Why cybercriminals love law firms – Legal Futures
So why do attackers love law firms? The answer lies in the unique combination of high-value data, tight deadlines and limited cybersecurity maturity. The post Why cybercriminals love law firms…
October 2025
Open-source DFIR Velociraptor was abused in expanding ransomware efforts – CSO Online
Velociraptor, the open-source DFIR tool meant to hunt intruders, has itself gone rogue – being picked up by threat actors in coordinated ransomware operations. Never tied to extortion attacks before,…
Webinar to uncover how modern law firms can drive growth through effective business development – Legal Futures
The second episode in the fourth series of Osprey Approach’s Build Better Habits webinars will explore how every legal professional – not just rainmakers – can play a part in…
From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation – The Hacker News
Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Transfer (MFT) that’s assessed to have come under active exploitation since…
iCOFA – Legal Futures
iCOFA – The COFA Institute is part of The Institute of Legal Finance & Management (ILFM) which is the leading education and membership organisation in the legal sector, supporting legal…
The AI SOC Stack of 2026: What Sets Top-Tier Platforms Apart? – The Hacker News
The SOC of 2026 will no longer be a human-only battlefield. As organizations scale and threats evolve in sophistication and velocity, a new generation of AI-powered agents is reshaping how…
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign – The Hacker News
Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm registry that have been used to facilitate credential harvesting attacks as part of an unusual campaign.…
it-sa-Special – CSO Online
Salesforce rekrutiert Security- und Privacy-Agenten Salesforce erweitert seine KI-Plattform für den Einsatz im Bereich Security und Privacy. Im Security Center soll Agentforce neue Sicherheitsfunktionen hinzufügen. Dazu zählen schnelle, gründliche Sicherheitsanalysen,…
From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability – The Hacker News
Cybersecurity company Huntress said it has observed active in-the-wild exploitation of an unpatched security flaw impacting Gladinet CentreStack and TrioFox products. The zero-day vulnerability, tracked as CVE-2025-11371 (CVSS score: 6.1),…
Ex-KWM London boss cleared as tribunal dismisses unwanted kiss claim – Legal Cheek
Didn’t breach SRA rules Credit: Solicitors Disciplinary Tribunal A former managing partner of King & Wood Mallesons’ London office has been cleared of professional misconduct after a tribunal found it…
White & Case and Eversheds Sutherland reveal autumn trainee retention rates – Legal Cheek
86% and 67% White & Case and Eversheds Sutherland have reported their latest trainee retention rates for autumn 2025. White & Case is retaining 19 of its 22 trainees due…
Revealed: How much top law firms pay solicitor apprentices — with starting salaries of up to £33k straight from school – Legal Cheek
Plus sign-on bonus Legal Cheek has unveiled an exclusive round-up of solicitor apprentice salaries at the UK’s top law firms — with some apprentices earning up to £33,000 straight out…
The CIA triad is dead — stop using a Cold War relic to fight 21st century threats – CSO Online
For decades, the information security industry has been stuck in a time warp. We face threats shaped by the advancement of cloud infrastructure, autonomous AI, and fragile global supply chains,…
Sammelklage gegen Facebook-Mutter Meta – CSO Online
Im April 2021 wurden Daten von mehr als 530 Millionen Facebook-Nutzern gestohlen. Das hat Folgen für den Mutterkonzern Meta. Ascannio – shutterstock.com Nach einem millionenfachen Datendiebstahl bei Facebook vor mehr…
CL0P-Linked Hackers Breach Dozens of Organizations Through Oracle Software Flaw – The Hacker News
Dozens of organizations may have been impacted following the zero-day exploitation of a security flaw in Oracle’s E-Business Suite (EBS) software since August 9, 2025, Google Threat Intelligence Group (GTIG)…