News
Virsec Gets New Chief Revenue Officer

Virsec has appointed technology industry veteran Brian Marlier as its Chief Revenue Officer to drive its next stage of growth. Marlier is responsible for all aspects of revenue performance and will oversee all go-to-market and revenue-generating activities.
In 2021, Virsec announced $100M in Series C funding from a marquee community of industry leaders and company builders. Marlier’s appointment comes following Virsec’s record-breaking 2021 growth:
- 700% growth in worldwide customer base
- 95% growth in new hires in engineering, go-to-market, and customer success
- Expansion into 14 countries, acquiring new customers in the Middle East, North America, Europe, Africa, Australia, and Asia
- Expansion into new vertical markets including healthcare, telecommunications, public sector, and financial services
“In addition to Brian’s excellent leadership, sales, and financial expertise, he is skilled at growing highly-effective revenue teams to deliver best-in-class products and services to his partners and customers, across the world,” said Dave Furneaux, Cofounder, and CEO of Virsec. “With Brian joining the team, Virsec is on an even faster track to change how Fortune 1000 corporations and government agencies protect their software workloads with a deterministic approach to true runtime protection.”
Marlier, former Chief Executive Officer and Cofounder of Focal Point Data Risk has more than 35 years of experience building market-leading companies and sales teams. He sold Focal Point to CDW for an undisclosed amount in 2021. He was previously at Cisco for 21 years, most notably as Senior Vice President of Global Architectures and Global Enterprise Sales.
“Combining its innovative, deterministic approach to protecting software with one of the industry’s best leadership teams, Virsec is on a fast path to disrupting the cybersecurity market. I am excited to work closely with our stellar sales team to accelerate our growth by expanding into new vertical and regional markets, and also work closely with our customers to gather their ongoing feedback and deliver excellent support to successfully protect their organizations,” Marlier said.
Virsec experienced a tremendous year in 2021, which included a 700% growth in customer adoption and an increase in staff to nearly 200 employees around the globe. The company also expanded and onboarded a robust network of partners to 20+ across North America, the Middle East, and Asia.
With more than 60 patents, Virsec is the only cybersecurity company to converge critical workload protection capabilities into a single solution — including application control, system integrity assurance, and advanced memory and exploit prevention to protect the entire attackable surface of the application. This includes host, memory, web layers, and all runtime elements, whether on-premises, in the cloud, a container environment, or on a virtual machine.
Cyber Security
Sophos Boosts Firewall with New Protection and Incident Response Features

Sophos has announced a significant update to its Sophos Firewall software, introducing enhanced protection and incident response capabilities. This update notably includes Sophos NDR Essential, a new feature now available free of charge to all customers holding an XStream Protection license for Sophos Firewall.
This integration empowers Sophos Firewall with two dedicated artificial intelligence (AI) engines specifically designed to detect both malware communications and those utilizing algorithmically generated domain names. This advanced functionality, derived from the Sophos Network Detection and Response (NDR) probe, aims to identify sophisticated malware communications even if they are previously unknown or not yet indexed. It serves as a powerful complement to the Active Threat Response capabilities already embedded within Sophos firewalls.

Chris McCormack, Senior Product Marketing Manager at Sophos
Addressing the technical demands of such advanced detection, Chris McCormack, Senior Product Marketing Manager at Sophos, explained the strategic approach, “NDR traffic analysis requires substantial processing power. That’s why we’ve adopted a new approach by deploying an NDR solution in Sophos Cloud to offload the heaviest tasks from the firewall.” This cloud-centric design ensures optimal performance without burdening the firewall’s on-device resources.
Beyond network detection, the update also brings significant improvements to connectivity and user authentication. Sophos Connect now integrates EntraID for Single Sign-On (SSO). This new feature for the VPN client, bundled with Sophos Firewall, is set to enhance both the security and user experience for SSL and IPsec VPN connections. The integration with EntraID (Azure AD) enables users to authenticate and leverage multi-factor authentication for both Sophos Connect and access to the user portal hosted by the firewall, streamlining secure access.
Further VPN-related enhancements include:
- Improved user interface and usability: Connection types have been renamed for greater clarity, with “site-to-site” now referred to as “policy-based” and tunnel interfaces as “route-based,” making configurations more intuitive.
- Dynamic validation of the IP address pool: For VPN connections (SSL VPN, IPsec, L2TP, and PPTP), the system now dynamically validates the allocated IP address pool, helping to better resolve potential IP address conflicts.
- Strict profile enforcement: IPsec profiles now exclude default values to ensure algorithm synchronization, effectively eliminating potential fragmentation of session negotiation packets that could otherwise prevent site-to-site VPN tunnels from being established.
- Route-based VPN and SD-RED scalability: The system has been optimized to support up to 3,000 simultaneously established tunnels. Specifically, Sophos Firewall solutions can now manage up to 1,000 SD-RED site-to-site tunnels and connect up to 650 concurrent SD-RED devices.
Additional management improvements enhance administrative flexibility and search capabilities:
- More flexible DHCP Prefix Delegation (IPv6 DHCP-PD): The system now supports a broader range of prefixes, from /48 to /64, improving compatibility with various internet service providers.
- Router Advertisement (RA) and DHCPv6 server: These features are now enabled by default, simplifying IPv6 network setup.
- Resizable table columns: The web admin interface continues its adaptation for ultra-wide screens, with many configuration pages now allowing users to resize columns as needed for improved usability.
- Enhanced object search functionality: The search field within the SD-WAN routing configuration screen now supports more granular criteria, including route name, ID, objects, and object values like IP addresses and domains. Similarly, local ACL rules now also support object name and value searches, extending to content-based searches for more precise results.
- Default configuration changes: To streamline initial setups, default firewall rules and rule groups previously created during new firewall deployments have been removed. The initial configuration now only includes the default network rule and MTA rules. Furthermore, the default firewall rule group and the default gateway probe for custom gateways are now set to “None” by default.
Sophos continues its commitment to cybersecurity through a “Secure by Design” approach, enhancing the intrinsic security of its firewalls. This methodology involves the containerization of specific features and rigorous integrity checks on critical operating system files using mathematical checksums. Any detected checksum mismatch triggers a potential compromise alert, enabling monitoring teams to proactively identify possible security incidents affecting the firewall OS integrity. This proactive detection allows incident response and development teams to react swiftly to critical security events.
This update is now available for manual download and deployment by customers with any Sophos Firewall equipped with a valid license.
Cyber Security
Honeywell Report Reveals 46% Quarterly Spike in Industrial Ransomware

A new report from Honeywell reveals a significant escalation in cyber threats facing the industrial sector, with ransomware attacks surging by 46% from Q4 2024 to Q1 2025. The company’s 2025 Cybersecurity Threat Report indicates a widespread increase in both malware and ransomware activity, notably including a 3,000% spike in a specific trojan designed to steal credentials from industrial operators.
The allure of industrial targets for cybercriminals is clear, as explained by Paul Smith, director of Honeywell Operational Technology (OT) Cybersecurity Engineering and author of the report, “Industrial operations across critical sectors like energy and manufacturing must avoid unplanned downtime as much as possible – which is precisely why they are such attractive ransomware targets.” He further emphasized the agility of attackers, stating, “These attackers are evolving fast, leveraging ransomware-as-a-service kits to compromise the industrial operations that keep our economy moving.”
The urgency of these threats is underscored by definitions from the Cybersecurity and Infrastructure Security Agency (CISA) in the United States, which classifies incidents as “substantial” if they lead to unauthorized access causing significant operational downtime or impairment. Industry analyses corroborate the severe financial impact, showing that unplanned downtime—whether from cyberattacks or equipment failure—costs Fortune 500 companies approximately $1.5 trillion annually, representing a substantial 11% of their revenue.
To compile these critical findings, Honeywell’s researchers undertook an extensive analysis, reviewing over 250 billion logs, 79 million files, and blocking 4,600 incident events across the company’s global installed base. Their detailed examination yielded several concerning trends:
- Ransomware’s Relentless Ascent: The first quarter of 2025 alone saw 2,472 potential ransomware attacks, already accounting for 40% of the entire annual total recorded in 2024, signaling a rapid acceleration of this threat.
- Trojan Exploitation Targeting OT: A particularly dangerous trojan, identified as W32.Worm.Ramnit, was responsible for 37% of files blocked by Honeywell’s Secure Media Exchange (SMX). This figure represents an alarming 3,000% increase in this specific trojan compared to the preceding quarter, indicating a concerted effort to exploit industrial access.
- Persistent USB-Based Risks: Despite awareness campaigns, external media continues to pose a significant threat. Honeywell’s SMX detected 1,826 unique USB threats in Q1 2025, with 124 of these being entirely new and previously unseen. This follows a 33% increase in USB malware detections in 2023 and an astounding 700% year-over-year surge in 2022, highlighting the enduring vulnerability posed by removable devices.
The scope of the report’s analysis also expanded to include threats introduced via other plug-in hardware, known as Human Interface Devices (HIDs). This encompasses commonly used items such as mice, mobile device charging cords, laptops, and various other peripherals, which are frequently connected to on-premise systems for software updates or patching, creating additional vectors for potential compromise.
In light of these escalating risks and evolving regulatory landscapes—such as new SEC reporting regulations requiring the disclosure of material cybersecurity incidents—industrial operators face increasing pressure to enhance their defenses. As Smith concluded, “Leveraging Zero Trust architecture and AI for security analysis can speed detection and enable smarter decision making and proactive defense in an increasingly complex digital landscape.” His recommendation underscores the need for decisive action and advanced security strategies to mitigate costly operational downtime and safety-related risks in the industrial environment.
Cyber Security
Labubu Doll Craze: How Cybercriminals Are Exploiting the Hype

The skyrocketing popularity of Labubu dolls has triggered a wave of scam websites targeting enthusiastic collectors worldwide, with cybercriminals deploying fake online shops in multiple languages to steal payment details. Kaspersky detected hundreds of fraudulent platforms, often posing as legitimate retailers, that entice fans with fake offers on Labubu dolls to harvest sensitive financial information from unsuspecting buyers.
Labubu dolls, quirky plush collectibles designed by Hong Kong artist Kasing Lung and sold by Pop Mart stores in “blind boxes,” have captivated global audiences. Buyers do not know which specific doll or design they’ll get until they open it. This element of surprise, combined with the chance of getting rare or limited-edition figures, fuels the excitement and collectible frenzy.
Since April 2024, the hype multiplied, fueled by high-profile celebrity endorsements, leading to resale prices for rare dolls reaching $3,000 and above. This has created a fertile ground for scammers, who exploit the urgency and excitement surrounding these coveted toys. Cybercriminals create counterfeit websites in multiple languages to deceive buyers in different regions.
These fake shops often mimic the branding of trusted retailers, offering discounts or “exclusive editions” of dolls to lure victims into entering bank card details or other personal information. Pop Mart is the official retailer and creator of Labubu dolls, and scammers mimic its appearance to trick buyers into thinking they are purchasing authentic products.
“Scammers are leveraging the Labubu hype with scam sites and urgent calls-to-action that prey on fans’ eagerness to snag rare dolls. These fraudulent platforms are now appearing in multiple languages, which broadens their reach. Fans are strongly advised to purchase Labubu dolls only from verified retailers like Pop Mart’s official channels after double-checking the website’s URL for authenticity, and avoid interacting with websites that seem suspicious,” comments Olga Altukhova, Senior Web Content Analyst at Kaspersky.
-
Artificial Intelligence1 week ago
Help AG and F5 Collaborate on Managed App and API Security
-
News1 week ago
Reolink Launches Smart Security Solutions in Middle East
-
Cyber Security2 days ago
Beyond Blocklists: How Behavioural Intent Analysis Can Safeguard Middle East Businesses from Rising AI-Driven Bot Threats
-
Artificial Intelligence1 week ago
As Adversarial GenAI Takes Off, Threat Intel Must Modernize
-
Channel Talk1 week ago
Dynatrace Names DXC Global Partner of the Year
-
Events7 days ago
Matrix to Exhibit NDAA Compliant Surveillance at ESX North America 2025
-
Cyber Security2 days ago
Honeywell Report Reveals 46% Quarterly Spike in Industrial Ransomware
-
News6 days ago
BlueCat to Show Off Next-Gen Network Operations at Cisco Live