sophos x-ops – Page 2 – PossibleThreat Articles

Turning the screws: The pressure tactics of ransomware gangs

August 6, 2024 0 Comments 8base, blackcat, blacksuit, cactus, cybercrime forums, featured, karakurt, malas, marketplaces, media, monti, play, pressure, qiulong, Ransomware, snatch, sophos x-ops, space bears, threat research, werewolves

Credit to Author: Matt Wixey| Date: Tue, 06 Aug 2024 10:00:49 +0000

Sophos X-Ops examines the increasingly aggressive tactics ransomware gangs use to coerce their targets

Security Sophos

Driving lessons: The kernel drivers in Sophos Intercept X Advanced

August 1, 2024 0 Comments cryptoguard, drivers, Intercept X Advanced, kernel, sophos x-ops, threat research

Credit to Author: Matt Wixey| Date: Thu, 01 Aug 2024 09:42:02 +0000

Operating in kernel-space is necessary, but risky – here’s how we do it in Sophos Intercept X Advanced

Security Sophos

July Patch Tuesday Unleashes a Torrent of Updates

July 9, 2024 0 Comments Azure, Database, dynamics365, eop, Microsoft, microsoft sql server, ms-sql, office365, Patch Tuesday, people rating, rce, sophos x-ops, sql server, threat research, Windows

Credit to Author: Andrew Brandt| Date: Tue, 09 Jul 2024 18:05:32 +0000

Microsoft fixes 138 bugs in Windows and other products this month

Security Sophos

Phishing, BEC attackers target candidates in local election, among others

June 14, 2024 0 Comments election, email, featured, fraud, phishing, sophos x-ops, Spam, threat research

Credit to Author: Andrew Brandt| Date: Thu, 13 Jun 2024 10:02:56 +0000

An escalating series of email-borne attacks were sent to candidates, including the author

Security Sophos

RD Web Access abuse: Fighting back

June 14, 2024 0 Comments active adversary, active adversary report, featured, Incident Response, RDP, security operations, sophos x-ops, threat research

Credit to Author: Angela Gunn| Date: Wed, 12 Jun 2024 18:59:54 +0000

Investigation insights and recommendations from a recent welter of incident-response cases

Security Sophos

June Patch Tuesday squares up with 49 patches

June 11, 2024 0 Comments cve-2024-30080, cve-2024-37325, cve-2024-50868, featured, Patch Tuesday, sophos x-ops, threat research, Windows

Credit to Author: Angela Gunn| Date: Wed, 12 Jun 2024 01:21:01 +0000

Just one critical-severity issue addressed, but don’t sleep on an industry-wide DNS issue

Security Sophos

‘Junk gun’ ransomware: Peashooters can still pack a punch

April 17, 2024 0 Comments cybercrime forums, featured, junk gun, Ransomware, small business, sophos x-ops, threat research

Credit to Author: Matt Wixey| Date: Wed, 17 Apr 2024 10:00:08 +0000

A Sophos X-Ops investigation finds that a wave of crude, cheap ransomware could spell trouble for small businesses and individuals – but also provide insights into threat actor career development and the wider threat landscape

Security Sophos

Smoke and (screen) mirrors: A strange signed backdoor

April 15, 2024 0 Comments backdoor, certificate, featured, proxy, sophos x-ops, threat research

Credit to Author: Matt Wixey| Date: Tue, 09 Apr 2024 19:08:05 +0000

Sophos X-Ops discovers a curious backdoored (and signed) executable, masquerading as something else entirely

Security Sophos

Remote Desktop Protocol: The Series

March 20, 2024 0 Comments active adversary, featured, Incident Response, incident response tools, mdr, RDP, security operations, sophos x-ops, threat research

Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:18:21 +0000

What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground it when it goes wrong? An Active Adversary Special Report

Security Sophos

Remote Desktop Protocol: Exposed RDP (is dangerous)

March 20, 2024 0 Comments Incident Response, incident response tools, mdr, RDP, security operations, sophos x-ops

Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:16:34 +0000

Is it really that risky to expose an RDP port to the internet? What if you change the default port? What if it’s just for a little while? The data answers, loud and clear