security operations – Page 7 – PossibleThreat Articles

Sophos Central Turns Ten!

July 29, 2023 0 Comments Endpoint, featured, products & services, security operations, Sophos Central, sophos cloud, sophos email, sophos endpoint, Sophos Intercept X, sophos mdr, sophos server protection

Credit to Author: Sally Adam| Date: Sat, 29 Jul 2023 07:25:32 +0000

The world’s most trusted cybersecurity platform now secures more than 25 million devices

Security Sophos

Introducing Sophos MDR for Microsoft Defender

July 25, 2023 0 Comments featured, microsoft defender, products & services, security operations, sophos mdr

Credit to Author: Sally Adam| Date: Tue, 25 Jul 2023 15:41:07 +0000

Strengthen Microsoft Defender with 24/7 human-led threat detection and response from the world’s most trusted MDR service provider.

Security Sophos

Bad ad fad leads to IcedID, Gozi infections

July 20, 2023 0 Comments batloader, fakebat, featured, gozi, icedid, malvertising, mdr, security operations, sophos x-ops, threat research

Credit to Author: Matt Wixey| Date: Thu, 20 Jul 2023 10:00:07 +0000

Malvertising campaigns using paid ads result in infostealer and backdoor attacks

Security Sophos

Sophos Announces Partnership With Cysurance

July 11, 2023 0 Comments cyber insurance, products & services, security operations, sophos mdr

Credit to Author: Sally Adam| Date: Tue, 11 Jul 2023 12:30:10 +0000

Providing unique, fixed-price cyber insurance to organizations using Sophos Managed Detection and Response (MDR)

Security Sophos

Update 5: Information on MOVEit Vulnerabilities CVE-2023-34362, CVE-2023-35036, CVE-2023-35708, and CVE-2023-36934

July 7, 2023 0 Comments cve-2023-34362, cve-2023-35036, cve-2023-35708, cve-2023-36932, cve-2023-36933, cve-2023-36934, dev-0950, Exploit, featured, fin11, mdr, moveit, progress software, security operations, ta505, threat research, vulnerability

Credit to Author: Christopher Budd| Date: Mon, 05 Jun 2023 21:50:09 +0000

Users of the file-transfer package should apply patches immediately and check for indications of possible compromise

Security Sophos

Investigator, API Yourself: Deploying Microsoft Graph on the trail of an attacker

June 30, 2023 0 Comments email compromise, featured, human-led threat hunting, mdr, Microsoft 365, microsoft graph, office 365, security operations, threat research

Credit to Author: gallagherseanm| Date: Fri, 30 Jun 2023 17:47:14 +0000

Two clients, two threat hunts – any connection? Using Microsoft’s cloud-security API to parse piles of disparate data leads to fascinating findings

Security Sophos

Deep dive into the Pikabot cyber threat

June 12, 2023 0 Comments ndr, pikabot, security operations

Credit to Author: Karl Ackerman| Date: Mon, 12 Jun 2023 18:29:52 +0000

Discovered in early 2023, the modular Pikabot malware trojan can execute a diverse range of commands.

Security Sophos

Sophos NDR Live Discover reports are now available

May 30, 2023 0 Comments ndr, products & services, security operations

Credit to Author: Karl Ackerman| Date: Wed, 31 May 2023 02:14:04 +0000

These new queries and reports are available for free to all licensed NDR customers.

Security Sophos

Akira Ransomware is “bringin’ 1988 back”

May 11, 2023 0 Comments akira, featured, Incident Response, Ransomware, security operations, sophos xdr, threat research

Credit to Author: gallagherseanm| Date: Tue, 09 May 2023 20:27:03 +0000

A new recently observed ransomware family dubbed Akira uses a retro aesthetic on their victim site very reminiscent of the 1980s green screen consoles and possibly takes its namesake from the popular 1988 anime film of the same name.

Security Sophos

Update 1: Increased exploitation of PaperCut drawing blood around the Internet

May 2, 2023 0 Comments cve-2023-27350, featured, mdr, mdr flash, papercut, security operations, sophos mdr

Credit to Author: Angela Gunn| Date: Thu, 27 Apr 2023 18:43:38 +0000

A recent remote code execution (RCE) vulnerability is increasingly in use to deliver Cobalt Strike and other remote management software, along with multiple ransomware threats – what you need to know about CVE-2023-27350