Sophos – Page 55 – PossibleThreat Articles

Qakbot mechanizes distribution of malicious OneNote notebooks

February 6, 2023 0 Comments .one, applicationreject, complaintcopy, featured, malware, onenote, qakbot, security operations, threat research

Credit to Author: Andrew Brandt| Date: Mon, 06 Feb 2023 18:17:20 +0000

A large-scale “QakNote” attack deploys malicious .one files as a novel infection vector

Security Sophos

Tracers in the Dark: The Global Hunt for the Crime Lords of Crypto

February 6, 2023 0 Comments #nobackdoors, Andy Greenberg, cryptocurrency, Cryptography, Cybercrime, Law & order, Podcast, tracers, tracers in the dark

Credit to Author: Paul Ducklin| Date: Mon, 06 Feb 2023 17:53:18 +0000

Hear renowned cybersecurity author Andy Greenberg’s thoughtful commentary about the “war on crypto” as we talk to him about his new book…

Security Sophos

Finnish psychotherapy extortion suspect arrested in France

February 6, 2023 0 Comments data breach, data loss, extortion, Law & order, vastaamo

Credit to Author: Naked Security writer| Date: Mon, 06 Feb 2023 16:13:16 +0000

Company transcribed ultra-personal conversations, didn’t secure them. Criminal stole them, then extorted thousands of vulnerable patients.

Security Sophos

Black History Month Marked by Sophos Team

February 6, 2023 0 Comments #sophoslife

Credit to Author: Byron Price| Date: Mon, 06 Feb 2023 14:05:35 +0000

Black History Month is recognized across the globe at different times during the year, with many countries celebrating in either February or October.

Security Sophos

More customers trust Sophos for MDR than any other cybersecurity provider

February 4, 2023 0 Comments featured, Managed Detection and Response, products & services, security operations, sophos mdr

Credit to Author: Doug Aamoth| Date: Sat, 04 Feb 2023 12:51:28 +0000

As the leading provider of MDR services, only Sophos has the breadth and depth of experience to deliver the best possible cybersecurity outcomes.

Security Sophos

OpenSSH fixes double-free memory bug that’s pokable over the network

February 3, 2023 0 Comments double-free, openssh, vulnerability

Credit to Author: Paul Ducklin| Date: Fri, 03 Feb 2023 17:59:21 +0000

It’s a bug fix for a bug fix. A memory leak was turned into a double-free that has now been turned into correct code…

Security Sophos

S3 Ep120: When dud crypto simply won’t let go [Audio + Text]

February 2, 2023 0 Comments collision, Cryptography, hive, Law & order, MD5, Naked Security Podcast, Podcast, Ransomware, samba, vulnerability

Credit to Author: Paul Ducklin| Date: Thu, 02 Feb 2023 17:50:29 +0000

Latest episode – listen now!

Security Sophos

Password-stealing “vulnerability” reported in KeePass – bug or feature?

February 1, 2023 0 Comments Cryptography, cve-2023-24055, data leakage, data loss, keepass, trigger, vulnerability

Credit to Author: Paul Ducklin| Date: Wed, 01 Feb 2023 18:58:48 +0000

Is it a vulnerability if someone with control over your account can mess with files that your account is allowed to access anyway?

Security Sophos

Fraudulent “CryptoRom” trading apps sneak into Apple and Google app stores

February 1, 2023 0 Comments cryptocurrency fraud, cryptorom, fake apps, featured, ios fake app, pigbutchering, shazhupan, sophos x-ops, threat research

Credit to Author: Jagadeesh Chandraiah| Date: Wed, 01 Feb 2023 11:00:48 +0000

Using changing remote content, apps slide by official review process to deliver fraud through the Apple App Store and Google Play Store.

Security Sophos

GitHub code-signing certificates stolen (but will be revoked this week)

January 31, 2023 0 Comments certificate breach, code signing, compromise, data loss, github, Microsoft, vulnerability

Credit to Author: Paul Ducklin| Date: Tue, 31 Jan 2023 11:35:30 +0000

There was a breach, so the bad news isn’t great, but the good news isn’t too bad…