Security Operations

Practical insights for defenders from the Sophos X‑Ops detection and response specialists

Featured Articles

RSS

May 09, 2025

Lumma Stealer, coming and going

The high-profile information stealer switches up its TTPs, but keeps the CAPTCHA tactic; we take a deep dive

Security Operations Threat Research

May 08, 2025

NICKEL TAPESTRY expands fraudulent worker operations

Security Operations Threat Research

April 17, 2025

Moving CVEs past one-nation control

Security Operations Threat Research

April 16, 2025

Sophos Annual Threat Report appendix: Most frequently encountered malware and abused software

Security Operations Threat Research

April 16, 2025

The Sophos Annual Threat Report: Cybercrime on Main Street 2025

Security Operations Threat Research

April 02, 2025

It takes two: The 2025 Sophos Active Adversary Report

Security Operations Threat Research

April 01, 2025

Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream

Security Operations Threat Research

March 28, 2025

Stealing user credentials with evilginx

Security Operations Threat Research

January 21, 2025

Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”

Security Operations Threat Research

December 19, 2024

Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces

Security Operations Threat Research

December 12, 2024

The Bite from Inside: The Sophos Active Adversary Report

Security Operations Threat Research

December 11, 2024

Sophos excels in the 2024 MITRE ATT&CK® Evaluations: Enterprise

Products & Services Security Operations

Subscribe to get the latest updates in your inbox.