Sophos unearths involvement of Lemon Duck crypto-mining malware in ProxyLogon attacks
The Lemon Duck cryptomining malware is being used to target unpatched Microsoft Exchange servers —giving it a 'firm foothold' in compromised servers.
New ransomware Epsilon Red discovered - how it works
New ransomware Epsilon Red has been found by Sophos researchers who detail the tools, techniques, procedures, and behaviour of the attackers behind it.
Sophos develops detection capabilities to thwart in-memory cyber threats
Fileless malware is a type of covert threat that injects code directly into the memory of a compromised machine, often to avoid detection.
Sophos and Ingram Micro set sights on cybersecurity market in A/NZ
Sophos and Ingram Micro have extended their partnership, which will see the distributor working to recruit new managed services partners to the Sophos MSP Connect Flex program.
Ransomware recovery costs increase as businesses are hit hard
Average ransomware recovery cost in Asia Pacific and Japan (APJ) has increased from US$1.16 million to US$2.34 million, more than doubling in one year.
'Catastrophic forgetting': What it is, and how to prevent it
AI has been used to combat cyber-threats for years. But there are many related pitfalls — and catastrophic forgetting is a major one.
Ransomware recovery costs more than doubled in past year
"The findings confirm the brutal truth that when it comes to ransomware, it doesn't pay to pay."
A look at the MS Exchange zero-days and how to protect your business
Every organisationusing Microsoft Exchange must patch their on-premise servers immediately and scan their networks for signs of malicious activity.
Why the rise of containers has created a vulnerability crisis
A rise in the use of Kubernetes and Docker services — and increased adoption of DevOps methodologies — have all contributed to the rise in popularity of containers. But as with all emerging technologies, there are risks.
Malicious cryptominer exploits MS Exchange Server vulnerabilities
"We are looking at yet another rapidly compiled, opportunistic and possibly experimental attack."
Cybersecurity budgets still not keeping up with threats — report
Executive teams are failing to recognise the level of damage cyber-threats pose to organisations, according to Sophos — many of them taking a ‘conservative approach’ to cybersecurity expenditure.
Sophos announces collaboration with Qualcomm for PC security
This unification enables a connected, interactive computing environment that combines smartphone and PC technology to deliver security capabilities and opportunities, the company states.
Agent Tesla Trojan can evade endpoint protection, Sophos reports
Agent Tesla originally surfaced in 2014. It is widely available on criminal marketplaces, and continues to evolve.
Sophos unearths origin of prominent cryptominer
The cryptominer was recently discovered when attackers targeted internet-facing database servers (SQL servers), and the MrbMiner was downloaded and installed.
Sophos named a Numbering Authority in CVE programme
The programme, which runs an open data registry of vulnerabilities, enables programme stakeholders to correlate vulnerability information used to protect systems against attacks.
Sophos Rapid Response puts out the ransomware fire
“Attackers are using a range of techniques and whichever defence has a weakness is how they get in. When one technique fails they move on to the next, until they find a weak spot."
Demystifying 'zero trust' and its role in cybersecurity
The principle of ‘zero trust’ in cybersecurity is simple: Trust nothing, and verify everything.
Cybercriminals leverage AI to sustain attacks on enterprises
What is less discussed is how cybercriminals are taking advantage of those very same technologies to automate their attacks, too.
The current state of ransomware — and its future
Discoveries made by analysts at Sophos have unearthed a new development: ransomware code appears to have been shared across ‘families’, and some of the ransomware groups seemed to work in collaboration more than in competition with one another.
Sophos unveils new open AI developments to sharpen defenses against cyberattacks
"While it is common practice to share AI methodologies and findings in other industries, cybersecurity has lagged in this effort."
Experiencing ransomware significantly impacts cybersecurity approach
"The survey findings illustrate clearly the impact of these near-impossible demands. Among other things, those hit by ransomware were found to have severely undermined confidence in their own cyber threat awareness."
Sophos named mobile security Leader in IDC MarketScape
Sophos Intercept X for Mobile has capabilities in protecting Android, iOS and Chrome OS users from known and never before seen mobile threats.
Phishing scam imitates SharePoint & OneNote for nefarious clicks
Sophos researchers say that the attackers take a slightly different approach to the standard ‘fake login’ phishing email.
Sophos deconstructs Dharma, the 'fast food franchise' ransomware
"Dharma is fast-food franchise ransomware: widely and easily available to just about anyone,” says a Sophos threat researcher.