Sophos

Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate

April 18, 2024

Since June 2023, Sophos X-Ops has discovered 19 junk gun ransomware variants — cheap, independently produced, and crudely constructed — on the dark web. The developers of …

Microsoft patches two actively exploited zero-days (CVE-2024-29988, CVE-2024-26234)

April 9, 2024

On this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Microsoft hasn’t marked …

Keyloggers, spyware, and stealers dominate SMB malware detections

March 13, 2024

In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. Attackers …

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)

February 26, 2024

The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of …

Unveiling the true cost of healthcare cybersecurity incidents

December 28, 2023

As healthcare organizations increasingly rely on interconnected systems, electronic health records, and telemedicine, the industry becomes a prime target for malicious actors …

Ransomware trends and recovery strategies companies should know

December 19, 2023

Ransomware attacks can have severe consequences, causing financial losses, reputational damage, and operational disruptions. The methods used to deliver ransomware vary, …

EOL Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236)

December 13, 2023

Over a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls (CVE-2022-3236) that was being actively exploited by attackers, and now …

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)

November 20, 2023

CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been …

Telemetry gaps leave networks vulnerable as attackers move faster

November 16, 2023

Telemetry logs are missing in nearly 42% of the attack cases studied, according to Sophos. In 82% of these cases, cybercriminals disabled or wiped out the telemetry to hide …

10 corporate cybersecurity blogs worth your time

November 14, 2023

In this article, we’ve curated a list of insightful corporate cybersecurity blogs that provide analysis and actionable advice to help you keep your company’s …

Healthcare’s road to redefining cybersecurity with modern solutions

November 3, 2023

The rate of data encryption following a ransomware attack in healthcare was the highest in the last three years, according to Sophos. Ransomware attacks continue to grow in …

Most dual ransomware attacks occur within 48 hours

October 2, 2023

Since July 2023, the Federal Bureau of Investigation (FBI) has noticed a new trend: dual ransomware attacks on the same victim, occurring in close proximity of one another. …