Sophos

Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!

Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware! 2024-04-19 at 15:46 By Zeljka Zorz More organizations hit by ransomware gangs are starting to realize that it doesn’t pay to pay up: “In Q1 2024, the proportion of victims that chose to pay touched a new record low of 28%,” ransomware incident […]

React to this headline:

Loading spinner

Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware! Read More »

Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate

Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate 2024-04-18 at 08:01 By Help Net Security Since June 2023, Sophos X-Ops has discovered 19 junk gun ransomware variants — cheap, independently produced, and crudely constructed — on the dark web. The developers of these junk gun variants are attempting to

React to this headline:

Loading spinner

Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate Read More »

Keyloggers, spyware, and stealers dominate SMB malware detections

Keyloggers, spyware, and stealers dominate SMB malware detections 2024-03-13 at 06:06 By Help Net Security In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. Attackers subsequently use this stolen information to gain unauthorized remote access, extort victims, deploy ransomware,

React to this headline:

Loading spinner

Keyloggers, spyware, and stealers dominate SMB malware detections Read More »

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708) 2024-02-26 at 13:36 By Zeljka Zorz The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of malicious payloads. About ConnectWise ScreenConnect ConnectWise ScreenConnect is a remote desktop solution consisting of server and client

React to this headline:

Loading spinner

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708) Read More »

Unveiling the true cost of healthcare cybersecurity incidents

Unveiling the true cost of healthcare cybersecurity incidents 2023-12-28 at 08:02 By Help Net Security As healthcare organizations increasingly rely on interconnected systems, electronic health records, and telemedicine, the industry becomes a prime target for malicious actors seeking to exploit vulnerabilities. The consequences of a cybersecurity breach in healthcare are not only measured in compromised

React to this headline:

Loading spinner

Unveiling the true cost of healthcare cybersecurity incidents Read More »

Ransomware trends and recovery strategies companies should know

Ransomware trends and recovery strategies companies should know 19/12/2023 at 07:34 By Help Net Security Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, including phishing emails, malicious websites, and exploiting vulnerabilities in software or operating systems. Cybercriminals often target organizations with weak

React to this headline:

Loading spinner

Ransomware trends and recovery strategies companies should know Read More »

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236)

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236) 13/12/2023 at 14:17 By Zeljka Zorz Over a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls (CVE-2022-3236) that was being actively exploited by attackers, and now they have pushed additional ones to protect vulnerable EOL devices. “In December

React to this headline:

Loading spinner

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236) Read More »

Sophos Patches EOL Firewalls Against Exploited Vulnerability

Sophos Patches EOL Firewalls Against Exploited Vulnerability 13/12/2023 at 13:46 By Ionut Arghire Sophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit. The post Sophos Patches EOL Firewalls Against Exploited Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Sophos Patches EOL Firewalls Against Exploited Vulnerability Read More »

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) 20/11/2023 at 14:47 By Helga Labus CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is a pre-auth command injection vulnerability

React to this headline:

Loading spinner

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) Read More »

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability 17/11/2023 at 16:20 By Eduard Kovacs CISA adds Sophos, Oracle and Microsoft product security holes to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability Read More »

Telemetry gaps leave networks vulnerable as attackers move faster

Telemetry gaps leave networks vulnerable as attackers move faster 16/11/2023 at 09:01 By Help Net Security Telemetry logs are missing in nearly 42% of the attack cases studied, according to Sophos. In 82% of these cases, cybercriminals disabled or wiped out the telemetry to hide their tracks. Gaps in telemetry decrease much-needed visibility into organizations’

React to this headline:

Loading spinner

Telemetry gaps leave networks vulnerable as attackers move faster Read More »

10 corporate cybersecurity blogs worth your time

10 corporate cybersecurity blogs worth your time 14/11/2023 at 09:02 By Help Net Security In this article, we’ve curated a list of insightful corporate cybersecurity blogs that provide analysis and actionable advice to help you keep your company’s digital assets secure. This list is not meant to be exhaustive since thousands of companies have infosec

React to this headline:

Loading spinner

10 corporate cybersecurity blogs worth your time Read More »

Healthcare’s road to redefining cybersecurity with modern solutions

Healthcare’s road to redefining cybersecurity with modern solutions 03/11/2023 at 08:07 By Help Net Security The rate of data encryption following a ransomware attack in healthcare was the highest in the last three years, according to Sophos. Ransomware attacks continue to grow in sophistication Among those organizations surveyed, cybercriminals successfully encrypted data in nearly 75%

React to this headline:

Loading spinner

Healthcare’s road to redefining cybersecurity with modern solutions Read More »

Most dual ransomware attacks occur within 48 hours

Most dual ransomware attacks occur within 48 hours 02/10/2023 at 12:16 By Helga Labus Since July 2023, the Federal Bureau of Investigation (FBI) has noticed a new trend: dual ransomware attacks on the same victim, occurring in close proximity of one another. Dual ransomware attacks Dual ransomware attacks are when against the same victim occurr

React to this headline:

Loading spinner

Most dual ransomware attacks occur within 48 hours Read More »

Covert Delivery of Cobalt Strike Beacon via Sophos Phishing Website

Covert Delivery of Cobalt Strike Beacon via Sophos Phishing Website 15/09/2023 at 17:31 By rohansinhacyblecom Key Takeaways Overview Cyble Research & Intelligence Labs (CRIL) came across a typosquatted domain of  Sophos, “sopbos[.]com”, using a VirusTotal search. The phishing site impersonates the installation of the Sophos Home. The initial infection vector is unclear at this time

React to this headline:

Loading spinner

Covert Delivery of Cobalt Strike Beacon via Sophos Phishing Website Read More »

Cybercriminals use research contests to create new attack methods

Cybercriminals use research contests to create new attack methods 01/09/2023 at 07:17 By Help Net Security Adversary-sponsored research contests on cybercriminal forums focus on new methods of attack and evasion, according to Sophos. The contests mirror legitimate security conference ‘Call For Papers’ and provide the winners considerable financial rewards and recognition from peers and also

React to this headline:

Loading spinner

Cybercriminals use research contests to create new attack methods Read More »

Ransomware group exploits Citrix NetScaler systems for initial access

Ransomware group exploits Citrix NetScaler systems for initial access 29/08/2023 at 14:50 By Helga Labus A known threat actor specializing in ransomware attacks is believed to be behind a recent campaign that targeted unpatched internet-facing Citrix NetScaler systems to serve as an initial foothold into enterprise networks. “Our data indicates strong similarity between attacks using

React to this headline:

Loading spinner

Ransomware group exploits Citrix NetScaler systems for initial access Read More »

Ransomware dwell time hits new low

Ransomware dwell time hits new low 25/08/2023 at 06:34 By Help Net Security Median attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks during the first half of 2023, according to Sophos. In 2022, the median

React to this headline:

Loading spinner

Ransomware dwell time hits new low Read More »

Black Hat USA 2023 video walkthrough

Black Hat USA 2023 video walkthrough 11/08/2023 at 15:04 By Help Net Security Help Net Security is in Las Vegas this week for Black Hat USA 2023, and this video provides a closer look at the event. The exhibitors featured in this video are: 1Password, Aqua Security, CISA, Cisco, CyberFOX, Darktrace, Dasera, Fortanix, Fortinet, Fortra,

React to this headline:

Loading spinner

Black Hat USA 2023 video walkthrough Read More »

Photos: Black Hat USA 2023

Photos: Black Hat USA 2023 11/08/2023 at 07:47 By Help Net Security Black Hat USA 2023 returned to the Mandalay Bay Convention Center in Las Vegas. The conference featured over 100 selected Briefings, open-source tool demos in the Arsenal, a Business Hall, networking events, and more. Here’s a photo gallery from the event. The featured

React to this headline:

Loading spinner

Photos: Black Hat USA 2023 Read More »

Scroll to Top