Sophos – Computer Security Articles

Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”

November 20, 2024 admin 0 Comments atera, legitimate service abuse, muddywater, phishing, RMM, security operations, stac 1171, ta450, threat research

Credit to Author: gallagherseanm| Date: Wed, 20 Nov 2024 17:12:12 +0000

Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management tool to dump credentials. We believe with moderate confidence that this activity, which we track as STAC 1171, is related to an Iranian threat actor commonly referred to as MuddyWater or TA450. Earlier […]

Security Sophos

Cybercrime-Trend im Aufwind: Phishing mit QR-Codes

November 18, 2024 admin 0 Comments Featured, phishing, threat research

Credit to Author: Jörg Schindler| Date: Thu, 07 Nov 2024 12:30:42 +0000

In Anlehnung an Albert Einstein ließe sich wohl sagen, dass der kriminelle Einfallsreichtum der Menschen unendlich ist. Der neueste Trend Quishing beweist jedenfalls einmal wieder, dass die Cyberkriminellen keine Möglichkeit auslassen. Die Experten von Sophos X-Ops haben sich den neuesten Hype der Infiltration über QR-Codes genauer angesehen. Wenn Cyberkriminelle ihre Phishing-Methoden mit eigentlich ganz harmlosen […]

Security Sophos

„Pacific Rim“-Report: Sophos deckt riesiges, gegnerisches Angriffs-Ökosystem auf

November 18, 2024 admin 0 Comments Featured, threat research

Credit to Author: Jörg Schindler| Date: Thu, 31 Oct 2024 13:20:36 +0000

Sophos hat heute den Report „Pacific Rim“ veröffentlicht, der detailliert ein jahrelanges Katz-und-Maus-Spiel aus Angriffs- und Verteidigungsoperationen mit mehreren staatlich unterstützten Cybercrime-Gruppierungen aus China beschreibt. Im Fokus der Attacken standen dabei Cybersicherheits-Perimetergeräte, darunter Sophos Firewalls. Die Angreifer nutzten eine Reihe von Kampagnen mit neuartigen Exploits und maßgeschneiderter Malware, um Tools zur Durchführung von Überwachung, Sabotage […]

Security Sophos

November Patch Tuesday loads up everyone’s plate

November 13, 2024 admin Featured, microsoft defender, microsoft windows, Patch Tuesday, threat research

Credit to Author: Angela Gunn| Date: Wed, 13 Nov 2024 16:32:38 +0000

Fourteen product families affected as 2024 passes an unfortunate milestone

Security Sophos

VEEAM exploit seen used again with a new ransomware: “Frag”

November 8, 2024 admin crypto-ransomware, junk gun, security operations, threat research, veeam, VPNs

Credit to Author: gallagherseanm| Date: Fri, 08 Nov 2024 17:10:12 +0000

Last month, Sophos X-Ops reported several MDR cases where threat actors exploited a vulnerability in Veeam backup servers. We continue to track the activities of this threat cluster, which recently included deployment of a new ransomware. The vulnerability, CVE-2024-40711, was used as part of a threat activity cluster we named STAC 5881. Attacks leveraged compromised […]

Security Sophos