A lighter Patch Tuesday, but one heavy with remote code execution bugs

August 10, 2022

Microsoft squares away 121-CVE Patch Tuesday for August

Another tough month for Azure admins; meanwhile, Windows takes a long road to a Dogwalk

Threat Research

August 04, 2022

Genesis Brings Polish to Stolen-Credential Marketplaces

Four years on, Genesis Marketplace remains the go-to underground market for easy access to other people’s data

Threat Research

July 20, 2022

Behind the Research: The Making of “OODA: X-Ops Takes on Burgeoning SQL Server Attacks”

Security OperationsThreat Research

July 20, 2022

OODA: X-Ops Takes On Burgeoning SQL Server Attacks

How do the pieces of Sophos X-Ops fit together? A combined effort makes tidy work of a threat actor’s big play

Security OperationsThreat Research

July 20, 2022

Sophos X-Ops FAQ

Threat Research

July 14, 2022

BlackCat ransomware attacks not merely a byproduct of bad luck

Older hardware and outdated operating systems contribute to attacks

Threat Research

July 12, 2022

July Patch Tuesday is Rich in Azure, Windows Issues

Windows-facing issues make up the bulk of the 85 CVEs addressed, with one vulnerability under active exploit in the wild

Threat Research

June 22, 2022

Active Adversary Playbook 2022 Insights: Web Shells

Public proofs-of-concept of web shell exploits coincide with major spikes in attacks.

Threat Research

June 16, 2022

Confluence exploits used to drop ransomware on vulnerable servers

Automated attacks are now widely exploiting the Atlassian vulnerability

Security OperationsThreat Research