Sophos Emergency Incident Response is now available

Blog

Byadmblake June 10, 2025

The first service combining the power of Sophos and Secureworks.

Blog

Vulnerability Detection Tops Agentic AI at RSAC’s Startup Competition

Agentic-native startups threaten to reduce the zero-day problem to just a zero-hour issue. Of course, AI agents will accelerate offensive attacks as well.

Read More Vulnerability Detection Tops Agentic AI at RSAC’s Startup Competition
Blog

SystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 Servers

A proxy network known as REM Proxy is powered by malware known as SystemBC, offering about 80% of the botnet to its users, according to new findings from the Black Lotus Labs team at Lumen Technologies. “REM Proxy is a sizeable network, which also markets a pool of 20,000 Mikrotik routers and a variety of…

Read More SystemBC Powers REM Proxy With 1,500 Daily VPS Victims Across 80 C2 Servers
Blog

How ‘Open Innovation’ Can Help Solve Problems Faster, Better & Cheaper

Cybersecurity is not just a technical challenge but also a very human one. The more humans that organizations can get involved, the more diverse perspectives and experiences that can be tapped into.

Read More How ‘Open Innovation’ Can Help Solve Problems Faster, Better & Cheaper
Blog

New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea

The North Korea-linked threat actor known as Kimsuky has distributed a previously undocumented backdoor codenamed HttpTroy as part of a likely spear-phishing attack targeting a single victim in South Korea. Gen Digital, which disclosed details of the activity, did not reveal any details on when the incident occurred, but noted that the phishing email contained…

Read More New HttpTroy Backdoor Poses as VPN Invoice in Targeted Cyberattack on South Korea
Blog

Apache TomCat AJP File Inclusion Vulnerability

FortiGuard Labs is aware of a new attack on Apache Tomcat Servers dubbed “GhostCat.” Discovered by Chaitin Tech, a vulnerability in Apache Tomcat exists where an attacker has the ability to read and write in the webapp directory of Apache Tomcat. It addition to this, an attacker has the ability to upload files to the…

Read More Apache TomCat AJP File Inclusion Vulnerability
Blog

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center. The two critical-rated vulnerabilities in question are listed below – CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in…

Read More Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Related