News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Qilin ransomware steals login credentials from Chrome
SophosNews

During an investigation into a Qilin ransomware attack, the Sophos X-Ops team found that the attackers were stealing credentials stored in Google Chrome browsers on certain network endpoints. The Qilin group, which has been active for over two years, gained access through compromised credentials and manipulated group policies to run a PowerShell script to collect Chrome credentials. These scripts were activated when users logged in to collect the data. Attackers collect credentials using PowerShell script The cybercriminals used the PowerShell script to collect credentials from networked endpoints and were able to avoid the lack of…

Read more

Those who don’t pay: Ransomware groups are putting more pressure on
If you don't pay: Ransomware groups are putting more pressure on you Image: Bing AI

A new report shows how ransomware groups use information about semi-legal activities from stolen data to force victims to pay. The dark web report “Turning the Screws: The Pressure Tactics of Ransomware Gangs” reveals. In its new dark web report “Turning the Screws: The Pressure Tactics of Ransomware Gangs”, Sophos reveals important findings. In the report, the security specialists describe in detail how cyber criminals use stolen data as a means of increasing the pressure on targets who are unwilling to pay. The pressure methods include passing on contact details, publishing information about family members of CEOs…

Read more

AnyDesk: Ransomware attack via remote access program
SophosNews

The ransomware group "Mad Liberator" uses Anydesk as a bridge to get into corporate networks. Sophos X-Ops reveals details of the attack and provides tips for better protection against these attacks. The Sophos X-Ops Incident Response Team has investigated the tactics of the ransomware group "Mad Liberator". This group is a new threat actor that first appeared on the scene in mid-July 2024. In the new report "Don't get Mad, get wise", Sophos X-Ops looks at the attack techniques used by this group in connection with the popular remote access application Anydesk. The security specialists also give tips on how...

Read more

DA-CH: Are employees a danger from within?
DA-CH: Are employees a danger from within? Image by StartupStockPhotos on Pixabay

Are angry and careless employees a security problem for companies? Austrian managers place the greatest trust in their employees, Germany is generally confident and Switzerland is more cautious. Publications repeatedly address the great threat to cyber security posed by employees. In particular, disgruntled, bribed or angry former employees who have stolen data are the focus of attention. Human error is also regularly identified as another crucial and dangerous factor for cyber security. It can lead to serious security incidents that are caused by carelessness within the workforce...

Read more

Cyber ​​attack reported – but nobody does anything 
Attack reported - but nobody does anything Image by Gerd Altmann on Pixabay

Almost half of companies have security problems due to overlooked warnings. A survey shows that 43 percent of respondents admitted that there were cyber attacks that were reported by the system but not noticed or processed. Effective cyber security is only achieved when the numerous messages and alarms from the installed systems are registered and, above all, responded to competently. According to a recent survey by Sophos, however, the necessary overview and response does not seem to be guaranteed in 43 percent of companies. Techconsult surveyed a total of 200 IT managers in Germany on behalf of Sophos....

Read more

Ransomware: Encrypted backups – doubled ransom 
Ransomware: Encrypted backups - doubled ransom Image: AI - Bing

When backups become a problem in a ransomware attack: Cyber ​​criminals also target backups for encryption. Why? Because this creates even more extortion pressure and doubles the ransom amounts. The financial and operational impact of a ransomware attack is bad enough. However, if cyber criminals also manage to damage or encrypt the backups, there is a high probability that a company will have to pay around twice as much ransom. According to a study by Sophos of 2.974 IT/cybersecurity decision-makers in 14 countries, the total cost of recovery is eight times higher than with...

Read more

MSPs: Cybersecurity professionals in short supply
MSPs: Cybersecurity professionals in short supply Image by Dirk Wouters on Pixabay

In the first "MSP Perspectives 2024" report, Sophos surveyed managed service providers (MSPs) about the daily challenges they face in cybersecurity. The shortage of skilled workers is a particular concern. The biggest challenge for MSPs is keeping up with the latest cybersecurity solutions and technologies - 39 percent of the MSPs surveyed said this. In addition, MSPs believe that another major challenge is hiring new cybersecurity professionals to keep up with customer growth and the latest cyber threats. Lack of internal cybersecurity skills The survey also shows that MSPs are facing a lack of internal...

Read more

Robotics, AI or company cars – where managers see cyber threats
Robotics, AI or company cars – where managers see cyber threats Image: MS - KI

German and Swiss C-level managers see a need for action, particularly in the home office, to better protect sensitive data there in the future. Austrians believe that smart building technologies are vulnerable. In Germany, company cars are considered important and people are rather skeptical about future technologies. "Boss, what do you think about cyber security?": this is the answer to the large-scale management study by Sophos for Germany, Austria and Switzerland. One part of the analysis examines the question of where C-level managers see an increased need for IT security measures in the company in the future. Bosses in Germany, Austria and Switzerland were surveyed...

Read more

Ransomware: 97 percent of those affected seek advice from the authorities

An enormous number of companies turn to official institutions in the event of a cyber attack. The current Sophos State of Ransomware Report confirms that, in addition to just reporting, many of those affected are also looking for advice or instructions on how to restore their data. According to the annual State of Ransomware 2024 Report, 97 percent of organizations surveyed that were victims of ransomware last year worked with law enforcement or other government agencies. This impressively high percentage applies equally to the global and DACH survey results. More than half (59 percent worldwide and 56 percent in…

Read more

Ransomware: Ransom payments with 500 percent plus
Ransomware: Ransom payments with 500 percent plus MS - AI

This year, ransomware payments have increased by 500 percent compared to the previous year in 2023. While the international values ​​are already high at over 1,8 million euros on average, in Germany they are even drastically higher: over 5 million euros on average. Sophos publishes the global study “State of Ransomware 2024”, according to which the average ransom payment increased by 500 percent last year. In international comparison, organizations that paid ransoms reported an average payment of 1.860.260 euros (US$2 million), up from 372.520 euros (US$400.000) in 2023….

Read more