Sophos

Sophos uncovers AI-powered malware lab built for EDR evasion

AI, cybercrime, Malware, News, Ransomware, Sophos /

Sophos uncovers AI-powered malware lab built for EDR evasion 2026-06-02 at 15:47 By Sinisa Markovic A threat actor used AI technologies to build a malware-testing framework for developing and refining endpoint detection and response (EDR) evasion techniques, according to Sophos. The investigation began after an anomalous endpoint in a customer environment triggered alerts tied to […]

Sophos uncovers AI-powered malware lab built for EDR evasion Read More »

Over 70% of organizations hit by identity breaches

credentials, cybersecurity, identity management, News, Non Human Identities, Ransomware, report, Sophos /

Over 70% of organizations hit by identity breaches 2026-05-14 at 07:30 By Anamarija Pogorelec Attackers rely on stolen credentials, compromised service accounts, and social engineering attacks targeting employees, according to Sophos’ The State of Identity Security 2026 survey. What do you estimate to be the overall cost to your organization to rectify the identity breach?

Over 70% of organizations hit by identity breaches Read More »

Users advised to drop passwords and make room for passkeys

authentication, cybersecurity, Government, NCSC, News, passkeys, passwordless, Sophos /

Users advised to drop passwords and make room for passkeys 2026-04-24 at 23:26 By Sinisa Markovic In a decisive move that could reshape how users log in online, the National Cyber Security Centre (NCSC) is urging consumers to abandon passwords in favour of passkeys, positioning them as the future of authentication. “Passkeys should become consumers’

Users advised to drop passwords and make room for passkeys Read More »

Ransomware activity peaks outside business hours

Artificial Intelligence, cybersecurity, generative AI, identity, News, phishing, report, Sophos /

Ransomware activity peaks outside business hours 2026-02-27 at 12:18 By Anamarija Pogorelec Intrusions continue to center on credential access and timed execution outside standard business hours. The Sophos Active Adversary Report 2026 analyzes 661 incident response and managed detection and response cases handled between November 1, 2024 and October 31, 2025, spanning organizations in 70

Ransomware activity peaks outside business hours Read More »

Sophos expands security stack to govern apps, data, and AI in hybrid work

Industry news, Sophos /

Sophos expands security stack to govern apps, data, and AI in hybrid work 2026-01-20 at 13:45 By Industry News Sophos has announced Sophos Workspace Protection, expanding its portfolio to help organizations secure hybrid work and govern the use of emerging technologies, including AI. Built around the Sophos Protected Browser, powered by Island, the solution enables

Sophos expands security stack to govern apps, data, and AI in hybrid work Read More »

Ransomware’s new playbook is chaos

Acronis, Akamai, At-Bay, Black Kite, Chainalysis, Coalition, Coveware, cybersecurity, Delinea, Illumio, Ivanti, News, Ransomware, report, Rubrik, Searchlight Cyber, Semperis, Sophos, Veeam Software /

Ransomware’s new playbook is chaos 2025-12-31 at 07:07 By Anamarija Pogorelec Ransomware threats are accelerating in scale, sophistication, and impact. Data reveals how evolving techniques, shifting payment trends, and AI-driven capabilities are reshaping the threat landscape, and raising the stakes for every organization. The weekend is prime time for ransomware Over half of organizations that

Ransomware’s new playbook is chaos Read More »

Manufacturing is becoming a test bed for ransomware shifts

cybersecurity, Encryption, manufacturing sector, News, Ransomware, report, Sophos, threat detection /

Manufacturing is becoming a test bed for ransomware shifts 2025-12-15 at 07:12 By Anamarija Pogorelec Manufacturing leaders may feel that ransomware risk has settled, but new data shows the threat is shifting in ways that require attention, according to a Sophos report. A global survey of 332 IT and security leaders outlines how attackers are

Manufacturing is becoming a test bed for ransomware shifts Read More »

Sophos adds Intelix threat intelligence to Microsoft Security and 365 Copilot

Industry news, Sophos /

Sophos adds Intelix threat intelligence to Microsoft Security and 365 Copilot 2025-11-19 at 11:32 By Industry News Sophos announced the general availability of new integrations that connect Sophos Intelix, its cyber threat intelligence repository, with Microsoft Security Copilot and Microsoft 365 Copilot. Organizations of all sizes now gain real-time access to Sophos threat intelligence within

Sophos adds Intelix threat intelligence to Microsoft Security and 365 Copilot Read More »

Retailers are learning to say no to ransom demands

cybersecurity, Encryption, extortion, News, Ransomware, report, Retail, Sophos /

Retailers are learning to say no to ransom demands 2025-11-06 at 07:45 By Anamarija Pogorelec Ransomware remains one of the biggest operational risks for retailers, but the latest data shows a shift in how these attacks unfold. Fewer incidents now lead to data encryption, recovery costs have dropped, and businesses are bouncing back faster. Yet

Retailers are learning to say no to ransom demands Read More »

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287)

Darktrace, data theft, Don't miss, Eye Security, Hot stuff, Huntress, Malware, News, Palo Alto Networks, Sophos, Windows Server /

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) 2025-10-30 at 15:46 By Zeljka Zorz Attackers have been spotted exploiting the recently patched WSUS vulnerability (CVE-2025-59287) to deploy infostealer malware on unpatched Windows servers. An out-of-band update Last week’s release of an emergency fix for CVE-2025-59287, a Windows Server Update Services (WSUS) remote code execution vulnerability,

Attackers exploiting WSUS vulnerability drop Skuld infostealer (CVE-2025-59287) Read More »

Legit tools, illicit uses: Velociraptor, Nezha turned against victims

APT, attack tools, Cisco, Don't miss, Hot stuff, Huntress, News, open source, Ransomware, Sophos /

Legit tools, illicit uses: Velociraptor, Nezha turned against victims 2025-10-09 at 19:19 By Zeljka Zorz Threat actors are using an increasing variety of commercial and open-source products to carry out their attacks: according to researchers, Velociraptor and Nezha are the latest additions to their attack toolbox. Velociraptor misuse A suspected China-based ransomware threat actor has

Legit tools, illicit uses: Velociraptor, Nezha turned against victims Read More »

ScreenConnect admins targeted with spoofed login alerts

Don't miss, Hot stuff, MFA, Mimecast, MITM, MSP, News, Sophos, spear-phishing /

ScreenConnect admins targeted with spoofed login alerts 2025-08-25 at 17:56 By Zeljka Zorz ScreenConnect cloud administrators across all region and industries are being targeted with fake email alerts warning about a potentially suspicious login event. The goal of the attackers is to grab the login credentials and MFA tokens of Super Admins: users who have

ScreenConnect admins targeted with spoofed login alerts Read More »

Critical Vulnerabilities Patched in Sophos Firewall

firewall, Network Security, Sophos, Vulnerabilities, vulnerability /

Critical Vulnerabilities Patched in Sophos Firewall 2025-07-23 at 14:35 By Ionut Arghire Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code. The post Critical Vulnerabilities Patched in Sophos Firewall appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Critical Vulnerabilities Patched in Sophos Firewall Read More »

Companies negotiate their way to lower ransom payments

cybersecurity, News, Ransomware, report, Sophos /

Companies negotiate their way to lower ransom payments 2025-06-25 at 07:38 By Help Net Security Nearly 50% of companies paid the ransom to recover their data, the second-highest rate in six years, according to Sophos. How actual payments stack up with the initial demand Ransom payments and recovery costs are on the decline Despite the

Companies negotiate their way to lower ransom payments Read More »

Attackers hit MSP, use its RMM software to deliver ransomware to clients

Don't miss, Hot stuff, MSP, News, Ransomware, remote management, SimpleHelp, SMBs, Sophos, vulnerability /

Attackers hit MSP, use its RMM software to deliver ransomware to clients 2025-05-28 at 14:36 By Zeljka Zorz A threat actor wielding the DragonForce ransomware has compromised an unnamed managed service provider (MSP) and pushed the malware onto its client organizations via SimpleHelp, a legitimate remote monitoring and management (RMM) tool. “Sophos MDR has medium

Attackers hit MSP, use its RMM software to deliver ransomware to clients Read More »

DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities

Data Breaches, DragonForce, Ransomware, SimpleHelp, Sophos /

DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities 2025-05-27 at 18:17 By Ionut Arghire Sophos warns that a DragonForce ransomware operator chained three vulnerabilities in SimpleHelp to target a managed service provider. The post DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

DragonForce Ransomware Hackers Exploiting SimpleHelp Vulnerabilities Read More »

Why CISOs are doubling down on cyber crisis simulations

CISO, Cloud Range, crisis management, cybersecurity, Don't miss, Features, Hack The Box, Hot stuff, how-to, Immersive, News, opinion, Sophos, strategy, tips /

Why CISOs are doubling down on cyber crisis simulations 2025-04-09 at 09:03 By Mirko Zorz Cyber threats aren’t going away, and CISOs know prevention isn’t enough. Being ready to respond is just as important. Cyber crisis simulations offer a way to test that readiness. They let teams walk through real-world scenarios in a controlled setting,

Why CISOs are doubling down on cyber crisis simulations Read More »

Cybercriminals exfiltrate data in just three days

cybercrime, cybersecurity, News, Ransomware, report, Sophos, survey /

Cybercriminals exfiltrate data in just three days 2025-04-03 at 08:14 By Industry News In 56% of Sophos managed detection and response (MDR) and incident response (IR) cases, attackers gained initial access to networks by exploiting external remote services, including edge devices such as firewalls and VPNs, and by leveraging valid accounts. Compromised credentials remain the

Cybercriminals exfiltrate data in just three days Read More »

Mastering the cybersecurity tightrope of protection, detection, and response

cyber resilience, cybersecurity, data security, Don't miss, Encryption, Features, Hot stuff, Incident Response, monitoring, News, opinion, Sophos, strategy /

Mastering the cybersecurity tightrope of protection, detection, and response 2025-02-21 at 08:05 By Mirko Zorz In this Help Net Security interview, Chester Wisniewski, Director and Global Field CISO at Sophos, discusses the shifting ransomware landscape, the risks posed by quantum decryption threats, and the role of vendor security validation. Wisniewski notes that cyber resilience is

Mastering the cybersecurity tightrope of protection, detection, and response Read More »

SailPoint IPO Signals Bright Spot for Cybersecurity

Funding/M&A, Identity & Access, IPO, Ping Identity, Proofpoint, SailPoint, Sophos, Thoma Bravo /

SailPoint IPO Signals Bright Spot for Cybersecurity 2025-02-14 at 22:18 By SecurityWeek News In a signal move for the cybersecurity sector, identity and access management (IAM) vendor SailPoint has made its return to public markets. The post SailPoint IPO Signals Bright Spot for Cybersecurity appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

SailPoint IPO Signals Bright Spot for Cybersecurity Read More »

Scroll to Top