Google Looks to Dim ‘Lighthouse’ Phishing-as-a-Service Op
The phishing kit, run by a group known as the “Smishing Triad,” has powered massive amounts of unpaid tolls and package tracking texts.
Microsoft Exchange ‘Under Imminent Threat,’ Act Now
Threats against Microsoft Exchange continue to mount, but there are steps both organizations and Microsoft can take to limit them.
Phishing Tool Uses Smart Redirects to Bypass Detection
A campaign against Microsoft 365 users leverages Quantum Route Redirection, which simplifies previously technical attack steps and has affected victims across 90 countries.
Google Sues China-Based Hackers Behind $1 Billion Lighthouse Phishing Platform
Google has filed a civil lawsuit in the U.S. District Court for the Southern District of New York (SDNY) against China-based hackers who are behind a massive Phishing-as-a-Service (PhaaS) platform called Lighthouse that has ensnared over 1 million users across 120 countries. The PhaaS kit is used to conduct large-scale SMS phishing attacks that exploit…
Defending the future: Our commitment to responsible AI in cybersecurity
Combining advanced technologies with human expertise to defend against evolving threats.
Sophos Firewall v22: Your top-requested features
Get involved in the Sophos Firewall v22 Early Access Program today!
Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws
Amazon’s threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws in Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC products as part of attacks designed to deliver custom malware. “This discovery highlights the trend of threat actors focusing on critical identity and network access control…
[Webinar] Learn How Leading Security Teams Reduce Attack Surface Exposure with DASR
Every day, security teams face the same problem—too many risks, too many alerts, and not enough time. You fix one issue, and three more show up. It feels like you’re always one step behind. But what if there was a smarter way to stay ahead—without adding more work or stress? Join The Hacker News and…
Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security
Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD’s importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, user, and device traces back to AD for authentication and authorization, making it the ultimate target. For attackers, it represents the holy grail: compromise Active
Google Launches ‘Private AI Compute’ — Secure AI Processing with On-Device-Level Privacy
Google on Tuesday unveiled a new privacy-enhancing technology called Private AI Compute to process artificial intelligence (AI) queries in a secure platform in the cloud. The company said it has built Private AI Compute to “unlock the full speed and power of Gemini cloud models for AI experiences, while ensuring your personal data stays private…