Hindsight #4: Prevent threat actors getting (and using) your passwords

Credit to Author: Alice Barford| Date: Tue, 24 Aug 2021 11:45:12 +0000

This article is part of a series that aims to educate cyber security professionals on the lessons learned by breach victims. Each lesson will include simple recommendations, many of which do not require organizations to purchase any tools. According to the Sophos Active Adversary Playbook 2021, the use of valid accounts (via a user name and password) [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/9IgqKpd3wxw” height=”1″ width=”1″ alt=””/>

Read more

ProxyShell vulnerabilities in Microsoft Exchange: What to do

Credit to Author: Greg Iddon| Date: Mon, 23 Aug 2021 18:00:22 +0000

Last updated 2021-08-23 UTC 18:10 Overview Threat actors are actively scanning and exploiting vulnerable Microsoft Exchange servers that have not applied security patches released earlier this year. ProxyShell, the name given to a collection of vulnerabilities for Microsoft Exchange servers, enables an actor to bypass authentication and execute code as a privileged user. ProxyShell comprises [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/3OJ3pFWvR1M” height=”1″ width=”1″ alt=””/>

Read more

New Sophos Trust Center: Q&A with Ross McKerchar, Sophos CISO

Credit to Author: Editor| Date: Wed, 18 Aug 2021 07:24:40 +0000

Ross McKerchar, Sophos Vice President and Chief Information Security Officer (CISO), today announced the launch of the Sophos Trust Center. We caught up with Ross to learn about this new resource, and how it fits with Sophos&#8217; broader vision for the cybersecurity industry. Q. What is the goal of the Trust Center? Why did Sophos [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/-DP8AGaNsmY” height=”1″ width=”1″ alt=””/>

Read more

Sophos Firewall OS v18.5 MR1 and Central Orchestration now available

Credit to Author: Chris McCormack| Date: Thu, 12 Aug 2021 13:00:44 +0000

After a successful early access program, Sophos Firewall OS v18.5 MR1 and Sophos Central SD-WAN VPN Orchestration in Sophos Central are now generally available. SFOS v18.5 MR1 The latest version of SFOS includes many important performance, security, and feature enhancements. It wraps all the great capabilities released over the last year into a major new [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/-zsX02IdIe0″ height=”1″ width=”1″ alt=””/>

Read more

Ransomware mishaps: adversaries have their off days too

Credit to Author: Tilly Travers| Date: Wed, 11 Aug 2021 13:00:12 +0000

Even the most carefully planned ransomware attacks don’t always go according to plan. Take, for instance, an advanced, human-led ransomware attack where the intruders are often in the network for days, if not weeks before releasing the ransomware payload. During this time, they are moving through the network, compromising assets, installing new tools, deleting backups, [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/TQHrke9hPOA” height=”1″ width=”1″ alt=””/>

Read more

New Sophos Central data center is now live in Australia

Credit to Author: Doug Aamoth| Date: Tue, 10 Aug 2021 23:00:40 +0000

We&#8217;re delighted to announce that our newest Sophos Central data center has gone live in Sydney, Australia. Sophos Central is the cloud-based management platform that supports our portfolio of advanced, next-gen security products.  The Australia data center joins our data centers in the U.S., Germany, and Ireland, as well as the new data center [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/3cjGuqUjwkY” height=”1″ width=”1″ alt=””/>

Read more