Displaying items by tag: Sophos

Cybersecurity vendor Sophos has appointed Charles de Jesus to the role of ANZ channel director.

Returning to the office is something many more people have done since lockdowns ended, but which devices are unpatched and unprotected from not being used for months? Cyber security has never been more important, with Aaron Bugal, Global Solutions Engineer at Sophos, telling us all we need to know.

Returning to the office is something many more people have done since lockdowns ended, but which devices are unpatched and unprotected from not being used for months? Cyber security has never been more important, with Aaron Bugal, Global Solutions Engineer at Sophos, telling us all we need to know.

Security vendor Sophos says the attackers behind the AvosLocker ransomware are using the combination of Windows Safe Mode and the AnyDesk remote administration tool to bypass security controls and plant their malware.

GUEST INTERVIEW: Sophos has released its 2022 Threat Report, and Sophos ANZ MD joined iTWireTV not only to tell us its findings, but to recap 2021, talk ransomware, ethical zero-day research and more!

GUEST INTERVIEW: Sophos has released its 2022 Threat Report, and Sophos A/NZ MD joined iTWireTV not only to tell us its findings, but to recap 2021, talk ransomware, ethical zero-day research and more!

Attackers have tested an exploit for a critical Office vulnerability already fixed by Microsoft, by using a different format than that which was originally used in the exploit. The new exploit disappeared after a short interval.

COMPANY NEWS: Sophos, a global leader in next-generation cybersecurity, today released details of a novel exploit that bypasses a patch for a critical vulnerability (CVE-2021-40444) affecting the Microsoft Office file format. The findings are reported in a new SophosLabs Uncut article, “Attackers test ‘CAB-less 40444’ exploit in a dry run,” that shows how the attackers took a publicly available proof-of-concept Office exploit and weaponised it to deliver Formbook malware. The attackers then distributed it through spam emails for approximately 36 hours before it disappeared, according to Sophos researchers.

COMPANY NEWS: Since the first vulnerability in the Apache Foundation’s Log4j logging tool was revealed on 10 December, three sets of fixes to the Java library have been released as additional vulnerabilities were uncovered. This rapid iteration of fixes has left software developers and organisations worldwide scrambling to assess and mitigate their exposure with nearly daily-changing guidance. In the meantime, we’ve seen attempts to detect or exploit the vulnerability continue non-stop.

Cybersecurity firm Sophos has released new findings on the Tor2Mine cryptominer in new research Two flavours of Tor2Mine miner dig deep into networks with PowerShell, VBScript, that show how the miner evades detection, spreads automatically through a target network, and is increasingly harder to remove from an infected system.

GUEST OPINION: If you asked anyone working in the digital space today—marketers, customer service reps, IT managers or even ransomware adversaries—what the most valuable resource in the world is, their answer would be: data.

Cloud-native network detection and response provider ExtraHop has appointed Tanya Hovagimian as the company’s first Australia and New Zealand channel manager.

Nearly 10 months after it was taken down by authorities in Europe, the US and Canada, the Emotet botnet appears to have returned, with at least one of the bots associated with it being observed by a security firm.

COMPANY NEWS: Cybersecurity company Sophos published its Sophos 2022 Threat Report, detailing how the gravitational force of ransomware’s black hole is pulling in other cyberthreats to form one massive, interconnected ransomware delivery system—with significant implications for IT.

Another Windows ransomware group, BlackMatter, appears to have shut down operations, according to a message sent out by the people behind the group.

The NPM repository account linked to a popular node.js was hijacked for a while on Friday and used to spread a malicious script, the security firm Sophos claims.

The Apache HTTP Server Project has been forced to issue fresh fixes for a critical bug which was originally thought to affect only version 2.4.49 and fixed last Thursday.

Attackers used a script written in Python during a recent ransomware attack which took just three hours, encrypting all the virtual disks on the target's virtual machine hypervisor.

Researchers from global security firm Sophos have detailed how a relatively new Windows ransomware group known as Atom Silo carried out an attack over two days, initially using a flaw in Atlassian's Confluence collaboration software.

GUEST RESEARCH: Manufacturing and production companies were the least likely (at 19%) to pay ransom and the most likely (at 68%) to be able to restore data from backups, according to a study by cybersecurity company Sophos.