New Lemon Duck variants exploiting Microsoft Exchange Server

Credit to Author: rajeshnataraj| Date: Fri, 07 May 2021 12:30:35 +0000

In March, Microsoft published a set of critical fixes to Exchange Server following the discovery of  ProxyLogon–an exploit that was stolen or leaked from researchers within hours of its disclosure to Microsoft. The exploit is now widely available to cybercriminals, and unpatched and vulnerable Microsoft Exchange Servers continue to attract many threat actors to install cryptocurrency-miners, [&#8230;]<img src=”” height=”1″ width=”1″ alt=””/>

Read more

MTR in Real Time: Pirates pave way for Ryuk ransomware

Credit to Author: Tilly Travers| Date: Thu, 06 May 2021 13:00:21 +0000

Sophos’ Rapid Response team was recently brought in to contain and neutralize an attack involving Ryuk ransomware. The target was a European biomolecular research institute involved in COVID-19 related research as well as other activities related to the life sciences. The institute has close partnerships with local universities and works with students on various programs. [&#8230;]<img src=”” height=”1″ width=”1″ alt=””/>

Read more

Using Sophos EDR to identify endpoints impacted by Dell kernel driver vulnerability CVE-2021-21551

Credit to Author: Anthony Merry| Date: Thu, 06 May 2021 09:09:24 +0000

Use this query to identify which endpoints are impacted by the Dell kernel driver vulnerability CVE-2021-21551, and which are not.<img src=”” height=”1″ width=”1″ alt=””/>

Read more

Intervention halts a ProxyLogon-enabled attack

Credit to Author: Andrew Brandt| Date: Wed, 05 May 2021 12:30:36 +0000

A late charge by a cavalry of reinforcements prevented the attackers from causing greater harm<img src=”” height=”1″ width=”1″ alt=””/>

Read more

How curiosity builds better products: a day in the life of a Senior Hardware Engineer

Credit to Author: harrietstone| Date: Tue, 04 May 2021 07:46:15 +0000

The way the Sophos Firewall team works together is one of the things I enjoy most about working at Sophos. Our new XGS Series appliances involve some very complex engineering. Delivering them has taken a great depth of knowledge—and I’m grateful to be a part of this extremely talented team of people. The hardware team [&#8230;]<img src=”” height=”1″ width=”1″ alt=””/>

Read more

Minimizing the risk of supply chain attacks – best practice guidelines

Credit to Author: Doug Aamoth| Date: Wed, 28 Apr 2021 10:00:29 +0000

The recent cyberattack on IT-monitoring company SolarWinds pushed supply chain weaknesses into the spotlight by highlighting just how unprepared many organizations are when it comes to defending against supply chain attacks. These attacks often happen because they don’t know where to start or don’t believe themselves important or high-profile enough to be targeted. In our [&#8230;]<img src=”” height=”1″ width=”1″ alt=””/>

Read more