Sophos
Sophos Firewall v21.5 is now available
Following a very busy and successful early access program, the Sophos Firewall team is pleased to announce that v21.5 is now available to all licensed Sophos partners and customers. This release brings an industry-first innovation: integrating Network Detection and Response (NDR), which enhances active threat detection on your network. What’s new overview Watch this brief…
An industry first: Sophos Firewall and NDR Essentials
Sophos Firewall v21.5 introduces an innovative industry first: Network Detection and Response (NDR) integrated with a firewall. Why NDR is Important Network Detection and Response (NDR) is a category of network security products designed to detect abnormal traffic behavior, helping identify active adversaries operating on the network. Skilled attackers are very effective at evading detection,…
Sophos MDR: New analyst response actions for Microsoft 365
Businesses of all sizes are increasingly reliant on productivity tools like Microsoft 365 — and attackers are using this to their advantage. Business email compromise and account takeover attacks are prevalent, with adversaries accessing M365 environments using techniques that may evade detection by technology alone. Organizations need 24/7 visibility and a fully staffed security operations…
The Sophos Annual Threat Report: Cybercrime on Main Street 2025
Small businesses are a prime target for cybercrime, as we highlighted in our last annual report. Many of the criminal threats we covered in that report remained a major menace in 2024, including ransomware–which remains a primary existential cyber threat to small and midsized organizations. Ransomware cases accounted for 70 percent of Sophos Incident Response…
Sophos Annual Threat Report appendix: Most frequently encountered malware and abused software
This appendix to our Annual Threat Report provides additional statistics on incident data and telemetry detailing the tools used by cybercriminals targeting small and midsized businesses (SMBs). For a broader look at the threat landscape facing SMBs, see our main report. Appendix Contents: Most frequently-encountered malware types Small and midsized businesses face a vast set…
Sophos Firewall v21.5 early access is now available
We’re pleased to announce that the early access program (EAP) is now underway for the latest Sophos Firewall release. This update brings exciting industry-first enhancements and top-requested features, including… Sophos NDR Essentials integration Set up and monitor NDR Essentials threat feeds under the Active Threat Response menu. Sophos Firewall customers with Xstream Protection now get…
It takes two: The 2025 Sophos Active Adversary Report
The Sophos Active Adversary Report celebrates its fifth anniversary this year. The report grew out of a simple question: What happens after attackers breach a company? Knowing the adversary’s playbook, after all, helps defenders better battle an active attack. (There’s a reason we started life as “The Active Adversary Playbook.”) At the same time we…
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”
Sophos X-Ops’ Managed Detection and Response (MDR) is actively responding to incidents tied to two separate groups of threat actors, each of which have used the functionality of Microsoft’s Office 365 platform to gain access to targeted organizations with the likely goal of stealing data and deploying ransomware. Sophos MDR began investigating these two separate…
The Bite from Inside: The Sophos Active Adversary Report
It’s not news that 2024 has been a tumultuous year on many fronts. For our second Active Adversary Report of 2024, we’re looking specifically at patterns and developments we noted during the first half of the year (1H24). Though the year itself was in many ways unremarkable on the surface for those charged with the…