August 23, 2022 Bitcoin ATMs leeched by attackers who created fake admin accounts The criminals didn't implant any malware. The attack was orchestrated via malevolent configuration changes. Naked Security
July 18, 2021 Hindsight #2: Block public facing Remote Desktop Protocol (RDP) Hindsight security: things breach victims wish they had done Products & Services
February 23, 2024 ConnectWise ScreenConnect attacks deliver malware Multiple attacks exploit vulnerabilities in an IT remote access tool to deliver a variety of different payloads into business environments Threat Research
October 01, 2022 S3 Ep102.5: “ProxyNotShell” Exchange bugs – an expert speaks [Audio + Text] Who's affected, what you can do while waiting for Microsoft's patches, and how to plan your threat hunting... Naked Security
April 17, 2024 ‘Junk gun’ ransomware: Peashooters can still pack a punch A Sophos X-Ops investigation finds that a wave of crude, cheap ransomware could spell trouble for small businesses and individuals – but also provide insights into threat actor career development and the wider threat landscape Threat Research
June 11, 2021 Relentless REvil, revealed: RaaS as variable as the criminals who use it No two criminal groups deploy the ransomware-as-a-service, also known as Sodinokibi, in exactly the same way SophosLabs UncutThreat Research
July 02, 2020 MongoDB ransom threats step up from blackmail to full-on wiping Still thinking "the crooks probably won't find me if I make a security blunder"? Naked Security