Here you will find all articles, news and whitepapers published by SOPHOS sorted by date.
More than 100 million users in 150 countries trust in SOPHOS. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. SOPHOS offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and web.
An analysis shows a sharp increase in phishing attacks with SVG graphic files. A lot of malware is currently being distributed via the SVG graphic and image files used. This has been the observation of Sophos X-Ops since January 2025. In a new report from Sophos X-Ops, the security experts report a sharp increase in malware and phishing attacks carried out using SVG files. Cyber criminals are increasingly using the widely used SVG graphic format for their own purposes and are trying to circumvent the automatic detection of phishing and spam protection solutions. The malicious machinations with the SVG image format have been under observation since 2024. The scalable...
Because DeepSeek is based on open source, it can be explored and researched by both criminally motivated individuals and neutral enthusiasts. As with Meta's LLaMA, DeepSeek can be freely experimented with and the guardrails can largely be removed. This could lead to abuse by cybercriminals. However, operating DeepSeek professionally still requires far more resources than the average cybercriminal has at his disposal. Much more pressing for companies is the fact that DeepSeek is likely to be adopted by different products and companies due to its cost-effectiveness, which potentially poses significant risks to the...
A study by Sophos X-Ops in selected cybercrime forums found that threat actors are still not using AI intensively for their campaigns. Now the AI DeepSeek is coming with open source character. Will this bring movement into play? An analysis by Sophos X-Ops. Parallel to the latest report "Beyond the Hype: The Businesses Reality of AI for Cybersecurity" on the use of AI in corporate security, Sophos X-Ops is publishing a report on the use of artificial intelligence by cybercriminals. According to the new study entitled "Cybercriminals Still Not Getting On Board the AI Train (Yet)",...
Despite the hype: Almost 60 percent of German companies see potential deficiencies in cybersecurity tools based on generative AI as a major problem when dealing with artificial intelligence. A report shows that SMEs are more distrustful here than large companies. The new report entitled "Beyond the Hype: The Businesses Reality of AI for Cybersecurity" by Sophos takes a closer look at the use of AI in cybersecurity and gives tips on how to use the technology correctly. In parallel with the preparation of this report, 2024 IT professionals in Germany were surveyed in December 200 in cooperation with Techconsult...
As a survey shows, OT systems were already a gateway for cyber attacks in almost half of the companies surveyed. And this despite the fact that the companies make a lot of efforts to ensure OT security. Most also rely on the support of external experts. This is because many in the KRITIS sector are already expecting cyber attacks. Machines, systems and systems are increasingly networked, and the development process is highly dynamic. Industry 4.0 and "intelligent factories" are changing the production landscape at high speed. At the same time, the risks of cyber attacks on operational technology (OT) are increasing, and with them the complex requirements for OT security. OT...
Large Language Models (LLMs) have the potential to automate and reduce workloads, including those of cybersecurity analysts and incident responders. Sophos provides large language model tuning tools as an open source program. Generic LLMs lack the domain-specific knowledge to handle all tasks well. Even when built with training data that includes cybersecurity assets, this is often not enough to take on more specialized tasks that require current and, in some cases, proprietary knowledge to perform well - knowledge that was not available to LLMs when they were trained.
Cybercrime and data theft are a disaster and can cause companies to stumble. An emergency plan helps everyone involved to keep their nerves and, above all, control. This includes communication! The financial and operational impact of a cyberattack can bring an organization to the brink of its existence. The average cost of data theft in 4,3 was 2023 million euros. This is a threatening sum for small and medium-sized enterprises (SMEs), which are often the focus of attacks. After all, according to statistics from Sophos X-Ops, 43 percent of all cyberattacks last year targeted these companies...
In its new Active Adversary Report 2024, Sophos proves the wolf in sheep's clothing: Cybercriminals are increasingly relying on trusted Windows applications for their attacks. Criminal use, commonly referred to as "living off the land" binaries, is increasing by 51 percent. Lockbit is the number 1 ransomware despite government intervention. Sophos' new Active Adversary Report, entitled "The Bite from Inside," provides a detailed look at the changing behaviors and techniques of attackers in the first half of 2024. The analysis data comes from almost 200 incident response cases that the Sophos X-Ops IR team and Sophos X-Ops Managed...
What does 2025 mean for cyber security in companies? Which cyber attacks will become more frequent, which industries are particularly targeted and what role will AI play in the future? In cyber security, the last few years have shown that you have to expect anything. Since no one can see into the future, it is worth looking back at 2024 in order to evaluate developments, anticipate possible scenarios for the future and to adapt and look to a new year with confidence. Security is well positioned, but vigilance is and remains the top priority. Because...
When it comes to detecting and neutralizing threats, every minute can be critical for security professionals, including managed service providers (MSPs). Generative AI features in Sophos XDR detect threats and repel them faster. To further optimize response and forensic investigations, Sophos has now enhanced its Extended Detection and Response (XDR) platform with new artificial intelligence (AI). The new generative AI features speed up and simplify investigations, allowing even less experienced analysts to target the necessary security operations and neutralize adversaries faster. The most important new features include: Optimized search...
