Connect with us

GRTech

Sophos Launches Industry-First Managed Detection and Response (MDR) Service from an Endpoint Security Provider

Sophos X-Ops Identifies LockBit 3.0 Similarities to BlackMatter; Attackers Use Pentesting and Credential Theft to Evade Detection, Requiring Specialized MDR Skills to Spot Them

Published

on

Sophos Managed Detection and Response 1

Sophos, a global leader in innovating and delivering cybersecurity as a service, has announced the general availability of Sophos Managed Detection and Response (MDR) with new industry-first threat detection and response capabilities.

Sophos is the first endpoint security provider to integrate vendor agnostic telemetry from third-party security technologies into its MDR offering, providing unprecedented visibility and detection across diverse operating environments. Sophos also introduced the Sophos Marketplace and $1 million Sophos Breach Protection Warranty.

The need for MDR services and specialized defenders has never been greater, as shown in today’s new research, “LockBit 3.0 ‘Black’ Attacks and Leaks Reveal Wormable Capabilities and Tooling,” from Sophos X-Ops, the company’s cross-domain threat intelligence unit. The research analyzes tactics, techniques and procedures (TTPs) used by LockBit, one of today’s most prolific ransomware gangs, that are similar to BlackMatter, and explains how the latest version of the ransomware, LockBit 3.0, adds wormable capabilities and uses legitimate pentesting tools to evade detection.

In a second article, “Detection Tools and Human Analysis Lead to a Security Non-Event,” Sophos X-Ops details a recent Sophos MDR use case involving credential theft, another technique that allows adversaries to impersonate legitimate users. In this case, the Sophos MDR team combined its threat hunting intelligence with information from the customer’s third-party security appliance to thwart an attack.

“The only way to reliably detect and neutralize determined attackers who increasingly combine the use of pentesting tools, stolen credentials and other stealthy tactics to maneuver undetected is with 24×7 eyes on glass, operating on signals from a diversity of event sources and employing actionable threat intelligence into real-time attacker behaviors,” said Joe Levy, chief technology and product officer at Sophos. “Organizations are struggling to keep pace with well-funded adversaries who are continuously innovating and industrializing their ability to evade defensive technologies alone. Sophos MDR can discover and intercept these steps before they result in a data breach, ransomware or other type of costly compromise. Sadly, ransomware persists as one of the greatest cybercrime threats to organizations, as evidenced in the Sophos 2023 Threat Report. We’re raising the industry standard for how critical MDR services can be delivered to broaden visibility for better, faster detection and response.”

Industry-First Detection and Response and the New Sophos Marketplace

Sophos is the first leading endpoint security provider delivering MDR across both its own product portfolio as well as end users’ existing security deployments. To support this effort, Sophos launched the Sophos Marketplace, an open ecosystem of more than 75 technology integrations, including Amazon Web Services (AWS), Check Point, CrowdStrike, Darktrace, Fortinet, Google, Microsoft, Okta, Palo Alto Networks, Rapid7, and many others. Expanded visibility across these integrations and diverse operating environments enables Sophos MDR experts to better detect and remediate attacks with speed and precision, regardless of customers’ existing security solutions.

In addition to Sophos MDR, Sophos Marketplace provides third-party integrations for Sophos’ portfolio of services, products and technologies. Telemetry is automatically consolidated, correlated and prioritized with insights from the Sophos Adaptive Cybersecurity Ecosystem and the Sophos X-Ops threat intelligence unit.

Extended Protection Warranty

Sophos stands behind its MDR customers with the new Sophos Breach Protection Warranty that covers up to $1 million in response expenses for organizations protected by Sophos MDR Complete, Sophos’ most comprehensive MDR offering. Underwritten solely by Sophos, the warranty covers endpoints – both Windows and Mac devices – and servers, and unlike competitive offerings, there are no warranty tiers or duration limitations for active customers. This Sophos Breach Protection Warranty is automatically included with all purchases and renewals of Sophos MDR Complete annual subscriptions through Sophos’ global reseller partner network.

Availability

More than 13,000 organizations already rely on Sophos’ existing MDR service for 24/7 threat hunting, detection and response by an expert team as a fully-managed service. The newest offering with third party integration capabilities is available now, and the service is customizable with different tiers and threat response options, enabling customers to choose whether to have the Sophos MDR operations team execute full-scale incident response, provide collaborative assistance for confirmed threats, or deliver detailed alert notifications for their security operations teams to manage themselves.

GrassRoots.ng is on a critical mission; to objectively and honestly represent the voice of ‘grassrooters’ in International, Federal, State and Local Government fora; heralding the achievements of political and other leaders and investors alike, without discrimination. This daily, digital news publication platform serves as the leading source of up-to-date information on how people and events reflect on the global community. The pragmatic articles reflect on the life of the community people, covering news/current affairs, business, technology, culture and fashion, entertainment, sports, State, National and International issues that directly impact the locals.

GRTech

Sophos Releases State of Ransomware in Education report

97% Data Recovery in Schools Shows Progress against Ransomware, But IT Burnout Grows – Sophos

Published

on

Sophos Report Finds Education Sector Strengthening against Ransomware

Sophos, a global leader and innovator of advanced security solutions for defeating cyberattacks, has released its fifth annual Sophos State of Ransomware in Education report. 

Sophos, a global leader and innovator of advanced security solutions for defeating cyberattacks, has released its fifth annual Sophos State of Ransomware in Education report. 

The global study of 441 IT and cybersecurity leaders shows the education sector is making measurable progress in defending against ransomware, with fewer ransom payments, dramatically reduced costs, and faster recovery rates. 

Yet, these gains are accompanied by mounting pressures on IT teams, who report widespread stress, burnout, and career disruptions following attacks – nearly 40% of respondents reported dealing with anxiety.

Over the past five years, ransomware has emerged as one of the most pressing threats to education, with attacks becoming a daily occurrence. Primary and secondary institutions are seen by cybercriminals as “soft targets”, often underfunded, understaffed, and holding highly sensitive data. 

The consequences are severe: disrupted learning, strained budgets, and growing fears over student and staff privacy. Without stronger defenses, schools risk not only losing vital resources but also the trust of the communities they serve.

Indicators of Success against Ransomware

The new Sophos study demonstrates that the education sector is getting better at reacting and responding to ransomware, forcing cybercriminals to evolve their approach. 

Trending data from the Sophos study reveals an increase in attacks where adversaries attempt to extort money without encrypting data. 

Unfortunately, paying the ransom remains part of the solution for about half of all victims. 

However, the payment values are dropping significantly, and for those who have experienced data encryption in ransomware attacks, 97% were able to recover data in some way. The study found several key indicators of success against ransomware in education: 

• Stopping More Attacks: When it comes to blocking attacks before files can be encrypted, both lower and higher education institutions reported their highest success rate in four years (67% and 38% of attacks, respectively) 

• Following the Money: In the last year, ransom demands fell 73% (an average drop of $2.83M), while average payments dropped from $6M to $800K in lower education and from $4M to $463K in higher education.

• Plummeting Cost of Recovery: Outside of ransom payments, average recovery costs dropped 77% in higher education and 39% in lower education. Despite this success, lower education reported the highest recovery bill across all industries surveyed.

Gaps Still Need to be Addressed

While the education sector has made progress in limiting the impact of ransomware, serious gaps remain. In the Sophos study, 64% of victims reported missing or ineffective protection solutions; 66% cited a lack of people (either expertise or capacity) to stop attacks; and 67% admitted to having security gaps. These risks highlight the critical need for schools to focus on prevention, as cybercriminals develop new techniques, including AI-powered attacks.

Highlights from the study that shed light on the gaps that still need to be addressed include: 

• AI-powered threats: Lower education institutions reported that 22% of ransomware attacks had origins in phishing. With AI enabling more convincing emails, voice scams, and even deepfakes, schools risk becoming test grounds for emerging tactics.

• High-value data: Higher education institutions, custodians of AI research and large language model datasets, remain a prime target, with exploited vulnerabilities (35%) and security gaps the provider was not aware of (45%) as leading weaknesses that were exploited by adversaries. 

• Human toll: Every institution with encrypted data reported impacts on IT staff. Over one in four staff members took leave after an attack, nearly 40% reported heightened stress, and more than one-third felt guilt they could not prevent the breach.

“Ransomware attacks on schools are among the most disruptive and brazen crimes,” said Alexandra Rose, Director, CTU Threat Research, Sophos. “It’s encouraging to see schools getting better at responding and recovering, but the real opportunity is to stop attacks before they start. Prevention, backed by strong incident response planning and collaboration with trusted public and private partners, is essential as adversaries adopt new tactics, including AI-driven threats.” 

Holding on to the Gains 

Based on its work protecting thousands of educational institutions, Sophos experts recommend several steps to maintain momentum and prepare for evolving threats:

• Focus on Prevention: The dramatic success of lower education in stopping ransomware attacks before encryption offers a blueprint for broader public sector organizations. Organizations need to couple their detection and response efforts with preventing attacks before they compromise the organization. 

• Secure Funding: Explore new avenues such as the U.S. Federal Communications Commission’s E-Rate subsidies to strengthen networks and firewalls, and the UK’s National Cyber Security Centre initiatives, including its free cyber defence service for schools, to boost overall protection. These resources help schools both prevent and withstand attacks.

• Unify Strategies: Educational institutions should adopt coordinated approaches across sprawling IT estates to close visibility gaps and reduce risks before adversaries can exploit them.

• Relieve Staff Burden: Ransomware takes a heavy toll on IT teams. Schools can reduce pressure and extend their capabilities by partnering with trusted providers for managed detection and response (MDR) and other around-the-clock expertise.

• Strengthen Response: Even with stronger prevention, schools must be prepared to respond when incidents occur. They can recover more quickly by building robust incident response plans, running simulations to prepare for real-world scenarios, and enhancing readiness with 24/7/365 services like MDR.

Data for the State of Ransomware in Education 2025 report comes from a vendor-agnostic survey of 441 IT and cybersecurity leaders – 243 from lower education and 198 from higher education institutions hit by ransomware in the past year. 

The organizations surveyed ranged from 100 – 5,000 employees and across 17 countries. 

The survey was conducted between January and March 2025, and respondents were asked about their experience of ransomware over the previous 12 months.

Download the State of Ransomware in Education 2025 report on Sophos.com.

Continue Reading

GRTech

Sophos Endpoint Now Integrated with Taegis MDR and XDR Strengthening Cybersecurity ROI

Published

on

Sophos new Logo
Sophos Logo

Sophos, a global leader of innovative security solutions for defeating cyberattacks, today announced that Sophos Endpoint is now natively integrated and automatically included in all Taegis Extended Detection and Response (XDR) and Taegis Managed Detection and Response (MDR) subscriptions.

This milestone gives customers immediate access to combined prevention, detection, and response capabilities in a single platform, while lowering costs and simplifying operations.

The integration follows Sophos’ acquisition of Secureworks in February 2025 and represents a major milestone in combining the companies’ strengths to help customers defeat cyberattacks with a higher ROI.

Endpoint protection remains one of the most critical layers of defense against today’s cyberthreats, delivering both frontline prevention and vital telemetry for detection and response. 

With Sophos Endpoint included in all new and existing Taegis XDR and MDR subscriptions, customers can benefit from unmatched ransomware defenses and adversary mitigation capabilities that automatically deploy in the event of an attack.

The integration enables organizations to strengthen protection while lowering licensing costs, reduce management overhead through native integration, and accelerate threat mitigation with expanded response actions.

Taegis remains a fully open platform, ensuring customers continue to receive full value from their existing cybersecurity investments and maintain the freedom to use the endpoint protection solution of their choice.

This ensures that customers maximize ROI while allowing room in their budget for other cybersecurity priorities.

“Integrating Sophos Endpoint with Taegis delivers a best-in-class unified protection, detection, investigation, and response platform – while also reducing customer costs,” said Raja Patel, chief product officer at Sophos. “Too many organizations still treat endpoint protection like a commodity, and that’s exactly the mistake attackers are counting on. The reality is, not all endpoint products are built to stop today’s hands-on-keyboard attacks. Sophos Endpoint’s prevention-first capabilities, like CryptoGuard anti-ransomware protection and Adaptive Attack Protection, shut down attacks before they can escalate, which is a true game changer for enterprises managing thousands of devices. And by simplifying deployment and policy management, we’re helping organizations stay ahead of threats, lower their total cost of ownership, and maximize the return on their security investments.”

Key benefits for Taegis customers include:

  • Lower costs and improved ROI: Sophos Endpoint is now automatically included with all Taegis XDR and Taegis MDR subscriptions, eliminating the need to purchase a separate endpoint security solution.
  • Vendor choice preserved: Taegis remains an open platform, allowing organizations to continue using their preferred endpoint solution.
  • Industry-leading protection: A 16-time leader in the Gartner® Magic Quadrant™ for Endpoint Protection Platforms, Sophos Endpoint provides unmatched defense against ransomware and other advanced threats, with features such as CryptoGuard and Adaptive Attack Protection, accessible directly from the Taegis console.
  • Workflow continuity: Telemetry and detections from Sophos Endpoint are ingested into the Taegis platform, allowing customers to retain existing detection and response workflows.
  • Simplified management: Customers can download, install and manage Sophos Endpoint directly from Taegis.

To support a range of environments, customers can now choose between three deployment options for endpoint protection:

  • Sophos Endpoint: Natively integrated for comprehensive prevention, detection, and response in a single agent.
  • Non-Sophos native integrations: Telemetry ingestion ensures full visibility from products such as CrowdStrike, Microsoft Defender, SentinelOne and Carbon Black by Broadcom.
  • Other non-Sophos endpoint security solutions: Supported through a detection only sensor deployment option.

“This integration expands the value and flexibility we deliver to customers and partners,” said Chris Bell, senior vice president of Global Channel, Alliances and Corporate Development at Sophos. “By including Sophos Endpoint in Taegis, organizations gain stronger protection, reduced costs and simplified operations. For partners, it creates new opportunities to help customers consolidate tools, drive renewals and expand enterprise relationships.”

Continue Reading

GRTech

Glo reduces international call rates 

By Sandra Ani

Published

on

Glo and Globacom


Technology Company, Globacom, has announced significant reductions in its International Direct Dialing (IDD) rates, making international calls more affordable for its existing and new customers across Nigeria.

Effective August 10, the new rates began applying to over 15 popular international destinations, including United States which will has moved to ₦30 per minute, down from ₦35, United Kingdom is now N350 from ₦400, while India also moved down to ₦40 from N45.

The rates for China, Saudi Arabia and Cameroon however recorded major reduction moving to N75, N300 and ₦700 respectively.


The reduction was also extended to African countries including Benin Republic which goes for ₦650 per minute, Niger Republic ₦750, Ghana ₦500, and Togo ₦650. United Arab Emirates also moved from ₦450 to ₦325, Germany to ₦550, Côte d’Ivoire ₦700, Libya ₦700, while calls to Malawi is now N1,100 from ₦1,200.

Glo aims to provide more value for its customers through these revised rates, encouraging them to make Glo their preferred network for international calls. New IDD bundles will also be introduced, offering frequent international callers even more attractive deals.

Globacom, which remained optimistic that frequent international callers will benefit immensely from the reductions in IDD bundles, enjoined customers to take advantage of the new rates to stay connected with friends and business associates across the globe.

Continue Reading

Trending