Attackers are logging in instead of breaking in
Cyberattackers leveraged more than 500 unique tools and tactics in 2022, according to Sophos. The data, analyzed from more than 150 Sophos Incident Response (IR) cases, …
Cyberthreats take a toll on IT teams’ work on other projects
93% of organizations find the execution of some essential security operation tasks, such as threat hunting, challenging, according to Sophos. IT professionals face challenging …
3CX customers targeted via trojanized desktop app
Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began …
Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529)
Apple has released security updates for – pardon the pop-culture reference – everyhing everywhere all at once, and has fixed the WebKit vulnerability …
How ChatGPT is changing the cybersecurity game
The cybersecurity industry can leverage GPT-3 potential as a co-pilot to help defeat attackers, according to Sophos. The latest report details projects developed by Sophos …
Sophos improves cyberthreat defenses with endpoint security advancements
Sophos introduced innovative advancements to its portfolio of endpoint security offerings. New adaptive active adversary protection; Linux malware protection enhancements; …
CISA releases ESXiArgs ransomware recovery script
According to the latest data, the number of ESXiArgs ransomware victims has surpassed 3,800, and CISA has published a recovery script for victim organizations. Fixing the mess …
Microsoft fixes exploited zero-day, revokes certificate used to sign malicious drivers (CVE-2022-44698)
It’s December 2022 Patch Tuesday, and Microsoft has delivered fixes for 50+ vulnerabilities, including a Windows SmartScreen bypass flaw (CVE-2022-44698) exploited by …
Cybercriminals are scamming each other, tipping off law enforcement
Cybercriminals are scamming each other out of millions of dollars and use arbitration to settle disputes about the scams, according to Sophos. For this report, Sophos experts …
Sophos introduces new threat detection and response capabilities within its MDR offering
Sophos has released Sophos Managed Detection and Response (MDR) with new threat detection and response capabilities. Sophos is the endpoint security provider to integrate …
Sophos expands its MDR offering to include compatibility with third-party cybersecurity products
Sophos has launched new third-party security technology compatibilities with Sophos Managed Detection and Response (MDR) to better detect and remediate attacks across diverse …
Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)
A freshly fixed vulnerability (CVE-2022-42889) in the Apache Commons Text library has been getting attention from security researchers these last few days, worrying it could …