Security news aggregator

Latest coverage for Sophos

Sophos provides cybersecurity software and appliances, whose vulnerabilities, advisories, and deployments can affect network defense and endpoint security.

16 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Sophos is a cybersecurity vendor whose products include endpoint and server protection, network firewalls, email security, cloud-based administration, and managed detection services. The tag generally covers vulnerabilities and security advisories affecting these products, as well as their detection capabilities, updates, integrations, and operational use.

Security concerns vary by deployment. Internet-facing Sophos Firewall appliances and management interfaces are high-value targets: an unpatched vulnerability or exposed administrative service can enable unauthorized access to the appliance or connected networks. Administrators should monitor Sophos advisories, apply firmware and software updates promptly, restrict management access, and use strong authentication. Sophos Central and endpoint agents also hold broad administrative authority and collect security telemetry, so compromised accounts, unsafe exclusions, faulty policy changes, or disabled agents can reduce detection and containment. During an investigation, preserve relevant endpoint and firewall logs and verify that alert forwarding and response integrations are functioning rather than assuming protection is active.

Volume over time

Weekly headline count for the current query.

Showing 16 most recent headlines Filtered view

UK Rollout to Link Arco's Cybersecurity Assurance With Sophos's Threat IntelligenceSophos acquired Arco to expand into cybersecurity assurance and compliance, launching a new CISO Advantage capability. The company plans a phased rollout starting in the U.K., integrating Arco’s risk and regulatory mapping platform with Sophos Central and its global threat intelligence operations.

Experts Say MDR Services and Proactive Defense Can Break the Payment CycleAPJ organizations face a ransomware paradox: demands dropped 50% to $500,000, yet 54% paid the threat actors. The new Sophos report shows why firms continue paining, how successful negotiations work and what proactive defenses can stop attacks before encryption begins

Vendors Consolidate Endpoint, Managed Offerings to Combat Major Industry PlayersRising competition from CrowdStrike and Microsoft is driving MDR and EDR providers to consolidate. Companies such as Sophos and Arctic Wolf are acquiring endpoint or managing security technology to enhance detection and response capabilities, signaling a shift toward full-stack security solutions.

Cuts Hit Duplicative Roles, Positions Rooted in Secureworks Being a Public CompanySophos laid off 6% of its staff just days after closing its $859 million acquisition of Secureworks. The job cuts will streamline duplicative roles following the Feb. 3 close of the Secureworks deal as well as reduce positions that are no longer needed since Secureworks delisted as a public company.

Bank Info Security 1 year, 5 months ago

Patching Lags for Vulnerabilities Targeted by Salt Typhoon

Chinese Hackers Hitting Unpatched Products From Microsoft, Sophos, Fortinet, IvantiChinese nation-state hackers who surreptitiously gained "broad and full" access to telecommunications networks in the U.S. and dozens of other countries have regularly exploited known flaws in their networking gear that the victims failed to patch, security experts have warned.

Bank Info Security 1 year, 6 months ago

Breach Roundup: Cyberattack Disrupts Japan Airlines

Also, US Court Rules NSO Group Violated Hacking Laws With Pegasus SpywareThis week, cyberattack disrupts Japan Airlines, U.S. court rules NSO Group violated hacking laws, the European Space Agency’s web store hacked, FTC orders Marriott to overhaul data security, Sophos patches critical firewall flaws and Apache fixes critical SQL injection in Traffic Control.

Tianfeng Guan Allegedly Developed Zero-Day Exploit of Sophos XG FirewallThe U.S. federal government rolled out its heavy guns Tuesday against a Chinese hacker allegedly at the center of a zero-day exploit used to hack firewalls made by Sophos, unsealing an indictment, rolling out sanctions and offering $10 million for information leading to the suspect's arrest.

Bank Info Security 1 year, 8 months ago

Sophos Discloses Half Decade of Sustained Chinese Attack

Volt Typhoon, APT31, APT41 Targeted Sophos Edge DevicesFirewall maker Sophos disclosed Thursday a half-decade worth of efforts by multiple nation-state Chinese hacking groups to infiltrate its appliances, calling the admission a wake-up call for the cybersecurity industry. Targeting firewall appliances is a known nation state tactic as hackers

$859M Purchase Targets Secureworks’ XDR Platform to Enhance Sophos' MDR OfferingsSophos aims to strengthen its cybersecurity portfolio by acquiring Secureworks for $859 million, said CEOs Joe Levy and Wendy Thomas. The deal focuses on bringing together Secureworks' Taegis XDR platform and Sophos' existing MDR services to provide better cyber defense for businesses of all sizes.

Bank Info Security 23 Oct 2024, 11:30 a.m. Sophos XDR

Deal Enhances Sophos’ Managed Security Portfolio, Adds AI-Powered Taegis XDR ToolSophos is acquiring Secureworks in a deal valued at $859 million, aiming to integrate its managed security services with Secureworks' Taegis XDR platform. This merger is expected to deliver advanced detection and response capabilities, and enhance global cybersecurity for businesses of all sizes.

Bank Info Security 1 year, 9 months ago

Sophos: Attacks Drop in Nearly All Sectors But Healthcare

Survey Finds 37% of Providers Take Over a Month to Recover From RansomwareRansomware attacks are declining across many sectors - but not in healthcare, where an ongoing surge is reaching a four-year high in incidents, according to new research from security firm Sophos, which surveyed 5,000 IT leaders across 15 sectors and 14 countries between January and February.

Bank Info Security 2 years, 1 month ago

Chinese South China Sea Cyberespionage Campaign Unearthed

Sophos Finds 3 Clusters of Activity Dating at Least to May 2023A government agency in a country that has repeatedly clashed with China over Beijing's territorial ambitions in the South China Sea was the subject of a prolonged cyberespionage campaign that used previously undetected backdoors and partially overlaps with known Sino state threat actors.

Bank Info Security 2 years, 2 months ago

The State of Ransomware 2024

How Attacks Have Changed; New Insights Into How an Attack Affects the BusinessThe fifth annual Sophos State of Ransomware Report combines year-on-year insights with brand-new areas of study. It includes a deep dive into ransom demands and ransom payments and shines new light on the role of law enforcement in ransomware remediation.

Bank Info Security 2 years, 5 months ago

Sophos' Kris Hagerman Steps Down as CEO, Joe Levy Takes Helm

Hagerman Moves to Advisory Role After Leading Company for the Past 12 YearsSophos announced Thursday that its CEO for the past 12 years, Kris Hagerman, has stepped down. Long-time Sophos executive Joe Levy, who has nearly three decades of experience in cybersecurity products and services, is the new president and acting CEO, "effective immediately."

Bank Info Security 2 years, 7 months ago

Breach Roundup: Filipinos Under Fire From 'Mustang Panda'

Also, Kansas Courts Say Ongoing Outage Traces to Attack; Confidential Data StolenThis week's data breach roundup: Chinese-affiliated hackers target the Philippine government; Kansas Courts confirm data theft, officials warn of exploited flaws in Sophos, Oracle and Microsoft software; AutoZone discloses a Clop ransomware attack; Optus' CEO resigns after network outage.