Sophos

For cybersecurity professionals, #firewall hardening enhances security resilience and mitigate vulnerabilities. Regular firmware updates strengthen your security posture, limit service access, and reduce your potential attack surface. These best practices enable organizations to significantly strengthen their defenses against #CyberThreats and safeguard their network integrity. Learn more: https://bit.ly/48B28pY

More than half – 62% – of the lower education worldwide that experience #ransomware pay cybercriminals to get their hijacked data back, according to our recent research. In addition to financial fallout, ransomware interrupts productivity, teaching, and the emotional well-being of a school community. Schools can strengthen their security with regular data backups and comprehensive staff training. Get more insight from Kara Arundel in K-12 Dive: https://bit.ly/4hzhhMC

Modern #ransomware attacks often use legitimate IT and end-user tools such as a VPN or Remote Desktop Protocol (RDP) to gain access. Teams can mitigate risks by replacing remote-access VPNs with zero trust network access (#ZTNA) – which trusts nothing and verifies everything. It utilizes MFA and device health to control access and only provides access to specific network applications, effectively micro-segmenting your network. Learn more: https://bit.ly/3UDK8p0

Cybersecurity around the world took a giant step forward in 2024. Spencer Feingold and Filipe Beato keep you up to date on new regulations including the NIS2 Directive and more in the World Economic Forum. https://bit.ly/3YSwQrg

Law enforcement involvement during a cyberattack leads to an effective recovery. They offer free assistance with investigation, data recovery, and handle broader impacts. Rob Harrison, SVP of Products & Services, recommends teams report incidents immediately, identify key contacts in advance, and lean on law enforcement expertise. Expert support enables efficient recovery and supports community-wide defense against cybercrime. Learn more in Forbes: https://bit.ly/4fa4gqV

Following the announcement of our Pacific Rim research focused on #NationState adversaries, the Federal Bureau of Investigation (FBI) has issued a Wanted Alert for information regarding perimeter device attacks. It’s crucial for the security industry to unite and implement the necessary changes to stop the escalation of nation-state cyberattacks. Learn more: https://bit.ly/48tFFer

For years, cybersecurity vendors have quietly protected customers from malicious hackers. Now, Sophos is revealing insights from its intense, years-long fight against sophisticated, nation-state hackers exploiting #firewall vulnerabilities—a real game of cat-and-mouse.    “This is becoming a bit of an open secret. People understand this is happening, but unfortunately everyone is zip,” says Sophos chief information security officer Ross McKerchar. “We're taking a different approach, trying to be very transparent, to address this head-on and meet our adversary on the battlefield.”    Today, organizations must remain vigilant and proactive with their #cybersecurity to avoid becoming easy targets in this shifting threat landscape. Read more from Andy Greenberg in WIRED: https://bit.ly/3AbkW2n

Today, Sophos released “Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats,” which documents our multi-year battle with Chinese nation-state threat actors who were making every effort to exploit now long-resolved defects in our firewall software in an effort to victimize Sophos, our customers, and uninvolved third parties. The accompanying timeline and technical details document the series of decisions, investments, improvements, and innovations that emerged from the engagement.    I have personally released a piece to accompany this, named “Digital Detritus,” which provides my perspective on the investigation and my thoughts on how to specifically address what I believe are the obligations of cybersecurity vendors, the importance of transparency, and how we should lead by example.     Digital Detritus is a term I use to describe the accumulation of data and devices that result from living in a digital world – a digital equivalent of the ocean's own Great Pacific Trash Vortex, an immense but nearly invisible mass of deteriorating material – in this case, obsolete and/or unpatched hardware and software.    I open this article with a brief summary of Cybersecurity and Infrastructure Security Agency's work because I believe these efforts have been a crucial missing ingredient to the improvement of the state of cybersecurity. It is no exaggeration to say that improvement is a matter of great importance to our economy, our national security, and the welfare of citizens worldwide.     Read more here: https://lnkd.in/gC_BW3k8

Sophos lifts the lid off a vast Chinese cyberespionage operation. Today, we’ve unveiled a defensive and counter-offensive operation with multiple interlinked nation-state adversaries based in China. In our research named “Pacific Rim,” we disclose how the attackers used a series of campaigns with novel exploits and customized malware to conduct surveillance, sabotage and cyberespionage. Sophos also found overlapping tactics, tools and procedures (TTPs) with well-known Chinese nation-state groups, including Volt Typhoon, APT31 and APT41. The adversaries targeted both small and large critical infrastructure and government targets, primarily located in South and South-East Asia, including nuclear energy suppliers, a national capital’s airport, a military hospital, state security apparatus, and central government ministries. Throughout Pacific Rim, Sophos X-Ops, our cybersecurity and threat intelligence unit, worked to neutralize the adversaries’ moves and continuously evolved defenses and counter-offensives. After Sophos successfully responded to the initial attacks, the adversaries escalated their efforts and brought in more experienced operators. Sophos subsequently uncovered a vast adversarial ecosystem. Ross McKerchar, CISO at Sophos, warns that critical infrastructure and #SMBs in the supply chain remain key targets. “Collaboration across sectors is vital to disrupt these long-term, complex attacks.” For years, nation states have known that network devices are privileged, powerful and unmonitored places to hide, which is why radical transparency about vulnerabilities and patches and migrating End of Life (EOL) devices to modern technology is essential. The security industry needs to come together to create the changes necessary to stop fueling nation-state cyberattacks. Read the full story here: https://bit.ly/48sFFew

Ransomware attacks on #healthcare organizations have hit a four-year high. Out of 400 healthcare organizations surveyed, 67% said they had been affected by attacks in the past year. That represents almost double the number of orgs affected in 2021. Prioritizing #cybersecurity preparedness helps you avoid skyrocketing recovery costs and operational setbacks. Jay Asser in HealthLeaders has more: https://bit.ly/3Aa32g6