security operations – Page 5 – Computer Security Articles

Extracting data from encrypted virtual disks: six methods

May 13, 2024 admin data extraction, dfir, encryption, Featured, Incident Response, mdr, ransomware, security operations, threat research, virtual machine

Credit to Author: Angela Gunn| Date: Mon, 13 May 2024 08:30:24 +0000

For incident responders, a variety of techniques for information retrieval from locked-up VMs

Security Sophos

Sophos named a Leader in the 2024 IDC MarketScape for Worldwide Managed Detection and Response (MDR)

April 30, 2024 admin Featured, IDC, mdr, products & services, security operations

Credit to Author: Doug Aamoth| Date: Tue, 30 Apr 2024 16:28:37 +0000

The IDC MarketScape evaluates the capabilities and business strategies of managed detection and response service providers worldwide.

Security Sophos

The State of Ransomware 2024

April 30, 2024 admin backups, Endpoint, Featured, products & services, ransomware, research, security operations, vulnerabilities

Credit to Author: Sally Adam| Date: Tue, 30 Apr 2024 10:30:03 +0000

Our fifth annual report reveals how ransomware experiences have changed over the last year, plus brand-new insights into the business impact of an attack.

Security Sophos

Malware campaign attempts abuse of defender binaries

April 26, 2024 admin binaries, Featured, impersonation, security operations, threat research

Credit to Author: Gabor Szappanos| Date: Fri, 26 Apr 2024 16:26:02 +0000

Command-and-control wares try to sneak onto systems disguised as various vendors; payloads vary, but Sophos customers are protected

Security Sophos

Introducing Sophos Managed Risk, Powered by Tenable

April 15, 2024 admin Featured, managed risk, mdr, products & services, security operations

Credit to Author: Doug Aamoth| Date: Wed, 03 Apr 2024 12:30:51 +0000

Sophos Managed Risk combines vulnerability management technology from Tenable with Sophos’ threat expertise as a fully managed service.

Security Sophos

Remote Desktop Protocol: The Series

March 20, 2024 admin active adversary, Featured, Incident Response, incident response tools, mdr, RDP, security operations, sophos x-ops, threat research

Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:18:21 +0000

What is RDP, why is it a very nearly ubiquitous finding in incident response, and how can investigators run it to ground it when it goes wrong? An Active Adversary Special Report

Security Sophos

Remote Desktop Protocol: Exposed RDP (is dangerous)

March 20, 2024 admin Incident Response, incident response tools, mdr, RDP, security operations, sophos x-ops

Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:16:34 +0000

Is it really that risky to expose an RDP port to the internet? What if you change the default port? What if it’s just for a little while? The data answers, loud and clear

Security Sophos

Remote Desktop Protocol: Queries for Investigation

March 20, 2024 admin Incident Response, incident response tools, mdr, RDP, security operations, sophos x-ops

Credit to Author: Angela Gunn| Date: Wed, 20 Mar 2024 16:15:12 +0000

How can defenders begin to make sense of RDP issues on their networks? We present three powerful tools for investigators’ toolkits