#sophosxops — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #sophosxops, aggregated by home.social.
-
Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job – Source: news.sophos.com https://ciso2ciso.com/sophos-ai-at-black-hat-usa-25-anomaly-detection-betrayed-us-so-we-gave-it-a-new-job-source-news-sophos-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #anomalydetection #ThreatResearch #nakedsecurity #nakedsecurity #commandline #SophosXOps #blackhat #FEATURED #BlackHat #featured #LLM #AI
-
GOLD BLADE Remote DLL Sideloading Attack Deploys RedLoader – Source: news.sophos.com https://ciso2ciso.com/gold-blade-remote-dll-sideloading-attack-deploys-redloader-source-news-sophos-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #DLLsideloading #ThreatResearch #nakedsecurity #nakedsecurity #Cybercrime #SophosXOps #GOLDBLADE #RedLoader #FEATURED #featured #WebDAV #webdav #LNK #lnk
-
Sophos’ Secure by Design 2025 Progress – Source: news.sophos.com https://ciso2ciso.com/sophos-secure-by-design-2025-progress-source-news-sophos-com/ #rssfeedpostgeneratorecho #SecurityOperations #CyberSecurityNews #securebydesign #SecurebyDesign #nakedsecurity #nakedsecurity #SophosXOps #FEATURED #featured #CISA
-
Small world: The revitalization of small AI models for cybersecurity – Source: news.sophos.com https://ciso2ciso.com/small-world-the-revitalization-of-small-ai-models-for-cybersecurity-source-news-sophos-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #ThreatResearch #nakedsecurity #nakedsecurity #smallmodels #SophosXOps #FEATURED #SophosAI #featured #LLM
-
SharePoint ‘ToolShell’ vulnerabilities being exploited in the wild – Source: news.sophos.com https://ciso2ciso.com/sharepoint-toolshell-vulnerabilities-being-exploited-in-the-wild-source-news-sophos-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #ThreatResearch #nakedsecurity #nakedsecurity #PatchTuesday #SharePoint #SophosXOps #sharepoint #ToolShell #toolshell #FEATURED #featured #mdr #MDR
-
SophosAI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job – Source: news.sophos.com https://ciso2ciso.com/sophosai-at-black-hat-usa-25-anomaly-detection-betrayed-us-so-we-gave-it-a-new-job-source-news-sophos-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #anomalydetection #ThreatResearch #nakedsecurity #nakedsecurity #blackhat2025 #SophosXOps #FEATURED #SophosAI #featured #LLM
-
The strange tale of ischhfd83: When cybercriminals eat their own – Source: news.sophos.com https://ciso2ciso.com/the-strange-tale-of-ischhfd83-when-cybercriminals-eat-their-own-source-news-sophos-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #cybercrimeforums #ThreatResearch #nakedsecurity #nakedsecurity #lummastealer #SophosXOps #AsyncRAT #backdoor #FEATURED #asyncrat #Backdoor #featured
-
PJobRAT makes a comeback, takes another crack at chat apps – Source: news.sophos.com https://ciso2ciso.com/pjobrat-makes-a-comeback-takes-another-crack-at-chat-apps-source-news-sophos-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #ThreatResearch #MobileMalware #nakedsecurity #mobilemalware #nakedsecurity #SophosXOps #FEATURED #featured #Android #PJobRAT #pjobrat #Taiwan
-
Update: Cybercriminals still not fully on board the AI train (yet) – Source: news.sophos.com https://ciso2ciso.com/update-cybercriminals-still-not-fully-on-board-the-ai-train-yet-source-news-sophos-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #socialengineering #Socialengineering #cybercrimeforums #ThreatResearch #nakedsecurity #nakedsecurity #SophosXOps #FEATURED #featured #ChatGPT #Scams #scams #AI
-
Continue getting ready for the new year with part two of our two part series on “Patch Prioritization.”.
Here we go into #EPSS, #SSVC, #KEV, and other tools and frameworks.
#sophosxops #threatintelligence #patching #patchprioritization
-
Continue getting ready for the new year with part two of our two part series on “Patch Prioritization.”.
Here we go into #EPSS, #SSVC, #KEV, and other tools and frameworks.
#sophosxops #threatintelligence #patching #patchprioritization
-
Continue getting ready for the new year with part two of our two part series on “Patch Prioritization.”.
Here we go into #EPSS, #SSVC, #KEV, and other tools and frameworks.
#sophosxops #threatintelligence #patching #patchprioritization
-
Continue getting ready for the new year with part two of our two part series on “Patch Prioritization.”.
Here we go into #EPSS, #SSVC, #KEV, and other tools and frameworks.
#sophosxops #threatintelligence #patching #patchprioritization
-
Continue getting ready for the new year with part two of our two part series on “Patch Prioritization.”.
Here we go into #EPSS, #SSVC, #KEV, and other tools and frameworks.
#sophosxops #threatintelligence #patching #patchprioritization
-
Get ready for the new year by taking time to better understand how to prioritize your patching.
Read understanding #CVSS part one of our two part series on “Patch Prioritization.”.
https://news.sophos.com/en-us/2024/12/27/prioritizing-patching-a-deep-dive-into-frameworks-and-tools-part-1-cvss/#sophosxops #threatintelligence #patching #patchprioritization
-
Get ready for the new year by taking time to better understand how to prioritize your patching.
Read understanding #CVSS part one of our two part series on “Patch Prioritization.”.
https://news.sophos.com/en-us/2024/12/27/prioritizing-patching-a-deep-dive-into-frameworks-and-tools-part-1-cvss/#sophosxops #threatintelligence #patching #patchprioritization
-
Get ready for the new year by taking time to better understand how to prioritize your patching.
Read understanding #CVSS part one of our two part series on “Patch Prioritization.”.
https://news.sophos.com/en-us/2024/12/27/prioritizing-patching-a-deep-dive-into-frameworks-and-tools-part-1-cvss/#sophosxops #threatintelligence #patching #patchprioritization
-
Get ready for the new year by taking time to better understand how to prioritize your patching.
Read understanding #CVSS part one of our two part series on “Patch Prioritization.”.
https://news.sophos.com/en-us/2024/12/27/prioritizing-patching-a-deep-dive-into-frameworks-and-tools-part-1-cvss/#sophosxops #threatintelligence #patching #patchprioritization
-
Get ready for the new year by taking time to better understand how to prioritize your patching.
Read understanding #CVSS part one of our two part series on “Patch Prioritization.”.
https://news.sophos.com/en-us/2024/12/27/prioritizing-patching-a-deep-dive-into-frameworks-and-tools-part-1-cvss/#sophosxops #threatintelligence #patching #patchprioritization
-
‘Junk gun’ ransomware: Peashooters can still pack a punch – Source: news.sophos.com https://ciso2ciso.com/junk-gun-ransomware-peashooters-can-still-pack-a-punch-source-news-sophos-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #cybercrimeforums #ThreatResearch #nakedsecurity #nakedsecurity #Smallbusiness #ransomware #SophosXOps #FEATURED #featured #junkgun
-
Memory scanning leaves attackers nowhere to hide – Source: news.sophos.com https://ciso2ciso.com/memory-scanning-leaves-attackers-nowhere-to-hide-source-news-sophos-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #processinjection #filelessmalware #memoryscanning #ThreatResearch #nakedsecurity #nakedsecurity #SophosXOps #FEATURED #featured
-
Memory scanning leaves attackers nowhere to hide – Source: news.sophos.com https://ciso2ciso.com/memory-scanning-leaves-attackers-nowhere-to-hide-source-news-sophos-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #processinjection #filelessmalware #memoryscanning #ThreatResearch #nakedsecurity #nakedsecurity #SophosXOps #FEATURED #featured
-
Sophos X-Ops is currently tracking a campaign by threat actors targeting unpatched #Citrix #NetScaler systems exposed to the internet. Our data indicates strong similarity between #attacks using CVE-2023-3519 delivering #malware and #webshells and previous attacks using a number of the same #TTPs.
-
Sophos X-Ops is currently tracking a campaign by threat actors targeting unpatched #Citrix #NetScaler systems exposed to the internet. Our data indicates strong similarity between #attacks using CVE-2023-3519 delivering #malware and #webshells and previous attacks using a number of the same #TTPs.
-
Sophos X-Ops is currently tracking a campaign by threat actors targeting unpatched #Citrix #NetScaler systems exposed to the internet. Our data indicates strong similarity between #attacks using CVE-2023-3519 delivering #malware and #webshells and previous attacks using a number of the same #TTPs.
-
Sophos X-Ops is currently tracking a campaign by threat actors targeting unpatched #Citrix #NetScaler systems exposed to the internet. Our data indicates strong similarity between #attacks using CVE-2023-3519 delivering #malware and #webshells and previous attacks using a number of the same #TTPs.
-
Sophos X-Ops is currently tracking a campaign by threat actors targeting unpatched #Citrix #NetScaler systems exposed to the internet. Our data indicates strong similarity between #attacks using CVE-2023-3519 delivering #malware and #webshells and previous attacks using a number of the same #TTPs.
-
New bullies on the block: They don’t PLAY nice.
In mid-November 2022, #Sophos X-Ops responded to an incident where PLAY #ransomware, also known as #PlayCrypt, was found in an under-protected environment.
PLAY is a relatively new ransomware variant, first reported in mid-July of 2022. It deploys a variety of commonly abused tools, similar to other Ransomware-as-a-Service (RaaS) deployments such as Hive or Nokoyawa. In this thread we’ll walk through what Sophos X-Ops researchers @bencrypted and @th3_protoCOL saw in their analysis – a process our Rapid Response team observed in reverse, starting their work with this customer when they were called in at the 14-day mark.
The IoCs provided in this writeup are available on our Github: https://github.com/sophoslabs/IoCs.