The Sophos 2026 Report Is Out: Attackers Work Nights and Own Your AD in 3 Hours

March 1, 2026February 27, 2026 ~ larshilse ~ Leave a comment

Every year Sophos drops their Active Adversary Report and every year I read it and every year I need something stronger than coffee to process the implications. This year is no different, except the numbers are somehow getting worse in the specific ways that tell you the industry still hasn't absorbed the lessons from five … Continue reading The Sophos 2026 Report Is Out: Attackers Work Nights and Own Your AD in 3 Hours

Qilin’s “Korean Leaks” Campaign: How One Compromised MSP Just Fucked 28 Financial Firms

December 3, 2025December 3, 2025 ~ larshilse ~ Leave a comment

Twenty-eight South Korean financial firms just got ransomed through a single compromised MSP. One breach. One vendor. Twenty-eight victims. Qilin ransomware gang demonstrated that your trusted IT provider might be the weakest link in your entire security chain—and possibly working with North Korean state hackers because this timeline couldn't get more fucked. Read the full breakdown of how supply chain compromise is now the highest-ROI attack vector in cybercrime, and why your MSP access is probably your biggest vulnerability right now.