Sophos Emergency Incident Response is now available
The first service combining the power of Sophos and Secureworks.
Similar Posts
Why top SOC teams are shifting to Network Detection and Response
Bys sSecurity Operations Center (SOC) teams are facing a fundamentally new challenge — traditional cybersecurity tools are failing to detect advanced adversaries who have become experts at evading endpoint-based defenses and signature-based detection systems. The reality of these “invisible intruders” is driving a significant need for a multi-layered approach to detecting threats,
RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware
Bys sThe threat actors behind a malware family known as RomCom targeted a U.S.-based civil engineering company via a JavaScript loader dubbed SocGholish to deliver the Mythic Agent. “This is the first time that a RomCom payload has been observed being distributed by SocGholish,” Arctic Wolf Labs researcher Jacob Faires said in a Tuesday report. The…
No need to hack when it’s leaking: Atrium Health edition
Bys sResearcher Jeremiah Fowler recently discovered an unsecured database with protected health information (PHI) linked to Atrium Health in North Carolina. As reported at WebsitePlanet, there were 21,344 records with a total size of 6.99 GB. The database appeared to be an FTP storage database. Fowler reports: The PDF documents’ metadata indicated that these were “Software…
ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
Bys sLawrence Abrams reports: IT management software firm ConnectWise says a suspected state-sponsored cyberattack breached its environment and impacted a limited number of ScreenConnect customers. “ConnectWise recently learned of suspicious activity within our environment that we believe was tied to a sophisticated nation state actor, which affected a very small number of ScreenConnect customers,” ConnectWise shared…
Security Researcher Comments on HIPAA Security Rule
Bys sAs long-time readers know, DataBreaches has occasionally run into difficulties when trying to helpfully notify entities of their data leaks or breaches. In other cases, independent researchers have also reported frustration with trying to get entities to respond to responsible disclosures. More often than not, initial attempts at disclosure are ignored or go to spam…
Initial Access Brokers Shift Tactics, Selling More for Less
Bys sWhat are IABs? Initial Access Brokers (IABs) specialize in gaining unauthorized entry into computer systems and networks, then selling that access to other cybercriminals. This division of labor allows IABs to concentrate on their core expertise: exploiting vulnerabilities through methods like social engineering and brute-force attacks. By selling access, they significantly mitigate the