On March 2nd, zero-day vulnerabilities affecting Microsoft Exchange were publicly disclosed. These vulnerabilities are being actively exploited in the wild by HAFNIUM, a threat actor believed to be a nation state.
Sophos customers are protected ...
SophosLabs will be performing scheduled maintenance for two hours starting January, 16th 2021 from 0900 UTC.
Date / Time
Saturday 16th January 0900 – 1100 (UTC)
US static and dynamic analysis environment (only)
Scheduled maintenance for SophosLabs Intelix (EU region)
SophosLabs will be performing scheduled maintenance for two hours starting December 6th, 2020 from 0000 – 0200 UTC.
During this time there may be disruption to getting status (4xx or 5xx)...
IT Administrators and Security Specialists often run into a suspicious looking PowerShell command; sometimes they succeed in decoding them but often, they are reliant on researchers. This blog should serve as a guidance to identify the purpose of suspicious entries found in:
RUN Keys in the Registry
Static PowerShell Scripts
Proxy Logs if a Web Server is exploited for a Remote Code Execution
In this video we are going to show you what happens when Locky Ransomware attacks a computer. You will see what a typical user would see if they were the victim of such an attack. We will then show you several scenarios demonstrating how Sophos protects the computers and…