
Ransomware dwell time hits new low
Median attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks …

Black Hat USA 2023 video walkthrough
Help Net Security is in Las Vegas this week for Black Hat USA 2023, and this video provides a closer look at the event. The exhibitors featured in this video are: 1Password, …

Photos: Black Hat USA 2023
Black Hat USA 2023 returned to the Mandalay Bay Convention Center in Las Vegas and Help Net Security was on-site. The conference featured over 100 selected Briefings, …

Recent ransomware attacks share curiously similar tactics
A series of ransomware attacks made by different groups share curiously similar characteristics, according to Sophos. Sophos released new findings into the connections between …

Sophos X-Ops showcases MDR and threat intelligence at Black Hat and DEF CON
Sophos has announced that Sophos X-Ops will lead three presentations at Black Hat and DEF CON, taking place this week in Las Vegas. Speaker presentations from Sophos Managed …

7 fake cryptocurrency investment apps discovered in Google Play, Apple App Store
Sophos released new findings on CryptoRom scams—a subset of pig butchering schemes designed to trick users of dating apps into making fake cryptocurrency investments. Since …

Microsoft patches four exploited zero-days, but lags with fixes for a fifth (CVE-2023-36884)
For July 2023 Patch Tuesday, Microsoft has delivered 130 patches; among them are four for vulnerabilites actively exploited by attackers, but no patch for CVE-2023-36884, an …

Refined methodologies of ransomware attacks
Adversaries were able to encrypt data in 76% of the ransomware attacks that were conducted against surveyed organizations, according to Sophos. The survey also shows that when …

Sophos’ MDR service customer base grows 33% in first 6 months since launching new capabilities
At RSA Conference 2023, Sophos announced that its vendor-agnostic Managed Detection and Response (MDR) service has grown its customer base by 33% in the first six months since …

Attackers are logging in instead of breaking in
Cyberattackers leveraged more than 500 unique tools and tactics in 2022, according to Sophos. The data, analyzed from more than 150 Sophos Incident Response (IR) cases, …

Cyberthreats take a toll on IT teams’ work on other projects
93% of organizations find the execution of some essential security operation tasks, such as threat hunting, challenging, according to Sophos. IT professionals face challenging …

3CX customers targeted via trojanized desktop app
Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began …
Featured news
Resources
Don't miss
- Google patches actively exploited Chrome (CVE‑2025‑6554)
- Federal Reserve System CISO on aligning cyber risk management with transparency, trust
- How cybercriminals are weaponizing AI and what CISOs should do about it
- How analyzing 700,000 security incidents helped our understanding of Living Off the Land tactics
- CitrixBleed 2 might be actively exploited (CVE-2025-5777)