Sorry

This feed does not validate.

In addition, interoperability with the widest range of feed readers could be improved by implementing the following recommendation.

Source: https://news.sophos.com/feed/

  1. <?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
  2. xmlns:content="http://purl.org/rss/1.0/modules/content/"
  3. xmlns:wfw="http://wellformedweb.org/CommentAPI/"
  4. xmlns:dc="http://purl.org/dc/elements/1.1/"
  5. xmlns:atom="http://www.w3.org/2005/Atom"
  6. xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
  7. xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
  8. xmlns:media="http://search.yahoo.com/mrss/"
  9. >
  10.  
  11. <channel>
  12. <title>Sophos News</title>
  13. <atom:link href="https://news.sophos.com/en-us/feed/" rel="self" type="application/rss+xml" />
  14. <link>https://news.sophos.com/en-us/</link>
  15. <description>The Sophos Blog</description>
  16. <lastBuildDate>Fri, 29 Aug 2025 13:37:35 +0000</lastBuildDate>
  17. <language>en-US</language>
  18. <sy:updatePeriod>
  19. hourly </sy:updatePeriod>
  20. <sy:updateFrequency>
  21. 1 </sy:updateFrequency>
  22. <generator>https://wordpress.org/?v=6.8.2</generator>
  23.  
  24. <image>
  25. <url>https://news.sophos.com/wp-content/uploads/2025/08/sophos-icon-512x512-1.png?w=32</url>
  26. <title>Sophos News</title>
  27. <link>https://news.sophos.com/en-us/</link>
  28. <width>32</width>
  29. <height>32</height>
  30. </image>
  31. <site xmlns="com-wordpress:feed-additions:1">166161023</site> <item>
  32. <title>Empowering Rural Education: Sophos India’s Volunteering Initiative</title>
  33. <link>https://news.sophos.com/en-us/2025/08/29/empowering-rural-education-sophos-indias-volunteering-initiative/</link>
  34. <comments>https://news.sophos.com/en-us/2025/08/29/empowering-rural-education-sophos-indias-volunteering-initiative/#respond</comments>
  35. <dc:creator><![CDATA[victoriatownsley]]></dc:creator>
  36. <pubDate>Fri, 29 Aug 2025 13:08:35 +0000</pubDate>
  37. <category><![CDATA[#SophosLife]]></category>
  38. <guid isPermaLink="false">https://news.sophos.com/en-us/?p=962561</guid>
  39.  
  40. <description><![CDATA[Transforming Futures: How Sophos India’s volunteers are driving education and hope in rural communities.]]></description>
  41. <wfw:commentRss>https://news.sophos.com/en-us/2025/08/29/empowering-rural-education-sophos-indias-volunteering-initiative/feed/</wfw:commentRss>
  42. <slash:comments>0</slash:comments>
  43. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/Sophos-News-3.png?w=230&#38;h=130&#38;crop=1" medium="image" alt="" />
  44. <post-id xmlns="com-wordpress:feed-additions:1">962561</post-id>
  45. <media:thumbnail url="https://news.sophos.com/wp-content/uploads/2025/08/Sophos-News-3.png" alt="" />
  46. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/Sophos-News-3.png" medium="image" alt="">
  47. <media:title type="html">Sophos News (3)</media:title>
  48. </media:content>
  49.  
  50. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/9744dabc-7673-4f42-a52e-e138e1d36586.jpg?w=300" medium="image" alt="" />
  51.  
  52. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/2099f79b-392b-4a39-9d58-34030f24acc6.jpg?w=300" medium="image" alt="" />
  53.  
  54. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/83ae9a74-79b1-4bc5-898a-cccdb5b29d98.jpg?w=300" medium="image" alt="" />
  55.  
  56. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/d13339bb-611c-430d-8a84-b9cfb5f446cb.jpg?w=300" medium="image" alt="" />
  57. </item>
  58. <item>
  59. <title>Defend what matters: Introducing Sophos Endpoint for Legacy Platforms</title>
  60. <link>https://news.sophos.com/en-us/2025/08/28/defend-what-matters-introducing-sophos-endpoint-for-legacy-platforms/</link>
  61. <comments>https://news.sophos.com/en-us/2025/08/28/defend-what-matters-introducing-sophos-endpoint-for-legacy-platforms/#respond</comments>
  62. <dc:creator><![CDATA[Doug Aamoth]]></dc:creator>
  63. <pubDate>Thu, 28 Aug 2025 13:03:39 +0000</pubDate>
  64. <category><![CDATA[Products & Services]]></category>
  65. <category><![CDATA[EDR]]></category>
  66. <category><![CDATA[Endpoint]]></category>
  67. <category><![CDATA[EPP]]></category>
  68. <category><![CDATA[featured]]></category>
  69. <category><![CDATA[MDR]]></category>
  70. <category><![CDATA[Sophos Endpoint]]></category>
  71. <category><![CDATA[XDR]]></category>
  72. <guid isPermaLink="false">https://news.sophos.com/en-us/?p=962529</guid>
  73.  
  74. <description><![CDATA[Comprehensive endpoint security for critical systems]]></description>
  75. <wfw:commentRss>https://news.sophos.com/en-us/2025/08/28/defend-what-matters-introducing-sophos-endpoint-for-legacy-platforms/feed/</wfw:commentRss>
  76. <slash:comments>0</slash:comments>
  77. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/legacy.png?w=230&#38;h=130&#38;crop=1" medium="image" alt="legacy" />
  78. <post-id xmlns="com-wordpress:feed-additions:1">962529</post-id>
  79. <media:thumbnail url="https://news.sophos.com/wp-content/uploads/2025/08/legacy.png" alt="legacy" />
  80. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/legacy.png" medium="image" alt="legacy">
  81. <media:title type="html">legacy</media:title>
  82. </media:content>
  83. </item>
  84. <item>
  85. <title>A Bold New Look for a Bold Future: Sophos’ Reimagined Brand</title>
  86. <link>https://news.sophos.com/en-us/2025/08/27/a-bold-new-look-for-a-bold-future-sophos-reimagined-brand/</link>
  87. <comments>https://news.sophos.com/en-us/2025/08/27/a-bold-new-look-for-a-bold-future-sophos-reimagined-brand/#respond</comments>
  88. <dc:creator><![CDATA[tou.mua@sophos.com]]></dc:creator>
  89. <pubDate>Wed, 27 Aug 2025 12:30:14 +0000</pubDate>
  90. <category><![CDATA[Products & Services]]></category>
  91. <guid isPermaLink="false">https://news.sophos.com/en-us/?p=962437</guid>
  92.  
  93. <description><![CDATA[At Sophos, we envision a world where organizations of any size and means have a clear path to superior cybersecurity outcomes. It guides every decision we make from how we design solutions, to how we empower partners – to how we present ourselves as a brand. This is why I am so excited to have [&#8230;]]]></description>
  94. <wfw:commentRss>https://news.sophos.com/en-us/2025/08/27/a-bold-new-look-for-a-bold-future-sophos-reimagined-brand/feed/</wfw:commentRss>
  95. <slash:comments>0</slash:comments>
  96. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/blog_rebranding.png?w=230&#38;h=130&#38;crop=1" medium="image" alt="Sophos rebrand design" />
  97. <post-id xmlns="com-wordpress:feed-additions:1">962437</post-id>
  98. <media:thumbnail url="https://news.sophos.com/wp-content/uploads/2025/08/blog_rebranding.png" alt="Sophos rebrand design" />
  99. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/blog_rebranding.png" medium="image" alt="Sophos rebrand design">
  100. <media:title type="html">sophos defeat cyberattacks</media:title>
  101. </media:content>
  102.  
  103. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/blog-rebranding-01.jpeg" medium="image" alt="Sophos: Defeat Cyberattacks">
  104. <media:title type="html">Sophos: Defeat Cyberattacks</media:title>
  105. </media:content>
  106. </item>
  107. <item>
  108. <title>Velociraptor incident response tool abused for remote access</title>
  109. <link>https://news.sophos.com/en-us/2025/08/26/velociraptor-incident-response-tool-abused-for-remote-access/</link>
  110. <comments>https://news.sophos.com/en-us/2025/08/26/velociraptor-incident-response-tool-abused-for-remote-access/#respond</comments>
  111. <dc:creator><![CDATA[mindimcdowell]]></dc:creator>
  112. <pubDate>Tue, 26 Aug 2025 21:13:13 +0000</pubDate>
  113. <category><![CDATA[Threat Research]]></category>
  114. <category><![CDATA[Attack Tools]]></category>
  115. <category><![CDATA[featured]]></category>
  116. <category><![CDATA[Remote access]]></category>
  117. <category><![CDATA[Velociraptor]]></category>
  118. <category><![CDATA[Visual Studio Code]]></category>
  119. <guid isPermaLink="false">https://news.sophos.com/en-us/?p=962517</guid>
  120.  
  121. <description><![CDATA[This approach represents an evolution from threat actors abusing remote monitoring and management tools ]]></description>
  122. <wfw:commentRss>https://news.sophos.com/en-us/2025/08/26/velociraptor-incident-response-tool-abused-for-remote-access/feed/</wfw:commentRss>
  123. <slash:comments>0</slash:comments>
  124. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/Velociraptor2508-hero.jpg?w=230&#38;h=130&#38;crop=1" medium="image" alt="" />
  125. <post-id xmlns="com-wordpress:feed-additions:1">962517</post-id>
  126. <media:thumbnail url="https://news.sophos.com/wp-content/uploads/2025/08/Velociraptor2508-hero.jpg" alt="" />
  127. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/Velociraptor2508-hero.jpg" medium="image" alt="" />
  128.  
  129. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/Velociraptor2508-fig1.png" medium="image" alt="Velociraptor creating Visual Studio Code tunnel">
  130. <media:title type="html">Velociraptor creating Visual Studio Code tunnel</media:title>
  131. </media:content>
  132. </item>
  133. <item>
  134. <title>Threat Intelligence Executive Report – Volume 2025, Number 4</title>
  135. <link>https://news.sophos.com/en-us/2025/08/20/threat-intelligence-executive-report-volume-2025-number-4/</link>
  136. <comments>https://news.sophos.com/en-us/2025/08/20/threat-intelligence-executive-report-volume-2025-number-4/#respond</comments>
  137. <dc:creator><![CDATA[mindimcdowell]]></dc:creator>
  138. <pubDate>Wed, 20 Aug 2025 16:57:37 +0000</pubDate>
  139. <category><![CDATA[Threat Research]]></category>
  140. <category><![CDATA[featured]]></category>
  141. <category><![CDATA[Iran]]></category>
  142. <category><![CDATA[israel]]></category>
  143. <category><![CDATA[law enforcement action]]></category>
  144. <category><![CDATA[LummaC2]]></category>
  145. <category><![CDATA[naming conventions]]></category>
  146. <guid isPermaLink="false">https://news.sophos.com/en-us/?p=962413</guid>
  147.  
  148. <description><![CDATA[This issue of the Counter Threat Unit’s high-level bimonthly report discusses noteworthy updates in the threat landscape during May and June]]></description>
  149. <wfw:commentRss>https://news.sophos.com/en-us/2025/08/20/threat-intelligence-executive-report-volume-2025-number-4/feed/</wfw:commentRss>
  150. <slash:comments>0</slash:comments>
  151. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/TI-Exec-Report-Volume-2025-Number-4.png?w=230&#38;h=130&#38;crop=1" medium="image" alt="Threat Intelligence Executive Report cover image for Volume 2025 Number 4" />
  152. <post-id xmlns="com-wordpress:feed-additions:1">962413</post-id>
  153. <media:thumbnail url="https://news.sophos.com/wp-content/uploads/2025/08/TI-Exec-Report-Volume-2025-Number-4.png" alt="Threat Intelligence Executive Report cover image for Volume 2025 Number 4" />
  154. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/TI-Exec-Report-Volume-2025-Number-4.png" medium="image" alt="Threat Intelligence Executive Report cover image for Volume 2025 Number 4">
  155. <media:title type="html">Threat Intelligence Executive Report cover image for Volume 2025 Number 4</media:title>
  156. </media:content>
  157.  
  158. <media:content url="https://news.sophos.com/wp-content/uploads/2025/07/TI-Exec-Report-checkmark-Sophos-blue.png?w=66" medium="image" alt="Checkmark icon for the &#039;What to do next&#039; sections">
  159. <media:title type="html">Checkmark icon for the &#039;What to do next&#039; sections</media:title>
  160. </media:content>
  161.  
  162. <media:content url="https://news.sophos.com/wp-content/uploads/2025/07/TI-Exec-Report-checkmark-Sophos-blue.png?w=66" medium="image" alt="Checkmark icon for the &#039;What to do next&#039; sections">
  163. <media:title type="html">Checkmark icon for the &#039;What to do next&#039; sections</media:title>
  164. </media:content>
  165.  
  166. <media:content url="https://news.sophos.com/wp-content/uploads/2025/07/TI-Exec-Report-checkmark-Sophos-blue.png?w=66" medium="image" alt="Checkmark icon for the &#039;What to do next&#039; sections">
  167. <media:title type="html">Checkmark icon for the &#039;What to do next&#039; sections</media:title>
  168. </media:content>
  169. </item>
  170. <item>
  171. <title>The State of Ransomware in Retail 2025</title>
  172. <link>https://news.sophos.com/en-us/2025/08/19/the-state-of-ransomware-in-retail-2025/</link>
  173. <comments>https://news.sophos.com/en-us/2025/08/19/the-state-of-ransomware-in-retail-2025/#respond</comments>
  174. <dc:creator><![CDATA[rajansanhotra]]></dc:creator>
  175. <pubDate>Tue, 19 Aug 2025 12:31:15 +0000</pubDate>
  176. <category><![CDATA[Products & Services]]></category>
  177. <category><![CDATA[PRODUCTS & SERVICES]]></category>
  178. <category><![CDATA[Ransomware]]></category>
  179. <category><![CDATA[Retail]]></category>
  180. <category><![CDATA[Solutions]]></category>
  181. <category><![CDATA[The State of Ransomware]]></category>
  182. <guid isPermaLink="false">https://news.sophos.com/en-us/?p=962384</guid>
  183.  
  184. <description><![CDATA[361 IT and cybersecurity leaders reveal the ransomware realities for retail businesses today.]]></description>
  185. <wfw:commentRss>https://news.sophos.com/en-us/2025/08/19/the-state-of-ransomware-in-retail-2025/feed/</wfw:commentRss>
  186. <slash:comments>0</slash:comments>
  187. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/State-of-Ransomware-Retail-1.png?w=230&#38;h=130&#38;crop=1" medium="image" alt="The State of Ransomware in Retail 2025" />
  188. <post-id xmlns="com-wordpress:feed-additions:1">962384</post-id>
  189. <media:thumbnail url="https://news.sophos.com/wp-content/uploads/2025/08/State-of-Ransomware-Retail-1.png" alt="The State of Ransomware in Retail 2025" />
  190. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/State-of-Ransomware-Retail-1.png" medium="image" alt="The State of Ransomware in Retail 2025">
  191. <media:title type="html">State of Ransomware Retail (1)</media:title>
  192. </media:content>
  193.  
  194. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/Organizational-root-cause-of-attacks-in-retail-1.png" medium="image" alt="" />
  195.  
  196. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/Data-encryption-rate-in-retail.png" medium="image" alt="" />
  197.  
  198. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/Recovery-of-encrypted-data-in-retail.png" medium="image" alt="" />
  199. </item>
  200. <item>
  201. <title>August Patch Tuesday includes blasts from the (recent) past</title>
  202. <link>https://news.sophos.com/en-us/2025/08/13/august-patch-tuesday-includes-blasts-from-the-recent-past/</link>
  203. <dc:creator><![CDATA[Angela Gunn]]></dc:creator>
  204. <pubDate>Wed, 13 Aug 2025 17:48:47 +0000</pubDate>
  205. <category><![CDATA[Threat Research]]></category>
  206. <category><![CDATA[Bug]]></category>
  207. <category><![CDATA[CVE]]></category>
  208. <category><![CDATA[featured]]></category>
  209. <category><![CDATA[Microsoft]]></category>
  210. <category><![CDATA[Patch Tuesday]]></category>
  211. <category><![CDATA[Windows]]></category>
  212. <guid isPermaLink="false">https://news.sophos.com/en-us/?p=962356</guid>
  213.  
  214. <description><![CDATA[Microsoft haul this month covers 109 CVEs… more or less]]></description>
  215. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/shutterstock_119638627.jpg?w=230&#38;h=130&#38;crop=1" medium="image" alt="" />
  216. <post-id xmlns="com-wordpress:feed-additions:1">962356</post-id>
  217. <media:thumbnail url="https://news.sophos.com/wp-content/uploads/2025/08/shutterstock_119638627.jpg" alt="" />
  218. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/shutterstock_119638627.jpg" medium="image" alt="" />
  219.  
  220. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/pt2508-fig01.png" medium="image" alt="A bar chart showing the impact and severity of bugs addressed in the August 2025 Patch Tuesday; described in article text">
  221. <media:title type="html">A bar chart showing the impact and severity of bugs addressed in the August 2025 Patch Tuesday; described in article text</media:title>
  222. </media:content>
  223.  
  224. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/pt2508-fig02.png" medium="image" alt="A bar chart showing the product families addressed in the August 2025 Patch Tuesday; described in article text">
  225. <media:title type="html">A bar chart showing the product families addressed in the August 2025 Patch Tuesday; described in article text</media:title>
  226. </media:content>
  227.  
  228. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/pt2508-fig03.png" medium="image" alt="A bar chart showing the impact and severity of bugs addressed in the 2025 Patch Tuesday releases; described in article text">
  229. <media:title type="html">A bar chart showing the impact and severity of bugs addressed in the 2025 Patch Tuesday releases; described in article text</media:title>
  230. </media:content>
  231. </item>
  232. <item>
  233. <title>Enhancements and new offerings for Sophos’ email security portfolio</title>
  234. <link>https://news.sophos.com/en-us/2025/08/12/enhancements-and-new-offerings-for-sophos-email-security-portfolio/</link>
  235. <dc:creator><![CDATA[Editor]]></dc:creator>
  236. <pubDate>Tue, 12 Aug 2025 13:00:42 +0000</pubDate>
  237. <category><![CDATA[Products & Services]]></category>
  238. <category><![CDATA[Email]]></category>
  239. <guid isPermaLink="false">https://news.sophos.com/en-us/?p=962293</guid>
  240.  
  241. <description><![CDATA[Following multiple enhancements to Sophos Email – the only MDR-optimized email security solution – Sophos is introducing two new offerings to boost email security posture.]]></description>
  242. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/sophos-email-launch-news-blog-banner_1200x675.png?w=230&#38;h=130&#38;crop=1" medium="image" alt="" />
  243. <post-id xmlns="com-wordpress:feed-additions:1">962293</post-id>
  244. <media:thumbnail url="https://news.sophos.com/wp-content/uploads/2025/08/sophos-email-launch-news-blog-banner_1200x675.png" alt="" />
  245. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/sophos-email-launch-news-blog-banner_1200x675.png" medium="image" alt="">
  246. <media:title type="html">sophos-email-launch-news-blog-banner_1200x675</media:title>
  247. </media:content>
  248.  
  249. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/Sophos-Email-Blog-Screenshot.png" medium="image" alt="" />
  250. </item>
  251. <item>
  252. <title>Sophos AI at Black Hat USA ’25: Anomaly detection betrayed us, so we gave it a new job</title>
  253. <link>https://news.sophos.com/en-us/2025/08/07/sophos-ai-at-black-hat-usa-25-anomaly-detection-betrayed-us-so-we-gave-it-a-new-job/</link>
  254. <dc:creator><![CDATA[Matt Wixey]]></dc:creator>
  255. <pubDate>Thu, 07 Aug 2025 21:30:27 +0000</pubDate>
  256. <category><![CDATA[Threat Research]]></category>
  257. <category><![CDATA[AI]]></category>
  258. <category><![CDATA[anomaly detection]]></category>
  259. <category><![CDATA[Black Hat]]></category>
  260. <category><![CDATA[command line]]></category>
  261. <category><![CDATA[featured]]></category>
  262. <category><![CDATA[LLM]]></category>
  263. <category><![CDATA[Sophos X-Ops]]></category>
  264. <guid isPermaLink="false">https://news.sophos.com/en-us/?p=962274</guid>
  265.  
  266. <description><![CDATA[Following on from our preview, here's Ben Gelman and Sean Bergeron's research on enhancing command line classification with benign anomalous data]]></description>
  267. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/shutterstock_2399544991.jpg?w=230&#38;h=130&#38;crop=1" medium="image" alt="A hand holding a magnifying glass above several blocks containing pictures of triangles. The block directly under the magnifying glass is taller and has a larger triangle on it" />
  268. <post-id xmlns="com-wordpress:feed-additions:1">962274</post-id>
  269. <media:thumbnail url="https://news.sophos.com/wp-content/uploads/2025/08/shutterstock_2399544991.jpg" alt="A hand holding a magnifying glass above several blocks containing pictures of triangles. The block directly under the magnifying glass is taller and has a larger triangle on it" />
  270. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/shutterstock_2399544991.jpg" medium="image" alt="A hand holding a magnifying glass above several blocks containing pictures of triangles. The block directly under the magnifying glass is taller and has a larger triangle on it">
  271. <media:title type="html">Investigate,Abnormally,High,Rates.,A,Jump,In,The,Level,Of</media:title>
  272. </media:content>
  273.  
  274. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/image2_04d3e3-e1754563997722.png" medium="image" alt="Graph as described">
  275. <media:title type="html">Graph as described</media:title>
  276. </media:content>
  277.  
  278. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/image3_f7ae28-e1754564021542.png" medium="image" alt="Graph as described">
  279. <media:title type="html">Graph as described</media:title>
  280. </media:content>
  281. </item>
  282. <item>
  283. <title>Shared secret: EDR killer in the kill chain</title>
  284. <link>https://news.sophos.com/en-us/2025/08/06/shared-secret-edr-killer-in-the-kill-chain/</link>
  285. <dc:creator><![CDATA[Gabor Szappanos]]></dc:creator>
  286. <pubDate>Wed, 06 Aug 2025 14:00:27 +0000</pubDate>
  287. <category><![CDATA[Threat Research]]></category>
  288. <category><![CDATA[avkiller]]></category>
  289. <category><![CDATA[EDR killer]]></category>
  290. <category><![CDATA[featured]]></category>
  291. <category><![CDATA[heartcrypt]]></category>
  292. <category><![CDATA[RansomHub]]></category>
  293. <category><![CDATA[Sophos X-Ops]]></category>
  294. <guid isPermaLink="false">https://news.sophos.com/en-us/?p=961780</guid>
  295.  
  296. <description><![CDATA[A look under the hood at a tool designed to disable protections]]></description>
  297. <media:content url="https://news.sophos.com/wp-content/uploads/2025/07/shutterstock_1484273711.jpg?w=230&#38;h=130&#38;crop=1" medium="image" alt="A person, face obscured, behind a sheet of yellow paper. A torn gap in the paper shows the person putting both hands to their ear as though trying to hear something." />
  298. <post-id xmlns="com-wordpress:feed-additions:1">961780</post-id>
  299. <media:thumbnail url="https://news.sophos.com/wp-content/uploads/2025/07/shutterstock_1484273711.jpg" alt="A person, face obscured, behind a sheet of yellow paper. A torn gap in the paper shows the person putting both hands to their ear as though trying to hear something." />
  300. <media:content url="https://news.sophos.com/wp-content/uploads/2025/07/shutterstock_1484273711.jpg" medium="image" alt="A person, face obscured, behind a sheet of yellow paper. A torn gap in the paper shows the person putting both hands to their ear as though trying to hear something.">
  301. <media:title type="html">Female,Ear,And,Hands,Close-up.,Copy,Space.,Torn,Paper,,Yellow</media:title>
  302. </media:content>
  303.  
  304. <media:content url="https://news.sophos.com/wp-content/uploads/2025/07/ccleaner-fig01.png" medium="image" alt="A screen capture of a description of toolac tivity; it reads &#034;Host -- Defense Evasion -- Look for unusual service installations, especially of kernel drivers, in Windowsl ogs. In this particular case, Cylerian identified a service name containing five random characters and the driver signed by &#034;Changsha Hengxiang Information Technology Co., Ltd.&#034;.">
  305. <media:title type="html">A screen capture of a description of toolac tivity; it reads &#034;Host -- Defense Evasion -- Look for unusual service installations, especially of kernel drivers, in Windowsl ogs. In this particular case, Cylerian identified a service name containing five random characters and the driver signed by &#034;Changsha Hengxiang Information Technology Co., Ltd.&#034;.</media:title>
  306. </media:content>
  307.  
  308. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/image2.png" medium="image" alt="Code block as described">
  309. <media:title type="html">Code block as described</media:title>
  310. </media:content>
  311.  
  312. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/image3.png" medium="image" alt="Code block as described">
  313. <media:title type="html">Code block as described</media:title>
  314. </media:content>
  315.  
  316. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/image4.png" medium="image" alt="Code block as described">
  317. <media:title type="html">Code block as described</media:title>
  318. </media:content>
  319.  
  320. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/image5.png" medium="image" alt="Code block as described">
  321. <media:title type="html">Code block as described</media:title>
  322. </media:content>
  323.  
  324. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/image6.png" medium="image" alt="A screen capture showing that the signature under discussion has been revoked">
  325. <media:title type="html">A screen capture showing that the signature under discussion has been revoked</media:title>
  326. </media:content>
  327.  
  328. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/image7.png" medium="image" alt="A screen capture showing that the certificate has been revoked since 2016">
  329. <media:title type="html">A screen capture showing that the certificate has been revoked since 2016</media:title>
  330. </media:content>
  331.  
  332. <media:content url="https://news.sophos.com/wp-content/uploads/2025/07/ccleaner-fig04.png" medium="image" alt="A screen capture showing a tweet from @threatintel. The last two tweets in the thread provide file hashes. The first tweet reads &#034;Multiple new variants of a malicious driver that first surfaced in 2022 are circulating in the wild. The driver is used by attackers to attempt to disable security solutions.">
  333. <media:title type="html">A screen capture showing a tweet from @threatintel. The last two tweets in the thread provide file hashes. The first tweet reads &#034;Multiple new variants of a malicious driver that first surfaced in 2022 are circulating in the wild. The driver is used by attackers to attempt to disable security solutions.</media:title>
  334. </media:content>
  335.  
  336. <media:content url="https://news.sophos.com/wp-content/uploads/2025/08/image9.png" medium="image" alt="Screen captures showing the signing information for the invalid Fuzhou Dingxin Trade certificate.">
  337. <media:title type="html">Screen captures showing the signing information for the invalid Fuzhou Dingxin Trade certificate.</media:title>
  338. </media:content>
  339. </item>
  340. </channel>
  341. </rss>
  342.  
Copyright © 2002-9 Sam Ruby, Mark Pilgrim, Joseph Walton, and Phil Ringnalda