Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse

August 18, 2022

Cookie stealing: the new perimeter bypass

As organizations move to cloud services and multifactor authentication, cookies tied to identity and authentication give attackers a new path to compromise.

Threat Research

August 10, 2022

Microsoft squares away 121-CVE Patch Tuesday for August

Another tough month for Azure admins; meanwhile, Windows takes a long road to a Dogwalk

Threat Research

August 09, 2022

Multiple attackers increase pressure on victims, complicate incident response

Sophos’ latest Active Adversary report explores the issue of organizations being hit multiple times by attackers

Security OperationsThreat Research

August 04, 2022

Genesis Brings Polish to Stolen-Credential Marketplaces

Four years on, Genesis Marketplace remains the go-to underground market for easy access to other people’s data

Threat Research

July 20, 2022

Behind the Research: The Making of “OODA: X-Ops Takes on Burgeoning SQL Server Attacks”

Security OperationsThreat Research

July 20, 2022

OODA: X-Ops Takes On Burgeoning SQL Server Attacks

How do the pieces of Sophos X-Ops fit together? A combined effort makes tidy work of a threat actor’s big play

Security OperationsThreat Research

July 20, 2022

Sophos X-Ops FAQ

Threat Research

July 14, 2022

BlackCat ransomware attacks not merely a byproduct of bad luck

Older hardware and outdated operating systems contribute to attacks

Threat Research

July 12, 2022

July Patch Tuesday is Rich in Azure, Windows Issues

Windows-facing issues make up the bulk of the 85 CVEs addressed, with one vulnerability under active exploit in the wild

Threat Research