Security News

The thought of ransomware gripping the corporate systems we manage is enough to give any of us sleepless nights. The thought of a ransomware attack crippling the healthcare infrastructure all of us rely on is terrifying.

Sophos' Rapid Response team had, among other things, the new Sophos XDR solution at their disposal - an industry-first extended detection and response solution that synchronizes native endpoint, server, firewall, and email security. Sophos XDR gathers relevant sensory information from the organization's entire IT environment and security ecosystem and allows threat hunters to view the complete picture and detect and inspect clues that may otherwise go unnoticed.

British infosec biz Sophos reckons just under half of malware traffic it saw in the wild during the opening three months of 2021 alone was using Transport Layer Security to encrypt both its command-and-control traffic and data exfiltration. He was open about this only being traffic observed by Sophos, meaning the true worldwide figure for TLS-encrypted malware traffic could differ.

Dr Jason R.C. Nurse is an Associate Professor in Cyber Security at the University of Kent, and a Visiting Academic at the University of Oxford. As part of the Sophos Evolve 2020 event, Jason joined Doug Aamoth, Sophos product marketing director, and Sara Eberle, senior director of public relations, to talk about his work.

Keren Elazari is a cybersecurity analyst and senior researcher at the Tel Aviv University Interdisciplinary Cyber Research Center. At the recent Sophos Evolve Cybersecurity summit, Keren delivered an urgent dissection of cybersecurity in the age of COVID-19.

An Iran-based software company is likely behind a recently identified crypto-jacking campaign targeting SQL servers, according to a report by British anti-malware vendor Sophos. The attacks result in the MrbMiner crypto-miner being installed onto the target servers, with the software apparently created, controlled, and hosted by a named Iranian company.

Sophos and ReversingLabs on Monday announced SoReL-20M, a database of 20 million Windows Portable Executable files, including 10 million malware samples. Aimed at driving security improvements across the industry, the database provides metadata, labels, and features for the files within, and enables interested parties to download the available malware samples for further research.

Sophos has deployed a hotfix for their line of Cyberoam firewalls and routers to fix a SQL injection vulnerability. Today, Sophos disclosed that a SQL injection vulnerability was fixed in the Cyberoam operating system that could remotely add accounts to a CROS device.

British cybersecurity and hardware company Sophos has emailed a small group of customers to alert them that their personal information was exposed following a security breach discovered on Tuesday. "On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support," the company said in the notification email.

"We know what you're thinking:"Another year; another vendor; another threat report. We've combined research from a number of threat prevention groups inside Sophos, including SophosLabs, Sophos Managed Threat Response, Sophos Rapid Response, Sophos AI, and our Cloud Security team, to deliver a comprehensive review of the security landscape.