x-ops – PossibleThreat Articles

From QR to compromise: The growing “quishing” threat

October 16, 2024 0 Comments phishing, QR code, quishing, sophos x-ops, Spam, spearphishing, threat research, x-ops

Credit to Author: Andrew Brandt| Date: Wed, 16 Oct 2024 13:01:41 +0000

Attackers leverage QR codes in PDF email attachments to spearphish corporate credentials from mobile devices

S3 Ep142: Putting the X in X-Ops

July 6, 2023 0 Comments Cybercrime, DevOps, Hacking, IT, malware, Naked Security Podcast, Podcast, Privacy, secops, security leadership, x-ops

Credit to Author: Paul Ducklin| Date: Thu, 06 Jul 2023 17:58:30 +0000

How to get all your corporate “Ops” teams working together, with cybersecurity correctness as a guiding light.

Security Sophos

January 2023 patch roundup: Microsoft tees up 98 updates

January 10, 2023 0 Comments 3d builder, adobe reader, cve-2023-21531, cve-2023-21552, cve-2023-21559, cve-2023-21674, cve-2023-21678, cve-2023-21743, exp/2321552-a, exp/2321674-a, featured, Microsoft, Patch Tuesday, sharepoint, sophos x-ops, threat research, Windows, windows 7, x-ops

Credit to Author: Angela Gunn| Date: Wed, 11 Jan 2023 02:05:40 +0000

Adobe greets the new year with patches for 18 vulns in Reader, Acrobat, and others; sun sets on the last of Win7, 8, RT support

Security Sophos

2022 Patch Tuesday cycle wraps with 48 CVEs, one advisory

December 13, 2022 0 Comments cve-2022-44690, cve-2022-44693, cve-2022-44698, cve-2022-44710, driver certificate deprecation, driver signature enforcement, drivers, Microsoft, Patch Tuesday, threat research, x-ops

Credit to Author: Angela Gunn| Date: Tue, 13 Dec 2022 18:00:22 +0000

Windows-heavy collection closes out a year of elevation-of-privilege vulnerabilities; no Exchange patches in sight

Security Sophos

Signed driver malware moves up the software trust chain

December 13, 2022 0 Comments 2022-12, adv220005, burntcigar, byovd, cuba ransomware, driver signature enforcement, drivers, featured, Patch Tuesday, sbom, security operations, signed drivers, sophos x-ops, supply chain compromise, threat research, whcp, whql, Windows, x-ops

Credit to Author: Andrew Brandt| Date: Tue, 13 Dec 2022 18:00:15 +0000

The criminals signed their AV-killer malware, closely related to one known as BURNTCIGAR, with a legitimate WHCP certificate

Security Sophos

Family Tree: DLL-Sideloading Cases May Be Related

November 4, 2022 0 Comments dll side-load, featured, sophos x-ops, threat research, x-ops

Credit to Author: Gabor Szappanos| Date: Thu, 03 Nov 2022 12:03:13 +0000

A threat actor’s repeated use of DLL-hijack execution flow makes for interesting attack results, including omnivorous file ingestion; we break down five cases and find commonalities

Security Sophos

Family Tree: Related DLL-Sideloading Cases Bear Strange Fruit

November 3, 2022 0 Comments dll side-load, featured, sophos x-ops, threat research, x-ops

Credit to Author: Gabor Szappanos| Date: Thu, 03 Nov 2022 12:03:13 +0000

A threat actor’s repeated use of DLL-hijack execution flow makes for interesting attack results, including omnivorous file ingestion; we break down five cases and find commonalities

Security Sophos

Building the AI-Assisted SOC: Sophos’ Five-Year Perspective

July 20, 2022 0 Comments ai research, ai-assisted, Machine Learning, sophos x-ops, x-ops

Credit to Author: Angela Gunn| Date: Wed, 20 Jul 2022 11:00:21 +0000

Looking ahead to the Security Operation Center of the future, forged from developments in XDR, AI innovation, and programmable security posture and powered by the AI-UX value circuit