Security Bulletin

The ransomware includes a disk overwrite loop and a keyboard language-based kill switch.

Our take on what happened and answers to key questions from Sophos customers and partners

Roughly one fifth of enterprise IT administrators have found themselves the target of a state-sponsored attack.

Researchers say "LianSpy" malware has been in use in a covert data gathering operation that's gone undetected for at least three years.

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

In the cloud, patches disseminate automatically. On your computer, you get notified. IoT devices, meanwhile, can escape attention for years on end.

Though TikTok is expected to adhere to certain COPPA-outlined measures, the social media giant has failed to meet those expectations, the Feds allege.

The enterprise resource planning platform bug CVE-2024-38856 has a vulnerability-severity score of 9.8 out of 10 on the CVSS scale and offers a wide avenue into enterprise applications for cyberattackers.

App developers can expect the government to crack down on companies that violate privacy rights – especially apps targeted towards children.

The APT used DNS poisoning to install the Macma backdoor on targeted networks and then deliver malware to steal data via post-exploitation activity.

Researchers from Graz University of Technology showed how the vulnerability worked across nine CVEs.