152  0 Kommentare Sophos Launches Rapid Response Service to Identify and Neutralize Active Cybersecurity Attacks

Sophos Rapid Response has identified the first known use of the Buer malware dropper to deliver ransomware. In new research published today from Sophos Rapid Response and SophosLabs, “Hacks for sale: Inside the Buer Loader Malware-as-a-Service,” Sophos details how Buer compromises Windows PCs, and enables attackers to deliver a payload. Sophos Rapid Response made the discovery while mitigating a recent Ryuk ransomware attack, which was detected and stopped as part of a wave of Ryuk attacks using new tools, techniques and procedures. In this incident, the relentless attackers used a new variant of Buer in an attempt to launch Ryuk ransomware, before expanding their efforts to mix the use of Buer with other types of loader malware.

Lesen Sie auch

Quartalszahlen

Der Hype ist real: Microsoft überzeugt mit starkem KI-Wachstum!

vor 1 Stunde

Im Höhenflug

Rüstungskonzern Saab hebt Umsatzprognose nach starkem Quartalsergebnis an

heute 09:05

Umsatzentwicklung enttäuscht

Nicht schon wieder: Intel crasht erneut!

heute 07:07

Starkes Debüt

Microsofts nächster Streich: So gut lief der erste Börsentag für Rubrik

heute 06:22

“When you’re hit with an attack, time is of the essence. Every minute between initial compromise and neutralization counts as adversaries race through the attack lifecycle,” said Joe Levy, chief technology officer at Sophos. “Advanced attacks can quickly halt business operations, and IT managers who have experienced ransomware firsthand know this all too well, reporting the need to spend proportionately more time on incident response and less time on threat prevention than those who haven’t been hit. Sophos Rapid Response disrupts active attacks, eliminating the complex and time consuming process of stopping determined attackers, so organizations can get back to their normal operations faster.”