Security Operations

Practical insights for defenders from the Sophos X‑Ops detection and response specialists

Featured Articles

RSS

July 20, 2023

Bad ad fad leads to IcedID, Gozi infections

Malvertising campaigns using paid ads result in infostealer and backdoor attacks

Security Operations Threat Research

July 10, 2023

Clop At The Top – But For How Long?

Security Operations Threat Research

June 30, 2023

Investigator, API Yourself: Deploying Microsoft Graph on the trail of an attacker

Security Operations Threat Research

June 05, 2023

Update 6: Information on MOVEit Vulnerabilities CVE-2023-34362, CVE-2023-35036, CVE-2023-35708, and CVE-2023-36934

Security Operations Threat Research

May 09, 2023

Akira Ransomware is “bringin’ 1988 back”

Security Operations Threat Research

April 27, 2023

Update 2: Increased exploitation of PaperCut drawing blood around the Internet

Security Operations

March 29, 2023

Update 2: 3CX users under DLL-sideloading attack: What you need to know

Security Operations Threat Research

February 06, 2023

Qakbot mechanizes distribution of malicious OneNote notebooks

Security Operations Threat Research

January 10, 2023

Artificial intelligence now a match for natural ignorance

Security Operations

December 15, 2022

SophosLabs Intelix now integrates with OpenCTI

Security Operations

December 13, 2022

Signed driver malware moves up the software trust chain

Security Operations Threat Research

November 30, 2022

Detection Tools and Human Analysis Lead to a Security Non-Event

Security Operations

Subscribe to get the latest updates in your inbox.

You’re now subscribed!