October 31, 2024 Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats Sophos X-Ops unveils five-year investigation tracking China-based groups targeting perimeter devices Security Operations
October 31, 2024 Digital Detritus: The engine of Pacific Rim and a call to the industry for action Decades of obsolete and unpatched hardware and software endanger us all Security Operations
October 31, 2024 Pacific Rim timeline: Information for defenders from a braid of interlocking attack campaigns Sophos X-Ops unveils five-year investigation tracking China-based groups targeting perimeter devices Security Operations
November 06, 2024 Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign The Internet is full of cats—and in this case, malware-delivering fake cat websites used for very targeted search engine optimization. Security OperationsThreat Research
October 31, 2024 From the frontlines: Our CISO’s view of Pacific Rim On beyond “Detect and Respond” and “Secure by Design” Security Operations
October 31, 2024 Pacific Rim: What’s it to you? Thirty-five years after the first great cat-and-mouse infosecurity story, here we are again Security Operations
October 31, 2024 Pacific Rim: Learning to eat soup with a knife What our incident responders know from five years of fighting an octopus Security Operations
September 10, 2024 Crimson Palace returns: New Tools, Tactics, and Targets Chinese cyberespionage campaign renews efforts in multiple organizations in Southeast Asia, blending tactics and expanding efforts Security OperationsThreat Research
August 22, 2024 Qilin ransomware caught stealing credentials stored in Google Chrome Familiar ransomware develops an appetite for passwords to third-party sites Security OperationsThreat Research
August 13, 2024 Don’t get Mad, get wise The “Mad Liberator” ransomware group leverages social-engineering moves to watch out for Security OperationsThreat Research
August 07, 2024 Sophos MDR hunt tracks Mimic ransomware campaign against organizations in India STAC6451 threat cluster targets Internet-exposed Microsoft SQL servers for initial access Security Operations
August 07, 2024 Best security practices for ESXi environments Ten recommendations for defenders when natively run EDR isn’t an option Security OperationsThreat Research