Collecting Cyber-News from over 60 sources

Tag: sophos

Sophos zeigt effektive Strategien bei der Patch-Priorisierung auf

Jan 23, 2025 6:22 PM

by

Andy Stern

in SecurityNews

Tags: cve, sophos, update, vulnerability

Die Zahl der bekannten Schwachstellen auch als Common Vulnerabilities and Exposures (CVE) bekannt wächst rasant. 2022 wurden 25.277 CVEs gemeldet, 2023 bereits 29.065. Für 2024 ist ein weiterer Anstieg zu erwarten. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-zeigt-effektive-strategien-bei-der-patch-priorisierung-auf/a39555/
Hackers Deliver Ransomware on Windows Via Microsoft Teams Voice Calls

Jan 23, 2025 1:22 PM

by

Andy Stern

in SecurityNews

Tags: cyber, detection, email, exploit, hacker, microsoft, office, ransomware, social-engineering, sophos, tactics, threat, tool, windows

Sophos X-Ops’ Managed Detection and Response (MDR) team has uncovered two highly active threat actor clusters exploiting Microsoft Office 365 to target organizations. Identified as STAC5143 and STAC5777, these clusters use advanced social engineering tactics, such as email bombing, fake Microsoft Teams tech support calls, and misuse of Microsoft tools, like Quick Assist and Teams’…
Two ransomware groups abuse Microsoft’s Office 365 platform to gain access to target organizations

Jan 22, 2025 11:22 PM

by

Andy Stern

in SecurityNews

Tags: access, attack, exploit, group, microsoft, office, ransomware, service, sophos, threat

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracked as STAC5143 and STAC5777, in response to customer ransomware attacks in November and December 2024. Threat actors used their own Microsoft 365 tenants and exploited a default Teams setting allowing…
Gezielte Cyberangriffe: Bedrohungsakteure missbrauchen Microsoft 365

Jan 22, 2025 12:22 PM

by

Andy Stern

in SecurityNews

Tags: cyberattack, microsoft, office, ransomware, sophos, vulnerability

Sophos X-Ops hat eine raffinierte Angriffskampagne entdeckt, bei der Cyberkriminelle gezielt Unternehmen infiltrieren. Dabei nutzen sie Schwachstellen innerhalb der Office-365-Plattform aus, um entweder sensible Daten zu stehlen oder Ransomware zu platzieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/gezielte-cyberangriffe-bedrohungsakteure-missbrauchen-microsoft-365
Threat actors abusing Microsoft Teams in ransomware attacks

Jan 22, 2025 9:22 AM

by

Andy Stern

in SecurityNews

Tags: access, attack, microsoft, ransomware, sophos, threat

Sophos researchers observed two separate threat campaigns in which attackers used Microsoft Teams to pose as IT support personnel and gain access to victims’ systems. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366618294/Threat-actors-abusing-Microsoft-Teams-in-ransomware-attacks
Ransomware groups pose as fake tech support over Teams

Jan 22, 2025 12:22 AM

by

Andy Stern

in SecurityNews

Tags: group, ransomware, sophos, tactics

A researcher at Sophos told CyberScoop that the company observed these tactics being used against multiple individuals and at least 15 organizations. First seen on cyberscoop.com Jump to article: cyberscoop.com/ransomware-groups-pose-as-fake-tech-support-over-teams/
Email Bombing, ‘Vishing’ Tactics Abound in Microsoft 365 Attacks

Jan 22, 2025 12:22 AM

by

Andy Stern

in SecurityNews

Tags: attack, email, microsoft, sophos, tactics

Sophos noted more than 15 attacks have been reported during the past three months. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/email-bombing-vishing-tactics-abound-microsoft-365-attacks
Microsoft Teams vishing attacks trick employees into handing over remote access

Jan 21, 2025 9:23 PM

by

Andy Stern

in SecurityNews

Tags: access, attack, backdoor, control, credentials, cybercrime, data, detection, email, exploit, group, hacking, lockbit, malicious, malware, microsoft, monitoring, network, office, password, phishing, powershell, ransomware, russia, service, social-engineering, sophos, spam, tactics, threat, tool, vpn, windows

Attackers believed to be affiliated with ransomware groups have recently been observed using a technique in which they bombard employees with spam emails and then call them on Microsoft Teams posing as technical support representatives from their organizations.The goal of this formerly uncovered social engineering tactic is to create a sense of urgency and trick…
Cyberkriminelle missbrauchen Microsoft-Teams als Einfallstor mit E-Mail-Bombing und Voice-Phishing

Jan 21, 2025 4:22 PM

by

Andy Stern

in SecurityNews

Tags: mail, microsoft, office, phishing, ransomware, sophos

Sophos-X-Ops hat eine aktive Bedrohungskampagne näher untersucht, bei der zwei verschiedene Gruppen von Bedrohungsakteuren Unternehmen infiltrieren, indem sie die Funktionalität der Office-365-Plattform missbrauchen und anschließend versuchen, Daten abzuziehen oder Ransomware platzieren. Besonders perfide: die Angreifer verwenden eine Kombination aus E-Mail-Bombing mit bis zu 3.000 Nachrichten in weniger als einer Stunde und anschließenden Sprach- bzw. Videoanrufen…
Russian ransomware hackers increasingly posing as tech support on Microsoft Teams

Jan 21, 2025 3:22 PM

by

Andy Stern

in SecurityNews

Tags: group, hacker, microsoft, office, ransomware, russia, service, sophos

Researchers at Sophos say they have seen more than 15 incidents in which two separate groups used Microsoft Office 365’s default service settings to socially engineer their way onto a victim’s system.]]> First seen on therecord.media Jump to article: therecord.media/fake-tech-support-russian-hackers-microsoft-teams
Ransomware Groups Abuse Microsoft Services for Initial Access

Jan 21, 2025 3:22 PM

by

Andy Stern

in SecurityNews

Tags: access, group, microsoft, ransomware, service, sophos

Sophos warns of two ransomware groups abusing Microsoft 365 services and default configurations to contact internal enterprise users. The post Ransomware Groups Abuse Microsoft Services for Initial Access appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ransomware-groups-abuse-microsoft-services-for-initial-access/
Fiese Masche: 3.000 Emails und ein >>rettender<< Support-Anruf via Teams

Jan 21, 2025 3:22 PM

by

Andy Stern

in SecurityNews

Tags: email, mail, office, ransomware, sophos

Sophos X-Ops hat eine aktive Bedrohungskampagne näher untersucht, bei der zwei verschiedene Gruppen von Bedrohungsakteuren Unternehmen infiltrieren, indem sie die Funktionalität der Office-365-Plattform missbrauchen und anschließend versuchen, Daten abziehen oder Ransomware platzieren. Besonders perfide: die Angreifer verwenden eine Kombination aus E-Mail-Bombing mit bis zu 3.000 Nachrichten in weniger als einer Stunde und anschließenden Sprach- bzw.…
Russian Ransomware Groups Deploy Email Bombing and Teams Vishing

Jan 21, 2025 1:22 PM

by

Andy Stern

in SecurityNews

Tags: attack, email, group, ransomware, russia, sophos

Sophos has warned of IT impersonation vishing attacks designed to remotely deploy ransomware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-email-bombing-teams/
Sophos MDR verzeichnet starkes Kundenwachstum und führt neue Funktionen ein

Jan 14, 2025 10:47 AM

by

Andy Stern

in SecurityNews

Tags: ai, service, sophos

In den letzten Monaten hat Sophos seinen MDR-Service mit einer höheren Analystenkapazität, AI-unterstützten Arbeitsprozessen, neuen Funktionen und erweiterter Integrierung für bestmöglichen Schutz stark aufgerüstet. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-mdr-verzeichnet-starkes-kundenwachstum-und-fuehrt-neue-funktionen-ein/a39441/
Sophos stellt Sprachmodell-Tool zur Verfügung – Tuning-Tool für LLMs als Open-Source-Programm

Jan 8, 2025 2:18 PM

by

Andy Stern

in SecurityNews

Tags: LLM, open-source, sophos, tool

First seen on security-insider.de Jump to article: www.security-insider.de/sophosai-open-source-tool-large-language-models-a-7f503f54ce6f32d4c318a41e873e2a54/
Breach Roundup: Cyberattack Disrupts Japan Airlines

Dec 26, 2024 7:43 PM

by

Andy Stern

in SecurityNews

Tags: apache, breach, cyberattack, data, finance, firewall, flaw, group, hacking, injection, law, sophos, sql

Also, US Court Rules NSO Group Violated Hacking Laws With Pegasus Spyware. This week, cyberattack disrupts Japan Airlines, U.S. court rules NSO Group violated hacking laws, the European Space Agency’s web store hacked, FTC orders Marriott to overhaul data security, Sophos patches critical firewall flaws and Apache fixes critical SQL injection in Traffic Control. First…
Hotfixes for Sophos firewall vulnerabilities released

Dec 24, 2024 9:44 PM

by

Andy Stern

in SecurityNews

Tags: firewall, sophos, vulnerability

First seen on scworld.com Jump to article: www.scworld.com/brief/hotfixes-for-sophos-firewall-vulnerabilities-released
Rockstar2FA Collapse Fuels Expansion of FlowerStorm Phishing-as-a-Service

Dec 23, 2024 1:42 PM

by

Andy Stern

in SecurityNews

Tags: 2fa, group, infrastructure, phishing, service, sophos

An interruption to the phishing-as-a-service (PhaaS) toolkit called Rockstar 2FA has led to a rapid uptick in activity from another nascent offering named FlowerStorm.”It appears that the [Rockstar2FA] group running the service experienced at least a partial collapse of its infrastructure, with pages associated with the service no longer reachable,” Sophos said in a new…
Sophos Patches Critical Firewall Vulnerabilities

Dec 23, 2024 12:44 PM

by

Andy Stern

in SecurityNews

Tags: firewall, sophos, vulnerability

Sophos has released patches for a critical-severity firewall vulnerability that could lead to remote code execution. The post Sophos Patches Critical Firewall Vulnerabilities appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/sophos-patches-critical-firewall-vulnerabilities/
Kritische Sicherheitslücken bedrohen Sophos-Firewalls

Dec 23, 2024 9:42 AM

by

Andy Stern

in SecurityNews

Tags: firewall, sophos

Es sind wichtige Sicherheitsupdates für Firewalls von Sophos erschienen. Mit den Standardeinstellungen installieren sie sich automatisch. First seen on heise.de Jump to article: www.heise.de/news/Kritische-Sicherheitsluecken-bedrohen-Sophos-Firewalls-10218914.html
FlowerStorm Seizes Opportunity as Rockstar2FA Crumbles

Dec 23, 2024 5:42 AM

by

Andy Stern

in SecurityNews

Tags: phishing, service, sophos

Despite its popularity, the phishing-as-a-service platform Rockstar2FA suffered a partial collapse in November 2024 due to technical issues, allowing the new phishing toolkit FlowerStorm to emerge, according to Sophos MD.... First seen on securityonline.info Jump to article: securityonline.info/flowerstorm-seizes-opportunity-as-rockstar2fa-crumbles/
Sophos discloses critical Firewall remote code execution flaw

Dec 21, 2024 5:43 AM

by

Andy Stern

in SecurityNews

Tags: access, firewall, flaw, injection, remote-code-execution, sophos, sql, threat, vulnerability

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sophos-discloses-critical-firewall-remote-code-execution-flaw/
Sophos fixed critical vulnerabilities in its Firewall product

Dec 20, 2024 11:43 PM

by

Andy Stern

in SecurityNews

Tags: access, cve, firewall, flaw, injection, sophos, sql, vulnerability

Sophos fixed three Sophos Firewall flaws that could lead to SQL injection, privileged SSH access to devices, and remote code execution. Sophos has addressed three vulnerabilities, respectively tracked as CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729, in its Sophos Firewall solution. The vulnerabilities impact Sophos Firewall v21.0 GA (21.0.0) and older versions, below are the description for these…
Sophos Firewall vulnerable to critical remote code execution flaw

Dec 20, 2024 4:46 PM

by

Andy Stern

in SecurityNews

Tags: access, firewall, flaw, injection, remote-code-execution, sophos, sql, threat, vulnerability

Sophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sophos-firewall-vulnerable-to-critical-remote-code-execution-flaw/
Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

Dec 20, 2024 10:42 AM

by

Andy Stern

in SecurityNews

Tags: access, exploit, firewall, flaw, remote-code-execution, sophos, update, vulnerability

Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions.Of the three, two are rated Critical in severity. There is currently no evidence that the shortcomings have been exploited in the wild. The list of…
Sophos-Umfrage zeigt Nachholbedarf in der Absicherung von OT-Systemen

Dec 20, 2024 8:42 AM

by

Andy Stern

in SecurityNews

Tags: cyberattack, sophos

Die Mehrheit glaubt, dass OT-Systeme auch in Zukunft beliebte Ziele für Cyberangriffe sein werden, insbesondere im Bereich der Kritischen Infrastrukturen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-umfrage-zeigt-nachholbedarf-in-der-absicherung-von-ot-systemen/a39357/
Sophos stellt Tuning-Tool für große Sprachmodelle als Open-Source-Programm zur Verfügung

Dec 18, 2024 2:42 PM

by

Andy Stern

in SecurityNews

Tags: LLM, open-source, sophos, tool

Große Sprachmodelle (Large-Language-Models, LLMs) haben das Potenzial, die Arbeitslast zu automatisieren und zu reduzieren, einschließlich der von Cybersicherheitsanalysten und Incident-Respondern. Generischen LLMs fehlt jedoch das domänenspezifische Wissen, um diese Aufgaben gut zu bewältigen. Auch wenn sie mit Trainingsdaten erstellt wurden, die Cybersicherheitsressourcen enthalten, reicht dies oft nicht aus, um spezialisiertere Aufgaben zu übernehmen, die aktuelles…
Sophos stellt neues Trainings-Framework zur Optimierung der LLMs zur Verfügung

Dec 18, 2024 2:42 PM

by

Andy Stern

in SecurityNews

Tags: framework, LLM, sophos, training

Durch den Einsatz von DeepSpeed wird die Skalierung großer Trainingsaufgaben ermöglicht, unter anderem durch parallele Datenverarbeitung. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-stellt-neues-trainingsframework-zur-optimierung-der-llms-zur-verfuegung/a39320/
Sophos-Tool zur NIS2-Compliance – Ist Ihr Unternehmen NIS2-ready?

Dec 18, 2024 12:42 PM

by

Andy Stern

in SecurityNews

Tags: compliance, nis-2, sophos, tool

First seen on security-insider.de Jump to article: www.security-insider.de/ist-ihr-unternehmen-nis2-ready-a-509c9253d325620e5023497fca19763a/
Cyberkriminelle setzten vermehrt auf vertrauenswürdige Anwendungen

Dec 18, 2024 11:42 AM

by

Andy Stern

in SecurityNews

Tags: sophos, tool, windows

Sophos veröffentlicht seinen Active Adversary Report. Eine wichtige Erkenntnis: Angreifer nutzen für ihre Machenschaften zunehmend vertrauenswürdige Anwendungen und Tools auf Windows-Systemen (‘Living Off the Land”-Binärdateien / LOLbins). First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cyberkriminelle-anwendungen