Microsoft squares away 121-CVE Patch Tuesday for August
Credit to Author: Angela Gunn| Date: Wed, 10 Aug 2022 12:31:41 +0000
Another tough month for Azure admins; meanwhile, Windows takes a long road to a Dogwalk
Read morethreat research
Multiple attackers increase pressure on victims, complicate incident response
Credit to Author: Matt Wixey| Date: Tue, 09 Aug 2022 11:00:04 +0000
Sophos’ latest Active Adversary report explores the issue of organizations being hit multiple times by attackers
Read moreGenesis Brings Polish to Stolen-Credential Marketplaces
Credit to Author: Yusuf Polat| Date: Thu, 04 Aug 2022 11:00:02 +0000
Four years on, Genesis Marketplace remains the go-to underground market for easy access to other people’s data
Read moreBehind the Research: The Making of “OODA: X-Ops Takes on Burgeoning SQL Server Attacks”
Credit to Author: Christopher Budd| Date: Wed, 20 Jul 2022 11:00:25 +0000
Today, we released new Sophos research into a series of Microsoft SQL Server attacks. We also released a new piece outlining our vision of how security operations can and will be enhanced and improved by machine learning and artificial intelligence: “Building the AI-Driven SOC: Sophos’ 5-Year Perspective.” Finally, today we announced the launch of Sophos […]
Read moreOODA: X-Ops Takes On Burgeoning SQL Server Attacks
Credit to Author: Angela Gunn| Date: Wed, 20 Jul 2022 11:00:14 +0000
How do the pieces of Sophos X-Ops fit together? A combined effort makes tidy work of a threat actor’s big play
Read moreSophos X-Ops FAQ
Credit to Author: Christopher Budd| Date: Wed, 20 Jul 2022 11:00:05 +0000
What exactly is Sophos X-Ops? Sophos X-Ops is a new, cross-operational (X-Ops) team linking SophosLabs, Sophos SecOps and Sophos AI, three established teams of cybersecurity experts at Sophos, to help organizations better defend against constantly changing and increasingly complex cyberattacks. The unit leverages the predictive, real-time, real-world, and deeply researched threat intelligence from each distinct […]
Read moreBlackCat ransomware attacks not merely a byproduct of bad luck
Credit to Author: Andrew Brandt| Date: Thu, 14 Jul 2022 11:05:03 +0000
Older hardware and outdated operating systems contribute to attacks
Read moreRapid Response: The Ngrok Incident Guide
Credit to Author: Angela Gunn| Date: Thu, 14 Jul 2022 08:01:51 +0000
Ngrok is a legitimate remote-access tool. It is regularly abused by attackers, who use its capabilities and reputation to maneuver while bypassing network protections. This incident guide shows Security Operations Centers (SOCs) and response teams how to detect and respond to the suspicious presence or use of ngrok on the network.
Read moreJuly Patch Tuesday is Rich in Azure, Windows Issues
Credit to Author: Angela Gunn| Date: Wed, 13 Jul 2022 03:20:43 +0000
Windows-facing issues make up the bulk of the 85 CVEs addressed, with one vulnerability under active exploit in the wild
Read moreActive Adversary Playbook 2022 Insights: Web Shells
Credit to Author: gallagherseanm| Date: Wed, 22 Jun 2022 11:00:07 +0000
Public proofs-of-concept of web shell exploits coincide with major spikes in attacks.
Read more