One actively exploited issue patched; five Critical-severity Office vulns exploitable via Preview Pane Contact us today for more information about SOPHOS cyber security solutions
Continue Reading-
It takes two: The 2025 Sophos Active Adversary Report
The dawn of our fifth year deepens our understanding of the enemies at the gate, and some tensions inside it; plus, an anniversary gift from us to you Contact us […]
Continue Reading -
Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream
Attack matches three-year long pattern of ScreenConnect attacks tracked by Sophos MDR as STAC4365. Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Stealing user credentials with evilginx
A malevolent mutation of the widely used nginx web server facilitates Adversary-in-the-Middle action, but there’s hope Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
PJobRAT makes a comeback, takes another crack at chat apps
Sophos X-Ops uncovers a recent campaign from an Android RAT first seen in 2019 – now infecting users in Taiwan Contact us today for more information about SOPHOS cyber security […]
Continue Reading -
The future of MFA is clear – but is it here yet?
Not all authentication is equal to the task in 2025, but there is a best choice within reach Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Little fires everywhere for March Patch Tuesday
Just 57 CVEs to contend with (plus advisories), but six are already under exploit in the wild Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
February Patch Tuesday delivers 57 packages
After January’s deluge, a calmer update volume returns Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Scalable Vector Graphics files pose a novel phishing threat
The SVG file format can harbor malicious HTML, scripts, and malware Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Update: Cybercriminals still not fully on board the AI train (yet)
A year after our initial research on threat actors’ attitudes to generative AI, we revisit some underground forums and find that many cybercriminals are still skeptical – although there has […]
Continue Reading -
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”
Sophos MDR identifies a new threat cluster riffing on the playbook of Storm-1811, and amped-up activity from the original connected to Black Basta ransomware. Contact us today for more information […]
Continue Reading -
Gootloader inside out
Open-source intelligence reveals the server-side code of this pernicious SEO-driven malware – without needing a lawyer afterward Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
159-CVE January Patch Tuesday smashes single-month record
Brace yourselves… and consider reading your email in plaintext for now Contact us today for more information about SOPHOS cyber security solutions
Continue Reading -
Prioritizing patching: A deep dive into frameworks and tools – Part 2: Alternative frameworks
In the second of a two-part series on tools and frameworks designed to help with remediation prioritization, we explore some alternatives to CVSS Contact us today for more information about […]
Continue Reading -
Prioritizing patching: A deep dive into frameworks and tools – Part 1: CVSS
In the first of a two-part series exploring tools and frameworks which can help organizations with remediation prioritization, Sophos X-Ops takes a look at the Common Vulnerability Scoring System (CVSS) […]
Continue Reading -
Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces
A sudden disruption of a major phishing-as-a-service provider leads to the rise of another…that looks very familiar Contact us today for more information about SOPHOS cyber security solutions
Continue Reading
You must be logged in to post a comment.