Top 10 security misperceptions

Credit to Author: Tilly Travers| Date: Thu, 27 May 2021 13:00:53 +0000

The Sophos Rapid Response team has compiled a list of the most commonly held security  misperceptions they&#8217;ve encountered in the last 12 months while neutralizing and investigating cyberattacks in a wide range of organizations.  Below is a list of the top 10 misperceptions, together with a Sophos counterpoint dispelling each of them based on incident responders&#8217; [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/R-zkaWtLygw” height=”1″ width=”1″ alt=””/>

Read more

What to expect when you’ve been hit with Avaddon ransomware

Credit to Author: Tilly Travers| Date: Mon, 24 May 2021 11:52:50 +0000

Avaddon ransomware is a Ransomware-as-a-Service (RaaS) that combines encryption with data theft and extortion. Avaddon has been around since 2019 but has become more prominent and aggressive since June 2020. “Affiliates” or customers of the service have been observed deploying Avaddon to a wide range of targets in multiple countries, often through malicious spam and [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/eJWPBvysUPs” height=”1″ width=”1″ alt=””/>

Read more

How the Sophos Managed Threat Response team helped put a dangerous online sextortionist behind bars for 75 years

Credit to Author: Editor| Date: Tue, 11 May 2021 12:30:40 +0000

Disclaimer: The security company that assisted in the investigation, and played a supporting role contributing to the ultimate apprehension of Brian Hernandez, was Rook Security, which was acquired by Sophos in 2019 as the operations kernel of Sophos’ MTR service.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/Z1wh3JktCkw” height=”1″ width=”1″ alt=””/>

Read more

MTR in Real Time: Pirates pave way for Ryuk ransomware

Credit to Author: Tilly Travers| Date: Thu, 06 May 2021 13:00:21 +0000

Sophos’ Rapid Response team was recently brought in to contain and neutralize an attack involving Ryuk ransomware. The target was a European biomolecular research institute involved in COVID-19 related research as well as other activities related to the life sciences. The institute has close partnerships with local universities and works with students on various programs. [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/6pSQ_YkCBSQ” height=”1″ width=”1″ alt=””/>

Read more

Sophos MTR in Real Time: What is Astro Locker Team?

Credit to Author: Michael Heller| Date: Wed, 31 Mar 2021 21:08:13 +0000

A recent incident with a new Sophos Managed Threat Response (MTR) customer has raised questions about the Mount Locker ransomware group and the relationship it has with Astro Locker Team. A ransomware detection for Mount Locker kicked the MTR team into gear and what they found was surprising. The first detection made it clear what [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/jpcwoW1T4Jg” height=”1″ width=”1″ alt=””/>

Read more

MTR in Real-Time: Exchange ProxyLogon Edition

Credit to Author: Michael Heller| Date: Wed, 17 Mar 2021 16:32:29 +0000

The recently reported collection of Microsoft Exchange Server zero-day vulnerabilities has rocked the infosec world, impacting tens of thousands of organizations around the world, with some estimates exceeding 100,000 and growing by the day. The exploitations seen in the wild were first attributed to a nation state actor dubbed Hafnium, but the vulnerabilities and attacks [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/GdZsNVuZwSw” height=”1″ width=”1″ alt=””/>

Read more

Installing MTR on the run to keep up with Netwalker

Credit to Author: Michael Heller| Date: Tue, 16 Mar 2021 13:00:47 +0000

A new customer of the Sophos Managed Threat Response (MTR) service delayed their deployment, so when they were unexpectedly hit by a Netwalker ransomware attack, they had to go into SOS mode. Even though Sophos MTR immediately stepped in to neutralize the incident, the investigation into the initial entry points of the attack was hindered [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/cLbKIfzhBHw” height=”1″ width=”1″ alt=””/>

Read more