
Exploiting stolen session cookies to bypass multi-factor authentication (MFA)
Active adversaries are increasingly exploiting stolen session cookies to bypass multi-factor authentication (MFA) and gain access to corporate resources, according to Sophos. …

Photos: Black Hat USA 2022
Here’s a photo gallery that provides a look inside Black Hat USA 2022. For our complete coverage of the conference, live from Las Vegas, check out our microsite. Bayside …

Black Hat USA 2022 video walkthrough
In this Help Net Security video, we take you inside Black Hat USA 2022 at the Mandalay Bay Convention Center in Las Vegas. The video features the following vendors: Abnormal …

Sophos announces eight presentations at Black Hat USA 2022, BSides Las Vegas and DEF CON 30
Sophos announced that SophosAI and Sophos Managed Detection and Response (MDR) will lead eight presentations at Black Hat USA 2022, BSides Las Vegas and DEF CON 30, taking …

Three ransomware gangs consecutively attacked the same network
Hive, LockBit and BlackCat, three prominent ransomware gangs, consecutively attacked the same network, according to Sophos. The first two attacks took place within two hours, …

Automotive hose manufacturer hit by ransomware, shuts down production control system
A US subsidiary of Nichirin Co., a Japan-based company manufacturing and selling automotive hoses and hose parts, has been hit with ransomware, which resulted in the shut down …

Healthcare is most likely to pay the ransom
Sophos has published a sectoral survey report which reveals a 94% increase in ransomware attacks on the organizations surveyed in the healthcare sector. In 2021, 66% of …

Intruder dwell time jumps 36%
Sophos released the Active Adversary Playbook 2022, detailing attacker behaviors that Sophos’ Rapid Response team saw in the wild in 2021. The findings show a 36% increase in …

Attackers aren’t slowing down, here’s what researchers are seeing
In this Help Net Security interview, John Shier, Senior Security Advisor at Sophos, talks about the main findings of two Sophos reports: the 2022 Active Adversary Report and …

Ransomware is up and victims are paying
Sophos released a survey and review of real-world ransomware experiences in a report which shows that 66% of organizations surveyed were hit with ransomware in 2021, up from …

Log4Shell exploitation: Which applications may be targeted next?
Spring4Shell (CVE-2022-22965) has dominated the information security news these last six days, but Log4Shell (CVE-2021-44228) continues to demand attention and action from …

Attackers are exploiting recently patched RCE in Sophos Firewall (CVE-2022-1040)
A critical vulnerability (CVE-2022-1040) in Sophos Firewall is being exploited in the wild to target “a small set of specific organizations primarily in the South Asia …
Featured news
Resources
Don't miss
- Apple offers $2 million for zero-click exploit chains
- Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)
- October 2025 Patch Tuesday forecast: The end of a decade with Microsoft
- From theory to training: Lessons in making NICE usable
- Securing agentic AI with intent-based permissions