Category: sophos
-
PJobRAT makes a comeback, takes another crack at chat apps
PJobRAT makes a comeback, takes another crack at chat apps Sophos X-Ops uncovers a recent campaign from an Android RAT first seen in 2019 – now infecting users in Taiwan Pankaj Kohli Go to sophos
-
The future of MFA is clear – but is it here yet?
The future of MFA is clear – but is it here yet? Not all authentication is equal to the task in 2025, but there is a best choice within reach Chester Wisniewski Go to sophos
-
Little fires everywhere for March Patch Tuesday
Little fires everywhere for March Patch Tuesday Just 57 CVEs to contend with (plus advisories), but six are already under exploit in the wild Angela Gunn Go to sophos
-
February Patch Tuesday delivers 57 packages
February Patch Tuesday delivers 57 packages After January’s deluge, a calmer update volume returns Angela Gunn Go to sophos
-
Scalable Vector Graphics files pose a novel phishing threat
Scalable Vector Graphics files pose a novel phishing threat The SVG file format can harbor malicious HTML, scripts, and malware Andrew Brandt Go to sophos
-
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing” Sophos MDR identifies a new threat cluster riffing on the playbook of Storm-1811, and amped-up activity from the original connected to Black Basta ransomware. gallagherseanm Go to sophos
-
Gootloader inside out
Gootloader inside out Open-source intelligence reveals the server-side code of this pernicious SEO-driven malware – without needing a lawyer afterward Gabor Szappanos Go to sophos
-
159-CVE January Patch Tuesday smashes single-month record
159-CVE January Patch Tuesday smashes single-month record Brace yourselves… and consider reading your email in plaintext for now Angela Gunn Go to sophos
-
Prioritizing patching: A deep dive into frameworks and tools – Part 2: Alternative frameworks
Prioritizing patching: A deep dive into frameworks and tools – Part 2: Alternative frameworks In the second of a two-part series on tools and frameworks designed to help with remediation prioritization, we explore some alternatives to CVSS Matt Wixey Go to sophos
-
Prioritizing patching: A deep dive into frameworks and tools – Part 1: CVSS
Prioritizing patching: A deep dive into frameworks and tools – Part 1: CVSS In the first of a two-part series exploring tools and frameworks which can help organizations with remediation prioritization, Sophos X-Ops takes a look at the Common Vulnerability Scoring System (CVSS) Matt Wixey Go to sophos
-
Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces
Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces A sudden disruption of a major phishing-as-a-service provider leads to the rise of another…that looks very familiar gallagherseanm Go to sophos
-
The Bite from Inside: The Sophos Active Adversary Report
The Bite from Inside: The Sophos Active Adversary Report A sea change in available data fuels fresh insights from the first half of 2024 Angela Gunn Go to sophos
-
Keeping it real: Sophos and the 2024 MITRE ATT&CK Evaluations: Enterprise
Keeping it real: Sophos and the 2024 MITRE ATT&CK Evaluations: Enterprise Sophos X-Ops looks at the realism of this year’s MITRE ATT&CK Evaluations Michael Wood Go to sophos
-
December Patch Tuesday arrives bearing 71 gifts
December Patch Tuesday arrives bearing 71 gifts Seventeen Critical-severity CVEs ready to deck your halls; also, new blog guidance for Windows Server admins Angela Gunn Go to sophos
-
Sophos excels in the 2024 MITRE ATT&CK® Evaluations: Enterprise
Sophos excels in the 2024 MITRE ATT&CK® Evaluations: Enterprise Results from the latest ATT&CK Evaluations for endpoint detection and response solutions. rajansanhotra Go to sophos
-
Sophos named a Gartner® Peer Insights™ Customers’ Choice for Managed Detection and Response (MDR) Services for the 2nd time
Sophos named a Gartner® Peer Insights™ Customers’ Choice for Managed Detection and Response (MDR) Services for the 2nd time Sophos is the only vendor named a Customers’ Choice across Endpoint Protection Platforms, Network Firewalls, and Managed Detection and Response rajansanhotra Go to sophos
-
From the frontlines: Our CISO’s view of Pacific Rim
From the frontlines: Our CISO’s view of Pacific Rim On beyond “Detect and Respond” and “Secure by Design” Ross McKerchar Go to sophos
-
Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign
Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign The Internet is full of cats—and in this case, malware-delivering fake cat websites used for very targeted search engine optimization. gallagherseanm Go to sophos
-
VEEAM exploit seen used again with a new ransomware: “Frag”
VEEAM exploit seen used again with a new ransomware: “Frag” Last month, Sophos X-Ops reported several MDR cases where threat actors exploited a vulnerability in Veeam backup servers. We continue to track the activities of this threat cluster, which recently included deployment of a new ransomware. The vulnerability, CVE-2024-40711, was used as part of a…
-
Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”
Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater” Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management tool to dump credentials. We believe with moderate confidence that this activity, which we track as STAC 1171, is related to…