Category: Security Operations
-
Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces
Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces A sudden disruption of a major phishing-as-a-service provider leads to the rise of another…that looks very familiar gallagherseanm Go to sophos
-
The Bite from Inside: The Sophos Active Adversary Report
The Bite from Inside: The Sophos Active Adversary Report A sea change in available data fuels fresh insights from the first half of 2024 Angela Gunn Go to sophos
-
Sophos excels in the 2024 MITRE ATT&CK® Evaluations: Enterprise
Sophos excels in the 2024 MITRE ATT&CK® Evaluations: Enterprise Results from the latest ATT&CK Evaluations for endpoint detection and response solutions. rajansanhotra Go to sophos
-
Sophos named a Gartner® Peer Insights™ Customers’ Choice for Managed Detection and Response (MDR) Services for the 2nd time
Sophos named a Gartner® Peer Insights™ Customers’ Choice for Managed Detection and Response (MDR) Services for the 2nd time Sophos is the only vendor named a Customers’ Choice across Endpoint Protection Platforms, Network Firewalls, and Managed Detection and Response rajansanhotra Go to sophos
-
From the frontlines: Our CISO’s view of Pacific Rim
From the frontlines: Our CISO’s view of Pacific Rim On beyond “Detect and Respond” and “Secure by Design” Ross McKerchar Go to sophos
-
Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign
Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign The Internet is full of cats—and in this case, malware-delivering fake cat websites used for very targeted search engine optimization. gallagherseanm Go to sophos
-
VEEAM exploit seen used again with a new ransomware: “Frag”
VEEAM exploit seen used again with a new ransomware: “Frag” Last month, Sophos X-Ops reported several MDR cases where threat actors exploited a vulnerability in Veeam backup servers. We continue to track the activities of this threat cluster, which recently included deployment of a new ransomware. The vulnerability, CVE-2024-40711, was used as part of a…
-
Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”
Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater” Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management tool to dump credentials. We believe with moderate confidence that this activity, which we track as STAC 1171, is related to…