security operations – Page 4 – Computer Security Articles

Don’t get Mad, get wise

August 13, 2024 admin anydesk, Featured, Incident Response, mad liberator, malware, security operations, Social engineering, threat research

Credit to Author: Angela Gunn| Date: Tue, 13 Aug 2024 09:59:22 +0000

The “Mad Liberator” ransomware group leverages social-engineering moves to watch out for

Security Sophos

Sophos MDR hunt tracks Mimic ransomware campaign against organizations in India

August 7, 2024 admin Featured, human-led threat hunting, microsoft sql server, mimic ransomware, security operations

Credit to Author: gallagherseanm| Date: Wed, 07 Aug 2024 16:46:31 +0000

STAC6451 threat cluster targets Internet-exposed Microsoft SQL servers for initial access

Security Sophos

Best security practices for ESXi environments

August 7, 2024 admin EDR, esxi, Featured, mdr, remediations, security operations, threat research, virtualization, VMware

Credit to Author: Angela Gunn| Date: Wed, 07 Aug 2024 09:52:08 +0000

Ten recommendations for defenders when natively run EDR isn’t an option

Security Sophos

Unlocking cyber insurance savings to fund MDR

July 24, 2024 admin cyber insurance, mdr, products & services, ransomware, security operations

Credit to Author: Sally Adam| Date: Wed, 24 Jul 2024 09:20:51 +0000

Redirecting risk reduction spend from cyber insurance to MDR services is a win-win, resulting in better protection and lower cost coverage.

Security Sophos

Cysurance announces discounted cyber insurance program for Sophos customers in Australia

July 9, 2024 admin cyber insurance, cysurance, Endpoint, mdr, products & services, ransomware, security operations

Credit to Author: Sally Adam| Date: Tue, 09 Jul 2024 22:25:06 +0000

Expanding our successful partnership from the United States to Australia.

Security Sophos

MITRE Engenuity ATT&CK Evaluations for Managed Services (menuPass + ALPHV BlackCat)

June 18, 2024 admin Endpoint, MITRE, mitre att&ck, products & services, security operations, sophos mdr

Credit to Author: Doug Aamoth| Date: Tue, 18 Jun 2024 13:00:28 +0000

Our view on the latest round of the MITRE Engenuity ATT&CK Evaluations for Managed Services.

Security Sophos

RD Web Access abuse: Fighting back

June 13, 2024 admin active adversary, active adversary report, Featured, Incident Response, RDP, security operations, sophos x-ops, threat research

Credit to Author: Angela Gunn| Date: Wed, 12 Jun 2024 18:59:54 +0000

Investigation insights and recommendations from a recent welter of incident-response cases

Security Sophos

Operation Crimson Palace: A Technical Deep Dive

June 5, 2024 admin security operations, threat research

Credit to Author: gallagherseanm| Date: Wed, 05 Jun 2024 10:00:46 +0000

Sophos Managed Detection and Response initiated a threat hunt across all customers after the detection of abuse of a vulnerable legitimate VMware executable (vmnat.exe) to perform dynamic link library (DLL) side-loading on one customer’s network. In a search for similar incidents in telemetry, MDR ultimately uncovered a complex, persistent cyberespionage campaign targeting a high-profile government […]