Content updates and product architecture: Sophos Endpoint
Credit to Author: Matt Wixey| Date: Thu, 15 Aug 2024 16:37:18 +0000
Sophos X-Ops takes a look at the content updates in Intercept X, and how we validate and release them
Read moreCredit to Author: Matt Wixey| Date: Thu, 15 Aug 2024 16:37:18 +0000
Sophos X-Ops takes a look at the content updates in Intercept X, and how we validate and release them
Read moreCredit to Author: Matt Wixey| Date: Thu, 01 Aug 2024 09:42:02 +0000
Operating in kernel-space is necessary, but risky – here’s how we do it in Sophos Intercept X Advanced
Read moreCredit to Author: Angela Gunn| Date: Wed, 10 Apr 2024 07:04:39 +0000
The largest CVE count in recent history rolls out
Read moreCredit to Author: Matt Wixey| Date: Mon, 04 Mar 2024 11:00:08 +0000
First released in May 2023, an EDR killer – and the vulnerable Zemana drivers it leverages – are still of interest to threat actors, along with variants and ported versions
Read moreCredit to Author: Angela Gunn| Date: Thu, 25 Jan 2024 19:00:52 +0000
A false-alarm incident involving Panda Security software leads to three very real CVEs
Read moreCredit to Author: Andrew Brandt| Date: Tue, 11 Jul 2023 17:20:38 +0000
In December 2022, Microsoft published their monthly Windows Update packages that included an advisory about malicious drivers, signed by Microsoft and other code-signing authorities, that Sophos X-Ops (and others) observed threat actors abusing during attacks. Today, Microsoft issued Security Advisory ADV230001 as part of their July Windows Update that addresses Sophos’ discovery of more than […]
Read moreCredit to Author: Angela Gunn| Date: Tue, 13 Dec 2022 18:00:22 +0000
Windows-heavy collection closes out a year of elevation-of-privilege vulnerabilities; no Exchange patches in sight
Read moreCredit to Author: Andrew Brandt| Date: Tue, 13 Dec 2022 18:00:15 +0000
The criminals signed their AV-killer malware, closely related to one known as BURNTCIGAR, with a legitimate WHCP certificate
Read more