Weekly Update 436
We're heading back to London! And making a trip to Reykjavik. And Dublin. I talked about us considering this in the video yesterday, and...
Cybercriminals still not fully on board the AI train (yet) – Sophos News
In November 2023, Sophos X-Ops published research exploring threat actors’ attitudes towards generative AI, focusing on discussions on selected cybercrime forums. While we did...
GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs
Jan 27, 2025Ravie LakshmananVulnerability / Software Security
Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully...
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing” – Sophos News
Sophos X-Ops’ Managed Detection and Response (MDR) is actively responding to incidents tied to two separate groups of threat actors, each of which have...
The EAGERBEE backdoor may be related to the CoughingDown actor
Introduction
In our recent investigation into the EAGERBEE backdoor, we found that it was being deployed at ISPs and governmental entities in the Middle East....
Examining Redtail Analyzing a Sophisticated Cryptomining Malware and its Advanced Tactics [Guest Diary]
Introduction
From August to November 2024, my honeypot has captured a wide array of malicious content. In this analysis, I will focus on a specific...
