News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

The Terminator tool is coming back
SophosNews

BYOVD (Bring Your Own Vulnerable Driver) are still very popular among threat actors as EDR killers. One reason is that this raises the prospect of a kernel-level attack, which gives cybercriminals a wide range of options - from hiding malware to spying on login credentials to attempting to disable EDR solutions. Sophos security specialists Andreas Klopsch and Matt Wixey have closely examined what has been happening with Terminator tools over the last six months and published the report “It'll be back: Attackers still abusing Terminator...

Read more

Qakbot remains dangerous
B2B Cyber ​​Security ShortNews

Sophos X-Ops has discovered and analyzed a new variant of the Qakbot malware. These cases first emerged in mid-December and show that the Qakbot malware has continued to evolve despite law enforcement's successful dismantling of the botnet infrastructure last August. The attackers use even better methods to cover their tracks. The cases analyzed by Sophos X-Ops show that cybercriminals made concerted efforts to strengthen the malware's encryption. This has made it more difficult for defenders to analyze the malicious code. In addition, the attackers are now encrypting the…

Read more

LockBit is alive
B2B Cyber ​​Security ShortNews

A few days ago, international law enforcement authorities scored a decisive blow against Lockbit. However, according to a comment from Chester Wisniewski, Director, Global Field CTO at Sophos, some of their infrastructure is still online, which likely indicates that some of the Lockbit cybercriminal group have not yet been caught. The chance of them joining other groups or forming a new group would not be a surprise. Sophos X-Ops is now publishing a report about the recently known security vulnerability in the remote management and monitoring solution ScreenConnect. The detailed analysis also provides a…

Read more

Pig Butchering: Lucrative business model for cyber gangs
Lucrative business model for cyber gangs

Sophos has uncovered how Sha Zhu Pan scammers are now using a business model similar to “cybercrime-as-a-service” for their supposedly romance-oriented so-called pig-butchering scams. The fraudsters sell Sha-Zhu-Pan kits on the Dark Web all over the world and are expanding into new markets. Sophos describes these operations (also known as pig booking) in the article “Cryptocurrency Scams Metastasize into New Forms.” The new sets come from organized crime gangs in China and provide the technical components needed to implement a special pig-butchering program called “DeFi savings”. The criminals pose…

Read more

Do companies even get cyber insurance?
Do companies even get cyber insurance? - KI MS

Cyber ​​insurance is not just a question of company strategy, but also whether you get it at all. The new Sophos guide to cyber insurance helps management and IT managers in companies better understand the cyber insurance market. After all, there are unavoidable requirements that must be met in order to ensure that insurance is as economical as possible. Companies often secure additional technical security through cyber insurance. Behind this strategy is, on the one hand, the knowledge of the danger of possibly backward in-house security and, on the other hand, a business calculation on the part of the management team. Every second company affected by attacks Sure…

Read more

Threat situation requires cybersecurity outsourcing

Cybersecurity – times are getting tougher: More than half of the companies surveyed (53 percent) expect a significant increase in cyber threats in the future. 43 percent, on the other hand, believe that the current level of cyber attacks will remain constant. This was the result of an interesting survey as part of a Cybersecurity as a Service study by Sophos. A so-called security operations center (SOC) is a crucial element of a modern, proactive security strategy. It focuses on the detection, analysis and response of security incidents in order to minimize the corresponding risks and to optimally protect data and business-critical processes in companies...

Read more

Cybersecurity: The vulnerable employee needs support
Cybersecurity: The employee vulnerability needs support - AI MS

In the changing threat landscape, human behavior plays an important role in cybersecurity - on the one hand, positively as a reinforcement in defense, on the other hand, negatively as a door opener for cybercriminals. A difficult balancing act. But there are effective solutions to better support employees. Security technologies are constantly evolving - and with them the tactics of cybercriminals who exploit vulnerabilities in machines and people to gain unauthorized access to systems. In the first half of 2023, the Sophos Cybersecurity Report found that compromised credentials were the primary cause of 50 percent...

Read more

Perfidious cyber attacks on hotels
SophosNews

Criminals are increasingly exploiting the well-meaning service spirit of hotel employees: Sophos X-Ops has uncovered several cases of a “malspam” campaign targeting hotels around the world. Access comes via phishing and also threatens the guests' data. The attacks using the RedLine Stealer malware, which specializes in skimming access data, have currently been detected in Spain, France, Germany, Switzerland, the United Arab Emirates and the USA. Phishing through fake complaints... The attackers first report with complaints about serious problems that the sender supposedly has with...

Read more

Ransomware attacks: via remote device into the network
Ransomware attacks: via remote device into the network - AI

Successful ransomware groups are increasingly switching to remote encryption, according to Sophos' latest CryptoGuard report. The problem: traditional anti-ransomware protection does not “see” the disaster coming and is ineffective. The type of attack has increased by 62 percent. Sophos has published its new report “CryptoGuard: An Asymmetric Approach to the Ransomware Battle” with the evaluations of its CryptoGuard defense technology. The most successful and active ransomware groups such as Akira, ALPHV/BlackCat, LockBit, Royal or Black Basta are consciously switching to remote encryption for their attacks. With this so-called “remote ransomware”, cybercriminals use a compromised and often poorly protected device to steal data on other…

Read more

Lack of IT specialists: 30 percent are missing in the area of ​​cybersecurity

A survey in Germany shows that the IT skills shortage mainly affects the IT security area. Almost a third of companies complain about a lack of specialist staff for IT security, with banks and insurance companies being particularly affected. Efficient, well-positioned IT security is crucial for the success and competitiveness of companies. The increasing complexity of cyber threats is therefore a major challenge for companies, especially with regard to the composition of their IT teams. There is a lack of specialists to protect the IT infrastructure. Sophos' latest study on the subject of Cybersecurity-as-a-Service (CSaaS) shows that 29 percent...

Read more