Sophos

The next wave of AI adoption is here. Open-source models like #DeepSeek are making GenAI more accessible, but at what cost? When security tools integrate these models, they also inherit their risks—risks that 89% of IT and #CybersecurityLeaders say they’re concerned about.   Organizations need to prioritize informed risk assessment whenever they adopt new AI models. Security teams must ask themselves: have we evaluated the #AI security of these models - and do we have the expertise to make an informed assessment? Without this, IT leaders open up their data to hidden vulnerabilities. Learn more in Chester Wisniewski's article: https://bit.ly/3WFPDEB

Want to dive into the world of threat intelligence and #malware analysis? Our latest Threat Intelligence Foundation Series breaks down complex #cybersecurity concepts for both seasoned pros and newcomers. In Episode 1, Paul Jaramillo, Sophos’ director of threat hunting and intelligence, discuss' why threat intelligence is vital to any security program, the challenges that organizations face currently in searching for these threats, and how Sophos uses the intelligence we collect to protect our customers. Watch now for actionable insights and expert guidance: https://bit.ly/42wLYNe

Im Herbst 2024 hat die Niedersächsische Landesregierung eine neue, umfassende #Cybersicherheitsstrategie beschlossen, die das Land besser gegen die wachsenden Bedrohungen im digitalen Raum schützen soll. Die zunehmende Professionalisierung und globale Vernetzung der #Cyberkriminalität erfordern eine enge Zusammenarbeit aller Akteure. Zu diesem Thema findet am Donnerstag, 30. Januar 2025 der "cyber_sicherheitstag niedersachsen", organisiert vom Behörden Spiegel, statt. Sascha Pfeiffer (Senior Director Sales Engineering, Sophos) wird an diesem Tag um 10:55 Uhr in seinem Vortrag "#KI als Cyberwaffe: Risiken und Gegenstrategien" den Teilnehmern spannende Einblicke geben. Mehr Infos zum Event: https://lnkd.in/eCE8ScH5

AI is becoming a critical tool in #cybersecurity, helping organizations tackle challenges faster and more efficiently. However, different organizations have different priorities when it comes to generative AI. “As with many things in life, the mantra should be ‘trust but verify,’” says Chester Wisniewski, Sophos’ Global Field CTO. “We haven’t taught machines to think; we’ve just given them the context to process large amounts of data faster.” Organizations should pair #AI tools with human oversight and clear accountability to maximize benefits while managing risks. Learn more: https://bit.ly/3WAJRnT

In 2025, data breaches remain a daily concern, highlighting the ongoing need to prioritize the protection of personal information Data Privacy Day is a reminder of why we must safeguard sensitive information in today’s data-driven world. Proactive measures and strong cybersecurity practices — such as using strong passwords, enabling MFA, and staying informed about potential threats — protects your data. Minimize risks by understanding the best practices for #DataProtection.

On Friday, Ross McKerchar, Sophos' CISO, was featured on ITV News, discussing the latest developments in Chinese cyber threats. This follows our announcement of Pacific Rim, Sophos' 5-year defensive and counter-offensive operation targeting state-sponsored adversaries based in China. The segment highlighted China’s growing role in cyberattacks against critical infrastructure and the evolving tactics of these cybercriminals. If you missed it, watch the full story on ITV News: https://lnkd.in/d4xbVqgz #Cybersecurity #ITVNews #CyberAwareness #Sophos #PacificRim

Cybersecurity solutions should not come with tradeoffs. As your organization faces increased risks and operational disruptions, you can build defenses and resilience without sacrificing efficiency. Our commitment to innovation provides your team with the strategies and tools to keep up with the challenging landscape. Learn more: https://bit.ly/4hrQ3GC

Imagine a threat actor "email bombing" your employee with 3,000 emails in 45 minutes, then calling them from Microsoft Teams from an account named “Help Desk Manager", posing as tech support. Our Sophos MDR team have reported a rise in these social engineering tactics to deploy #ransomware. Once the threat actors have the employee on the Teams call, they are instructing the employee to allow a remote screen control session through Teams, where the attacker is able to execute malware, directly onto the users device. Sophos MDR also observed the threat actors then accessing a network diagram for one targeted organization drawn in Visio, most likely to plan further lateral movement and impact phases of the attack. Organizations should restrict external Teams calls to trusted partners and limit remote access tools like Quick Assist to authorized IT staff. Raise employee awareness of these tactics, which often fall outside standard anti-phishing training, to strengthen your defense. Learn more: https://lnkd.in/d5ix9jB2

Chester Wisniewski, Director and Global Field CTO, shares insights from a five-year defensive and counter-offensive operation with state-sponsored adversaries based in China. Take a listen to our latest Inside Pacific Rim entry with Chester and Joe Levy, CEO, as they share key insights from the report in this six-part series. Watch now: https://bit.ly/42iBVvk

Attackers don’t need to bring their own tools — they exist on your system already. Artifacts and #LOLbins are tools that are pre-installed on your systems and, when exposed, allow for cyberattacks to take place. Learn how you can combat these exploits in the latest Active Adversary Report: https://bit.ly/41rpWuQ