Security News

The Sophos research revealed the extent of the popularity and effectiveness of ransomware groups targeting corporate backups. Only 26% of companies with compromised backups were fully recovered within a week, compared to 46% of those without compromised backups.

Organisations surveyed in the report acknowledge that burnout and fatigue have contributed to lower team productivity, the success of some cyber attacks and employees choosing to seek new roles or leave the industry entirely. Burnout among cyber pros a known problem for years in APAC. Burnout in cybersecurity is a well-known problem.

Citrix and Sophos products have been impacted by leap year flaws, leading to unexpected problems in their products. Leap years solve the synchronization problem caused by the Gregorian calendar measuring a year in 365 days, while the astronomical year is 365.24 days.

EOL Sophos firewalls get hotfix for old but still exploited vulnerabilityOver a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls that was being actively exploited by attackers, and now they have pushed additional ones to protect vulnerable EOL devices. Attackers are trying to exploit Apache Struts vulnerabilityAttackers are trying to leverage public proof-of-exploit exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2.

Over a year has passed since Sophos delivered patches for a vulnerability affecting Sophos Firewalls that was being actively exploited by attackers, and now they have pushed additional ones to protect vulnerable EOL devices. "In December 2023, we delivered an updated fix after identifying new exploit attempts against this same vulnerability in older, unsupported versions of the Sophos Firewall," the company shared on Monday by updating of the original security advisory.

Sophos was forced to backport a security update for CVE-2022-3236 for end-of-life firewall firmware versions after discovering hackers actively exploiting the flaw in attacks. Although the hotfix was automatically rolled out to appliances set to auto-accept security updates by the vendor, by January 2023, over 4,000 internet-exposed appliances remained vulnerable to attacks.

CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability in Sophos Web Appliance that has been patched by the company in April 2023.CVE-2023-1671 is a pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance that allows attackers to execute arbitrary code.

The U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities three security issues that affect Microsoft devices, a Sophos product, and an enterprise solution from Oracle. The KEV catalog contains flaws confirmed to be exploited by hackers in attacks and serves as a repository for vulnerabilities that companies all over should treat with priority.

Cybersecurity vendor Sophos is being impersonated by a new ransomware-as-a-service called SophosEncrypt, with the threat actors using the company name for their operation. Discovered yesterday by MalwareHunterTeam, the ransomware was initially thought to be part of a red team exercise by Sophos.

Ransomware - as readers here know only too well - is one of the biggest cybercrime challenges we collectively face today. That's why Sophos has spent has recently visited cities around the globe to dive deep into the real story behind ransomware.