The criminals signed their AV-killer malware, closely related to one known as BURNTCIGAR, with a legitimate WHCP certificate Contact us today for more information about SOPHOS cyber security solutions

Continue Reading

A shadowy sub-economy is more than just a curiosity – it’s booming business, and also an opportunity for defenders. In the first of a four-part series, we look at the […]

Continue Reading

A look at how MDR turned a targeted attack into a non-event, in which no high-value credentials are compromised and several dozen employees are not tricked into letting a bad […]

Continue Reading

Reverse-engineering reveals close similarities to BlackMatter ransomware, with some improvements Contact us today for more information about SOPHOS cyber security solutions

Continue Reading

Maturing marketplaces, capabilities-for-hire continue to proliferate professional tools, techniques and practices across the threat spectrum. Contact us today for more information about SOPHOS cyber security solutions

Continue Reading

Still no fix for ProxyNotShell, but two MOTW bypasses get squashed Contact us today for more information about SOPHOS cyber security solutions

Continue Reading

A threat actor’s repeated use of DLL-hijack execution flow makes for interesting attack results, including omnivorous file ingestion; we break down five cases and find commonalities Contact us today for […]

Continue Reading

Let us be frank: The same old warnings to users aren’t cutting it, and it’s the technologists’ fault. Chester Wisniewski lays out a wiser way. Contact us today for more […]

Continue Reading

Following Microsoft’s announcement that macros from the internet will be disabled by default, threat actors are using alternative file types for malware delivery. This shift brings both challenges and opportunities […]

Continue Reading

A fresh exploration of the malware uncovers a new tactic for bypassing security products by abusing a known driver vulnerability Contact us today for more information about SOPHOS cyber security […]

Continue Reading

When Russia invaded Ukraine on February 24th 2022, none of us knew what role cyberattacks might play in a full-scale invasion. Russia had been conducting cyberattacks against Ukraine since it […]

Continue Reading

There are fewer bugs in September’s update than in previous months, with RCE vulns making up the bulk of the addressed CVEs Contact us today for more information about SOPHOS […]

Continue Reading

As organizations move to cloud services and multifactor authentication, cookies tied to identity and authentication give attackers a new path to compromise. Contact us today for more information about SOPHOS […]

Continue Reading

After gaining access via RDP, all three threat actors encrypted files, in an investigation complicated by event log clearing and backups. 3 attackers, 2 weeks – 1 entry point. Contact […]

Continue Reading

Sophos’ latest Active Adversary report explores the issue of organizations being hit multiple times by attackers Contact us today for more information about SOPHOS cyber security solutions

Continue Reading

Six presentations in Las Vegas this week cover multiple cybersecurity applications of machine learning Contact us today for more information about SOPHOS cyber security solutions

Continue Reading