April 02, 2025

It takes two: The 2025 Sophos Active Adversary Report

The dawn of our fifth year deepens our understanding of the enemies at the gate, and some tensions inside it; plus, an anniversary gift from us to you

Security OperationsThreat Research

April 01, 2025

Qilin affiliates spear-phish MSP ScreenConnect admin, targeting customers downstream

Attack matches three-year long pattern of ScreenConnect attacks tracked by Sophos MDR as STAC4365.

Security OperationsThreat Research

March 28, 2025

Stealing user credentials with evilginx

A malevolent mutation of the widely used nginx web server facilitates Adversary-in-the-Middle action, but there’s hope

Security OperationsThreat Research

March 20, 2025

The future of MFA is clear – but is it here yet?

Not all authentication is equal to the task in 2025, but there is a best choice within reach

Threat Research

October 02, 2024

Cybersecurity Awareness Month: A timely reminder to review your security posture

Explore four pressing cybersecurity challenges organizations face in 2024 and how to overcome them

Products & Services

August 23, 2023

Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders

A deep dive into incident-response cases from the first half of this year finds both attackers and defenders picking up the pace

Threat Research

September 22, 2022

S3 Ep101: Uber and LastPass breaches – is 2FA all it’s cracked up to be? [Audio + Text]

Latest episode - listen now! Learn why adopting 2FA isn't a reason to relax your other security precautions...

Naked Security

July 16, 2021

Hindsight #1: Enforce MFA for system administration and security consoles

Hindsight security: things breach victims wish they had done

Products & Services

June 28, 2021

What IT security teams can learn from the Colonial Pipeline ransomware attack

Security Operations