Security news aggregator

Latest coverage for Sophos

Sophos provides cybersecurity software and appliances, whose vulnerabilities, advisories, and deployments can affect network defense and endpoint security.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Sophos is a cybersecurity vendor whose products include endpoint and server protection, network firewalls, email security, cloud-based administration, and managed detection services. The tag generally covers vulnerabilities and security advisories affecting these products, as well as their detection capabilities, updates, integrations, and operational use.

Security concerns vary by deployment. Internet-facing Sophos Firewall appliances and management interfaces are high-value targets: an unpatched vulnerability or exposed administrative service can enable unauthorized access to the appliance or connected networks. Administrators should monitor Sophos advisories, apply firmware and software updates promptly, restrict management access, and use strong authentication. Sophos Central and endpoint agents also hold broad administrative authority and collect security telemetry, so compromised accounts, unsafe exclusions, faulty policy changes, or disabled agents can reduce detection and containment. During an investigation, preserve relevant endpoint and firewall logs and verify that alert forwarding and response integrations are functioning rather than assuming protection is active.

Showing 4 most recent headlines Filtered view
Bank Info Security 1 year, 5 months ago

Patching Lags for Vulnerabilities Targeted by Salt Typhoon

Chinese Hackers Hitting Unpatched Products From Microsoft, Sophos, Fortinet, IvantiChinese nation-state hackers who surreptitiously gained "broad and full" access to telecommunications networks in the U.S. and dozens of other countries have regularly exploited known flaws in their networking gear that the victims failed to patch, security experts have warned.

That invitation to a Teams call on which IT promises to mop up a spamstorm may not be what it seems Two ransomware campaigns are abusing Microsoft Teams to infect organizations and steal data, and the crooks may have ties to Black Basta and FIN7, according to Sophos.…