Attackers leverage QR codes in PDF email attachments to spearphish corporate credentials from mobile devices Contact us today for more information about SOPHOS cyber security solutions
Continue Reading-
Crimson Palace returns: New Tools, Tactics, and Targets
Chinese cyberespionage campaign renews efforts in multiple organizations in Southeast Asia, blending tactics and expanding efforts Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Atomic macOS Stealer leads sensitive data theft on macOS
Sophos X-Ops explores the distribution and capabilities of the Atomic macOS Stealer (AMOS) Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Content updates and product architecture: Sophos Endpoint
Sophos X-Ops takes a look at the content updates in Intercept X, and how we validate and release them Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Turning the screws: The pressure tactics of ransomware gangs
Sophos X-Ops examines the increasingly aggressive tactics ransomware gangs use to coerce their targets Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Driving lessons: The kernel drivers in Sophos Intercept X Advanced
Operating in kernel-space is necessary, but risky – here’s how we do it in Sophos Intercept X Advanced Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
July Patch Tuesday Unleashes a Torrent of Updates
Microsoft fixes 138 bugs in Windows and other products this month Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Phishing, BEC attackers target candidates in local election, among others
An escalating series of email-borne attacks were sent to candidates, including the author Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
RD Web Access abuse: Fighting back
Investigation insights and recommendations from a recent welter of incident-response cases Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
June Patch Tuesday squares up with 49 patches
Just one critical-severity issue addressed, but don’t sleep on an industry-wide DNS issue Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
‘Junk gun’ ransomware: Peashooters can still pack a punch
A Sophos X-Ops investigation finds that a wave of crude, cheap ransomware could spell trouble for small businesses and individuals – but also provide insights into threat actor career development […]
Continue Reading -
Smoke and (screen) mirrors: A strange signed backdoor
Sophos X-Ops discovers a curious backdoored (and signed) executable, masquerading as something else entirely Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Remote Desktop Protocol: The Series
What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground it when it goes wrong? An Active Adversary […]
Continue Reading -
Remote Desktop Protocol: Exposed RDP (is dangerous)
Is it really that risky to expose an RDP port to the internet? What if you change the default port? What if it’s just for a little while? The data […]
Continue Reading -
Remote Desktop Protocol: How to Use Time Zone Bias
Where in the world is your attacker? Presenting a less-known but useful event to look for in your logs Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Remote Desktop Protocol: Queries for Investigation
How can defenders begin to make sense of RDP issues on their networks? We present three powerful tools for investigators’ toolkits Contact us today for more information about SOPHOS cyber […]
Continue Reading
You must be logged in to post a comment.