Security News

There's a lesson here for us all: A third of healthcare orgs in Sophos survey 'hit with ransomware in 2020'
2021-06-01 18:00

The thought of ransomware gripping the corporate systems we manage is enough to give any of us sleepless nights. The thought of a ransomware attack crippling the healthcare infrastructure all of us rely on is terrifying.

Sophos XDR: Threat hunting through the entire security ecosystem
2021-05-13 06:48

Sophos' Rapid Response team had, among other things, the new Sophos XDR solution at their disposal - an industry-first extended detection and response solution that synchronizes native endpoint, server, firewall, and email security. Sophos XDR gathers relevant sensory information from the organization's entire IT environment and security ecosystem and allows threat hunters to view the complete picture and detect and inspect clues that may otherwise go unnoticed.

Half of Q1's malware traffic observed by Sophos was TLS encrypted, hiding inside legit requests to legit services
2021-04-21 13:32

British infosec biz Sophos reckons just under half of malware traffic it saw in the wild during the opening three months of 2021 alone was using Transport Layer Security to encrypt both its command-and-control traffic and data exfiltration. He was open about this only being traffic observed by Sophos, meaning the true worldwide figure for TLS-encrypted malware traffic could differ.

What should you say if you have a data breach? Catch up with Jason Nurse at Sophos Evolve
2021-02-03 19:18

Dr Jason R.C. Nurse is an Associate Professor in Cyber Security at the University of Kent, and a Visiting Academic at the University of Oxford. As part of the Sophos Evolve 2020 event, Jason joined Doug Aamoth, Sophos product marketing director, and Sara Eberle, senior director of public relations, to talk about his work.

Ready to take the red pill? Catch up with Keren Elazari at Sophos Evolve
2021-01-26 12:19

Keren Elazari is a cybersecurity analyst and senior researcher at the Tel Aviv University Interdisciplinary Cyber Research Center. At the recent Sophos Evolve Cybersecurity summit, Keren delivered an urgent dissection of cybersecurity in the age of COVID-19.

Sophos: Crypto-Jacking Campaign Linked to Iranian Company
2021-01-22 14:56

An Iran-based software company is likely behind a recently identified crypto-jacking campaign targeting SQL servers, according to a report by British anti-malware vendor Sophos. The attacks result in the MrbMiner crypto-miner being installed onto the target servers, with the software apparently created, controlled, and hosted by a named Iranian company.

Sophos, ReversingLabs Release 20 Million Sample Dataset for Malware Research
2020-12-14 15:33

Sophos and ReversingLabs on Monday announced SoReL-20M, a database of 20 million Windows Portable Executable files, including 10 million malware samples. Aimed at driving security improvements across the industry, the database provides metadata, labels, and features for the files within, and enables interested parties to download the available malware samples for further research.

Sophos fixes SQL injection vulnerability in their Cyberoam OS
2020-12-10 16:17

Sophos has deployed a hotfix for their line of Cyberoam firewalls and routers to fix a SQL injection vulnerability. Today, Sophos disclosed that a SQL injection vulnerability was fixed in the Cyberoam operating system that could remotely add accounts to a CROS device.

Sophos alerts customers of info exposure after security breach
2020-11-26 08:12

British cybersecurity and hardware company Sophos has emailed a small group of customers to alert them that their personal information was exposed following a security breach discovered on Tuesday. "On November 24, 2020, Sophos was advised of an access permission issue in a tool used to store information on customers who have contacted Sophos Support," the company said in the notification email.

Sophos 2021 Threat Report: Navigating cybersecurity in an uncertain world
2020-11-18 14:00

"We know what you're thinking:"Another year; another vendor; another threat report. We've combined research from a number of threat prevention groups inside Sophos, including SophosLabs, Sophos Managed Threat Response, Sophos Rapid Response, Sophos AI, and our Cloud Security team, to deliver a comprehensive review of the security landscape.