Sophos Security News

The Sophos Blog
  1. Phishing and malware actors abuse Google Forms for credentials, data exfiltration

    Earlier this year as we researched malware use of Transport Layer Security-based communications to conceal command and control traffic and downloads, we found a disproportionate amount of traffic going to Google cloud services. Among the destinations we found in telemetry were a host of Google Forms pages. The abuse of legitimate public cloud services by […]
  2. Hindsight #7: Prepare for the worst

    This article is  part of a series that aims to educate cyber security professionals on the lessons learned by breach victims. Each lesson will include simple recommendations, many of which do not require organizations to purchase any tools.
  3. Cring ransomware group exploits ancient ColdFusion server

    The rarely-seen ransomware family leveraged commercial remote access tools to move laterally on the network
  4. BlackMatter ransomware strikes again (but Sophos stops it)  

    Multiple layers of protection in Intecept X stop BlackMatter cold
  5. IOC hunting: Expanding reach with Sophos Central XDR API

    You can now hunt for threats even if the endpoint is offline.