security operations – Computer Security Articles

Security Sophos

Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”

November 20, 2024 admin 0 Comments atera, legitimate service abuse, muddywater, phishing, RMM, security operations, stac 1171, ta450, threat research

Credit to Author: gallagherseanm| Date: Wed, 20 Nov 2024 17:12:12 +0000

Sophos MDR has observed a new campaign that uses targeted phishing to entice the target to download a legitimate remote machine management tool to dump credentials. We believe with moderate confidence that this activity, which we track as STAC 1171, is related to an Iranian threat actor commonly referred to as MuddyWater or TA450. Earlier […]

Security Sophos

VEEAM exploit seen used again with a new ransomware: “Frag”

November 8, 2024 admin crypto-ransomware, junk gun, security operations, threat research, veeam, VPNs

Credit to Author: gallagherseanm| Date: Fri, 08 Nov 2024 17:10:12 +0000

Last month, Sophos X-Ops reported several MDR cases where threat actors exploited a vulnerability in Veeam backup servers. We continue to track the activities of this threat cluster, which recently included deployment of a new ransomware. The vulnerability, CVE-2024-40711, was used as part of a threat activity cluster we named STAC 5881. Attacks leveraged compromised […]

Security Sophos

Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign

November 6, 2024 admin gootloader, JavaScript, loader, search engine poisoning, security operations, seo poisoning, threat research

Credit to Author: gallagherseanm| Date: Wed, 06 Nov 2024 11:30:41 +0000

The Internet is full of cats—and in this case, malware-delivering fake cat websites used for very targeted search engine optimization.

Security Sophos

Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats

October 31, 2024 admin chinese apt, chinese spying, Featured, pacific rim story, security operations, sophos firewall, state-sponsored attackers

Credit to Author: Ross McKerchar| Date: Thu, 31 Oct 2024 12:56:23 +0000

Sophos X-Ops unveils five-year investigation tracking China-based groups targeting perimeter devices

Security Sophos

From the frontlines: Our CISO’s view of Pacific Rim

October 31, 2024 admin pacific rim, pacific rim thought leadership, security operations, sophos x-ops

Credit to Author: Ross McKerchar| Date: Thu, 31 Oct 2024 12:41:21 +0000

On beyond “Detect and Respond” and “Secure by Design”

Security Sophos

Pacific Rim: What’s it to you?

October 31, 2024 admin pacific rim, pacific rim thought leadership, security operations, sophos x-ops

Credit to Author: Chester Wisniewski| Date: Thu, 31 Oct 2024 12:38:52 +0000

Thirty-five years after the first great cat-and-mouse infosecurity story, here we are again

Security Sophos

Pacific Rim: Learning to eat soup with a knife

October 31, 2024 admin pacific rim, pacific rim defense, psirt, security operations, sophos x-ops

Credit to Author: Ross McKerchar| Date: Thu, 31 Oct 2024 12:36:53 +0000

What our incident responders know from five years of fighting an octopus

Security Sophos

Digital Detritus: The engine of Pacific Rim and a call to the industry for action

October 31, 2024 admin digital detritus, Featured, pacific rim, pacific rim thought leadership, security operations, sophos x-ops

Credit to Author: Joe Levy| Date: Thu, 31 Oct 2024 12:34:51 +0000

Decades of obsolete and unpatched hardware and software endanger us all

← Previous