q2 2025, driven by law enforcement actions and internal conflicts in groups

Sophos MDR and Microsoft 365 aren’t just “better” together, they’re “best” together.

How to stay adaptive and reduce risk in an evolving threat landscape.

Sophos X-Ops explores why larger isn’t always better when it comes to solving security challenges with AI

It will be interesting to watch what will come of this private lawsuit:

Google on Thursday announced filing a lawsuit against the operators of the Badbox 2.0 botnet, which has ensnared more than 10 million devices running Android open source software.

These devices lack Google’s security protections, and the perpetrators pre-installed the Badbox 2.0 malware on them, to create a backdoor and abuse them for large-scale fraud and other illicit schemes.

This reminds me of Meta’s lawauit against Pegasus over its hack-for-hire software (which I wrote about here.) It’s a private company stepping into a regulatory void left by governments.

Slashdot thread.

A new wave of phishing attacks exploiting Microsoft 365 OAuth tools has been observed impersonating diplomats to steal access codes

A widespread RFQ scam exploited net payment terms to fraudulently obtain high-value devices

Microsoft has observed three China-based threat actors, Linen Typhoon, Violet Typhoon and Storm-2603, exploiting the SharePoint vulnerabilities

The UK government said a public consultation showed widespread support on a payment ban for public sector and CNI organizations