Most dual ransomware attacks occur within 48 hours
Since July 2023, the Federal Bureau of Investigation (FBI) has noticed a new trend: dual ransomware attacks on the same victim, occurring in close proximity of one another. …
Cybercriminals use research contests to create new attack methods
Adversary-sponsored research contests on cybercriminal forums focus on new methods of attack and evasion, according to Sophos. The contests mirror legitimate security …
Ransomware group exploits Citrix NetScaler systems for initial access
A known threat actor specializing in ransomware attacks is believed to be behind a recent campaign that targeted unpatched internet-facing Citrix NetScaler systems to serve as …
Ransomware dwell time hits new low
Median attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks …
Black Hat USA 2023 video walkthrough
Help Net Security is in Las Vegas this week for Black Hat USA 2023, and this video provides a closer look at the event. The exhibitors featured in this video are: 1Password, …
Photos: Black Hat USA 2023
Black Hat USA 2023 returned to the Mandalay Bay Convention Center in Las Vegas and Help Net Security was on-site. The conference featured over 100 selected Briefings, …
Recent ransomware attacks share curiously similar tactics
A series of ransomware attacks made by different groups share curiously similar characteristics, according to Sophos. Sophos released new findings into the connections between …
Sophos X-Ops showcases MDR and threat intelligence at Black Hat and DEF CON
Sophos has announced that Sophos X-Ops will lead three presentations at Black Hat and DEF CON, taking place this week in Las Vegas. Speaker presentations from Sophos Managed …
7 fake cryptocurrency investment apps discovered in Google Play, Apple App Store
Sophos released new findings on CryptoRom scams—a subset of pig butchering schemes designed to trick users of dating apps into making fake cryptocurrency investments. Since …
Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)
For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an …
Refined methodologies of ransomware attacks
Adversaries were able to encrypt data in 76% of the ransomware attacks that were conducted against surveyed organizations, according to Sophos. The survey also shows that when …
Sophos’ MDR service customer base grows 33% in first 6 months since launching new capabilities
At RSA Conference 2023, Sophos announced that its vendor-agnostic Managed Detection and Response (MDR) service has grown its customer base by 33% in the first six months since …