security operations – Page 3 – PossibleThreat Articles

Best security practices for ESXi environments

August 7, 2024 0 Comments EDR, esxi, featured, mdr, remediations, security operations, threat research, virtualization, vmware

Credit to Author: Angela Gunn| Date: Wed, 07 Aug 2024 09:52:08 +0000

Ten recommendations for defenders when natively run EDR isn’t an option

Security Sophos

Unlocking cyber insurance savings to fund MDR

July 24, 2024 0 Comments cyber insurance, mdr, products & services, Ransomware, security operations

Credit to Author: Sally Adam| Date: Wed, 24 Jul 2024 09:20:51 +0000

Redirecting risk reduction spend from cyber insurance to MDR services is a win-win, resulting in better protection and lower cost coverage.

Security Sophos

Cysurance announces discounted cyber insurance program for Sophos customers in Australia

July 9, 2024 0 Comments cyber insurance, cysurance, Endpoint, mdr, products & services, Ransomware, security operations

Credit to Author: Sally Adam| Date: Tue, 09 Jul 2024 22:25:06 +0000

Expanding our successful partnership from the United States to Australia.

Security Sophos

MITRE Engenuity ATT&CK Evaluations for Managed Services (menuPass + ALPHV BlackCat)

June 18, 2024 0 Comments Endpoint, mitre, mitre att&ck, products & services, security operations, sophos mdr

Credit to Author: Doug Aamoth| Date: Tue, 18 Jun 2024 13:00:28 +0000

Our view on the latest round of the MITRE Engenuity ATT&CK Evaluations for Managed Services.

Security Sophos

RD Web Access abuse: Fighting back

June 14, 2024 0 Comments active adversary, active adversary report, featured, Incident Response, RDP, security operations, sophos x-ops, threat research

Credit to Author: Angela Gunn| Date: Wed, 12 Jun 2024 18:59:54 +0000

Investigation insights and recommendations from a recent welter of incident-response cases

Security Sophos

Operation Crimson Palace: A Technical Deep Dive

June 5, 2024 0 Comments security operations, threat research

Credit to Author: gallagherseanm| Date: Wed, 05 Jun 2024 10:00:46 +0000

Sophos Managed Detection and Response initiated a threat hunt across all customers after the detection of abuse of a vulnerable legitimate VMware executable (vmnat.exe) to perform dynamic link library (DLL) side-loading on one customer’s network. In a search for similar incidents in telemetry, MDR ultimately uncovered a complex, persistent cyberespionage campaign targeting a high-profile government […]

Security Sophos

Extracting data from encrypted virtual disks: six methods

May 13, 2024 0 Comments data extraction, dfir, encryption, featured, Incident Response, mdr, Ransomware, security operations, threat research, virtual machine

Credit to Author: Angela Gunn| Date: Mon, 13 May 2024 08:30:24 +0000

For incident responders, a variety of techniques for information retrieval from locked-up VMs

Security Sophos

Sophos named a Leader in the 2024 IDC MarketScape for Worldwide Managed Detection and Response (MDR)

April 30, 2024 0 Comments featured, idc, mdr, products & services, security operations

Credit to Author: Doug Aamoth| Date: Tue, 30 Apr 2024 16:28:37 +0000

The IDC MarketScape evaluates the capabilities and business strategies of managed detection and response service providers worldwide.

Security Sophos

The State of Ransomware 2024

April 30, 2024 0 Comments backups, Endpoint, featured, products & services, Ransomware, research, security operations, Vulnerabilities

Credit to Author: Sally Adam| Date: Tue, 30 Apr 2024 10:30:03 +0000

Our fifth annual report reveals how ransomware experiences have changed over the last year, plus brand-new insights into the business impact of an attack.

Security Sophos

Malware campaign attempts abuse of defender binaries

April 26, 2024 0 Comments binaries, featured, impersonation, security operations, threat research

Credit to Author: Gabor Szappanos| Date: Fri, 26 Apr 2024 16:26:02 +0000

Command-and-control wares try to sneak onto systems disguised as various vendors; payloads vary, but Sophos customers are protected