Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Mitigating Advanced Persistent Threats with Cyber Security

The financial stakes of a modern cyberattack are higher than ever, threatening not just data, but the very survival of your company. According to IBM's Cost of a Data Breach 2024 report, the average cost of a data breach for companies has reached $4.9 million. This staggering figure factors in devastating operational downtime, lost business, and expensive post-breach responses. It is a harsh reality that forces IT leaders to rethink their entire approach to digital safety.

Defending energy infrastructure in the age of Mythos

The Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) has released its first five-year strategic plan, following the broader national cybersecurity strategy. It’s coming at a time when the energy cybersecurity landscape is changing quickly, in some cases faster than operators can realistically keep up.

QEMU abused to evade detection and enable ransomware delivery

Sophos analysts are investigating the active abuse of QEMU, an “open-source machine emulator and virtualizer,” by threat actors seeking to hide malicious activity within virtualized environments. Attackers are drawn to QEMU and more common hypervisor-based virtualization tools like Hyper-V, VirtualBox, and VMware because malicious activity within a virtual machine (VM) is essentially invisible to endpoint security controls and leaves little forensic evidence on the host itself.

Secure by Design: Building cybersecurity into the foundation

Secure by Design: Building cybersecurity into the foundation An explainer of why this philosophy matters and how it reduces attack surface from the inside Secure by Design is a software development philosophy that treats security as a foundational requirement rather than an afterthought.

Sophos Firewall: Configuration Studio

An overview of the new Sophos Firewall Configuration Studio, the newest version of the Firewall Configuration Viewer. This standalone, browser-based tool converts firewall configurations into a clear, human-readable format, enhancing your viewing, auditing, documentation, and comparison capabilities. All data is processed locally, so your information remains 100% private. Ask questions and get expert answers in the Sophos Community.

Detect runtime threats in Python Lambda functions with Datadog AAP

Python AWS Lambda functions are ephemeral and highly distributed, which creates security visibility gaps that traditional perimeter defenses and proxy-based controls struggle to fill. Techniques such as credential stuffing, SQL injection, and server-side request forgery (SSRF) can look like legitimate application traffic, making them difficult to identify without visibility inside the application itself.

The vulnerability flood is here. Here's what it means - and how to prepare

We can't control the pace of AI-driven vulnerability discovery, but we can control how fast we respond. Last week, Thomas Ptacek published a piece arguing that vulnerability research is cooked. His thesis: AI agents are about to drown us in a steady stream of validated, exploitable, high-severity vulnerabilities, faster than anyone can patch them. But from where I sit, the more urgent question isn't whether the flood is coming, but whether the infrastructure we depend on can absorb it.