itcnu.com

Cyber Security

Behind the Blog: Putting the Puzzle Together

storshop.dk@gmail.com3 months ago02 mins

This is Behind the Blog, where we share our behind-the-scenes thoughts about how a few of our top stories of the week came together. This week, we discuss the staying power of surveillance coverage, the jigsaw of reporting, and eyestrain. JASON: I’ve started this year in the same way I spent a lot of last…

Uncategorized

TamperedChef serves bad ads, with infostealers as the main course

storshop.dk@gmail.com3 months ago01 mins

Sophos X-Ops explores a malvertising campaign that leverages Google Ads to distribute an infostealer Categories: Threat Research Tags: TamperedChef, EvilAI, infostealer, Sophos X-Ops

Cyber Security

There’s a Lootbox With Rare Pokémon Cards Sitting in the Pentagon Food Court

storshop.dk@gmail.com3 months ago04 mins

It’s possible to win a gem mint Surging Sparks Pikachu EX Pokémon card worth as much as $840 from a vending machine in the Pentagon food court. Thanks to a company called Lucky Box Vending, anyone passing through the center of American military power can pay to win a piece of randomized memorabilia from a…

Cyber Security

New Legislation Would Rein In ICE’s Facial Recognition App

storshop.dk@gmail.com3 months ago05 mins

A group of six Democratic lawmakers is proposing legislation that would dramatically rein in Immigration and Customs Enforcement’s (ICE) facial recognition app, according to a copy of the draft bill shared with 404 Media. ICE and Customs and Border Protection (CBP) have been scanning peoples’ faces with the app, called Mobile Fortify, across the country,…

Cyber Security

‘ELITE’: The Palantir App ICE Uses to Find Neighborhoods to Raid

storshop.dk@gmail.com3 months ago08 mins

Palantir is working on a tool for Immigration and Customs Enforcement (ICE) that populates a map with potential deportation targets, brings up a dossier on each person, and provides a “confidence score” on the person’s current address, 404 Media has learned. ICE is using it to find locations where lots of people it might detain…

Uncategorized

A big finish to 2025 in December’s Patch Tuesday

storshop.dk@gmail.com3 months ago01 mins

A month with no Critical-severity Windows bugs is overshadowed by a mass of Mariner mop-up Categories: X-ops Tags: threat research, featured, Microsoft, Patch Tuesday, zero days

Uncategorized

React2Shell flaw (CVE-2025-55182) exploited for remote code execution

storshop.dk@gmail.com3 months ago01 mins

The availability of exploit code will likely lead to more widespread opportunistic attacks Tags: Threat Research, Featured, vulnerability, react2shell

Uncategorized

Game of clones: Sophos and The MITRE ATT&CK Enterprise 2025 Evaluations

storshop.dk@gmail.com3 months ago01 mins

Winter is coming – so it must be time for Sophos X-Ops’ report on this year’s MITRE ATT&CK Enterprise Evaluations Categories: Threat Research Tags: ATT&CK, Emulation, Featured, MITRE, MUSTANG PANDA, scattered spider, Sophos X-Ops

Uncategorized

I am not a robot: ClickFix used to deploy StealC and Qilin

storshop.dk@gmail.com3 months ago01 mins

The fake human verification process led to infostealer and ransomware infections Categories: Threat Research Tags: clickfix, Featured, GOLD FEATHER, human verification, infostealer, qilin, Ransomware, StealC

Uncategorized

5 ways your firewall can keep ransomware out — and lock it down if it gets in

storshop.dk@gmail.com3 months ago01 mins

Categories: Sophos Insights Tags: Firewall, Ransomware

Hacker Compromises a16z-Backed Phone Farm, Tries to Post Memes Calling a16z the ‘Antichrist’April 13, 2026
A hacker has compromised a backend system for Doublespeed, an a16z-funded startup that uses a phone farm to flood social media with AI-generated TikTok accounts, and attempted to have those accounts post memes calling a16z the “antichrist,” according to screenshots seen by 404 Media. The hack is at least the second time Doublespeed has been...
How the Internet Became Hell (with Whitney Phillips)April 13, 2026
Why does the internet feel like it’s getting worse every single day, and why does it feel like the political landscape is getting worse in response? The answer might seem obvious, especially if you read 404 Media on a regular basis, where we’ve been documenting this decline, but it’s important to occasionally zoom out and...
WebinarTV Secretly Scraped Zoom Meetings of Anonymous Recovery ProgramsApril 13, 2026
WebinarTV, a site that scrapes Zoom webinars without permission, has downloaded and posted Zoom Webinars for anonymous addiction recovery meetings, support groups for caregivers and people who suffer from chronic illness, and a meeting of nudists. WebinarTV’s Michael Robertson told me that the company asks every single person for permission to “promote” their webinars, but...
The Oldest Octopus Fossil Ever Isn’t An Octopus At All, Scientists DiscoverApril 11, 2026
Welcome back to the Abstract! Here are the studies this week that were ritually sacrificed, kicked out of the galaxy, taxonomically revised, and wore many hats. First, scientists shed light on human sacrifice and cousin sex using ancient DNA from the bones of people who lived in fifth-century Korea. Then: the yeeting of a star,...
The vulnerability flood is here. Here’s what it means – and how to prepareApril 10, 2026
We can’t control the pace of AI-driven vulnerability discovery, but we can control how fast we respond. Categories: Sophos Insights Tags: LLM, AI, Exploit, vulnerability, Active Adversary, Pacific Rim

Chief Editor

Saroj Mhr

How Sugar and Sedentary Lifestyle Affects Men

Simple lifestyle changes that will help reduce stress

Hacker Compromises a16z-Backed Phone Farm, Tries to Post Memes Calling a16z the ‘Antichrist’

How the Internet Became Hell (with Whitney Phillips)

WebinarTV Secretly Scraped Zoom Meetings of Anonymous Recovery Programs

The Oldest Octopus Fossil Ever Isn’t An Octopus At All, Scientists Discover

The vulnerability flood is here. Here’s what it means – and how to prepare

Adobe Reader zero-day vulnerability in active exploitation

Behind the Blog: Putting the Puzzle Together

TamperedChef serves bad ads, with infostealers as the main course

There’s a Lootbox With Rare Pokémon Cards Sitting in the Pentagon Food Court

New Legislation Would Rein In ICE’s Facial Recognition App

‘ELITE’: The Palantir App ICE Uses to Find Neighborhoods to Raid

A big finish to 2025 in December’s Patch Tuesday

React2Shell flaw (CVE-2025-55182) exploited for remote code execution

Game of clones: Sophos and The MITRE ATT&CK Enterprise 2025 Evaluations

I am not a robot: ClickFix used to deploy StealC and Qilin

5 ways your firewall can keep ransomware out — and lock it down if it gets in

Cyber Security

Cyber Security

Cyber Security