The Bite from Inside: The Sophos Active Adversary Report
Credit to Author: Angela Gunn| Date: Thu, 12 Dec 2024 14:00:56 +0000
A sea change in available data fuels fresh insights from the first half of 2024
Read MoreComputer Security Articles
RSS Reader for Computer Security Articles
threat research
Keeping it real: Sophos and the 2024 MITRE ATT&CK Evaluations: Enterprise
Credit to Author: Michael Wood| Date: Wed, 11 Dec 2024 15:35:22 +0000
Sophos X-Ops looks at the realism of this year’s MITRE ATT&CK Evaluations
Read MoreDecember Patch Tuesday arrives bearing 71 gifts
Credit to Author: Angela Gunn| Date: Wed, 11 Dec 2024 08:00:38 +0000
Seventeen Critical-severity CVEs ready to deck your halls; also, new blog guidance for Windows Server admins
Read MoreSophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”
Credit to Author: gallagherseanm| Date: Wed, 20 Nov 2024 17:12:12 +0000
Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management tool to dump credentials. We believe with moderate confidence that this activity, which we track as STAC 1171, is related to an Iranian threat actor commonly referred to as MuddyWater or TA450. Earlier […]
Read MoreCybercrime-Trend im Aufwind: Phishing mit QR-Codes
Credit to Author: Jörg Schindler| Date: Thu, 07 Nov 2024 12:30:42 +0000
In Anlehnung an Albert Einstein ließe sich wohl sagen, dass der kriminelle Einfallsreichtum der Menschen unendlich ist. Der neueste Trend Quishing beweist jedenfalls einmal wieder, dass die Cyberkriminellen keine Möglichkeit auslassen. Die Experten von Sophos X-Ops haben sich den neuesten Hype der Infiltration über QR-Codes genauer angesehen. Wenn Cyberkriminelle ihre Phishing-Methoden mit eigentlich ganz harmlosen […]
Read More„Pacific Rim“-Report: Sophos deckt riesiges, gegnerisches Angriffs-Ökosystem auf
Credit to Author: Jörg Schindler| Date: Thu, 31 Oct 2024 13:20:36 +0000
Sophos hat heute den Report „Pacific Rim“ veröffentlicht, der detailliert ein jahrelanges Katz-und-Maus-Spiel aus Angriffs- und Verteidigungsoperationen mit mehreren staatlich unterstützten Cybercrime-Gruppierungen aus China beschreibt. Im Fokus der Attacken standen dabei Cybersicherheits-Perimetergeräte, darunter Sophos Firewalls. Die Angreifer nutzten eine Reihe von Kampagnen mit neuartigen Exploits und maßgeschneiderter Malware, um Tools zur Durchführung von Überwachung, Sabotage […]
Read MoreNovember Patch Tuesday loads up everyone’s plate
Credit to Author: Angela Gunn| Date: Wed, 13 Nov 2024 16:32:38 +0000
Fourteen product families affected as 2024 passes an unfortunate milestone
Read MoreVEEAM exploit seen used again with a new ransomware: “Frag”
Credit to Author: gallagherseanm| Date: Fri, 08 Nov 2024 17:10:12 +0000
Last month, Sophos X-Ops reported several MDR cases where threat actors exploited a vulnerability in Veeam backup servers. We continue to track the activities of this threat cluster, which recently included deployment of a new ransomware. The vulnerability, CVE-2024-40711, was used as part of a threat activity cluster we named STAC 5881. Attacks leveraged compromised […]
Read More