According to the 2024 Verizon Data Breach Investigations Report, 75% of cyber attacks involve exploiting compromised privileged credentials, making privileged access one of the most sought-after attack vectors. Additionally, 60% of organizations cite insider threats as the primary cause of data breaches (2023 Cybersecurity Insiders – Insider Threat Report), highlighting the critical need to secure privileged accounts against both external and internal threats.

However, a vast majority of organizations – both big and small – don’t have the platforms and processes in place to secure the privileged accounts of every user, on every device, from every location. That’s where a modern Privileged Access Management (PAM) solution comes into play.

The growing need for modern privileged access management

Organizations that fail to implement a robust PAM solution face significant financial and operational risks. The 2024 IBM Cost of a Data Breach Report found that the average cost of a breach rose to $4.88 million. However, 80% of organizations that have adopted a PAM solution report a significant reduction in cyber attack success related to credential theft and misuse.

With the increasing complexity of IT environments, including hybrid cloud infrastructures, passkey adoption, DevOps pipelines and remote workforces, legacy PAM solutions often fail to provide seamless security and usability. Today’s modern infrastructure needs to be accessible at all times, from anywhere in the world, while still maintaining Just-In-Time (JIT) access, zero trust and least privilege.

Introducing KeeperPAM: A groundbreaking approach to privileged access management

Keeper Security is pleased to announce the next generation of its privileged access management platform, KeeperPAM, a patented cloud-native, zero-knowledge platform. KeeperPAM enables seamless infrastructure access through a secure vault. Simply log in with Multi-Factor Authentication (MFA) for one-click, passwordless access to servers, databases, web apps and SaaS platforms.

Unlike legacy PAM solutions, KeeperPAM is zero-knowledge and zero-trust, meaning Keeper never has access to your network, infrastructure or secrets. With a lightweight, containerized gateway, Keeper eliminates agents and on-premises complexity while providing full auditing, session logging and flexible access through User Interface (UI), Command-Line Interface (CLI) or isolated web browsing.

Keeper’s engineers are the original creators of Apache Guacamole and experts in browser-based remote session protocols covering SSH, RDP, VNC, HTTPS, MySQL, PostgreSQL, SQL Server and more.

What makes KeeperPAM groundbreaking?

• Cloud-native, not cloud-adapted – Unlike legacy PAM providers that have adapted on-premises products to the cloud, KeeperPAM was built from the ground up to be cloud-native, scalable and easy to deploy across any environment.
• Multi-protocol access – Instant passwordless sessions to remote servers, databases and web-based applications – without exposing credentials or requiring firewall changes.
• Zero-trust and zero-knowledge security – With end-to-end zero-knowledge encryption, only you can decrypt your data and remote sessions, ensuring absolute privacy and security.
• Agentless, seamless deployment – Unlike legacy PAM solutions that require complex network configurations, Virtual Private Networks (VPNs) or on-prem appliances, KeeperPAM simplifies access by using a lightweight Keeper Gateway service, which eliminates network vulnerabilities and significantly reduces IT overhead.
• All-in-one platform – KeeperPAM integrates enterprise password management, secrets management, privileged session management, remote browser isolation and zero-trust network access into a single, unified solution. You can choose whether users have only an enterprise password manager license or a full PAM license.

With KeeperPAM, businesses no longer need various cybersecurity platforms cobbled together that leave them exposed. Everything is managed from a single pane of glass.

Core benefits and capabilities of KeeperPAM

KeeperPAM offers all of the functionality organizations need to prevent breaches, ensure compliance and enable easy and secure access to resources.

Some of the core capabilities include:

• Password Management – Protect and manage passwords, passkeys and confidential files in a zero-knowledge vault.
• Secrets Management – Protect API keys, CI/CD pipelines and developer tools, while eliminating secrets sprawl, by removing hard-coded credentials from source code.
• Session Management – Provide passwordless remote access to any resource using a web browser.
• Database Management – Control access to databases, either on-prem or cloud, using interactive UI sessions, CLI sessions or tunneling with your favorite front-end tools.
• Remote Browser Isolation – Lock down internal web-based apps, cloud apps and admin panels, while preventing data exfiltration and controlling browsing sessions, with auditing, session recording and password autofill.
• Admin Console – Manage and deploy Keeper to users, integrate with identity providers, monitor activity and establish role-based enforcement policies.
• Control Plane – Orchestrate and monitor the various components and activities related to privileged access, session management, policies and workflow.

How is KeeperPAM deployed?

KeeperPAM uses a zero-trust gateway service to access each environment. No firewall updates or ingress changes are needed, thereby enabling seamless, secure access without complexity.

There are three simple steps to deploy KeeperPAM, which will take under an hour to complete:

1. Deploy the vault with your SSO and provision through SCIM, SAML or AD
2. Set policy
3. Install a Keeper Gateway in the target environments

Deploying KeeperPAM is fast, flexible and designed to scale with your organization’s needs. Whether you’re a small business or a global enterprise, Keeper’s innovative cloud-native architecture ensures rapid implementation with minimal IT overhead. Professional services are never required, unlike legacy PAM platforms.

The future of PAM is here

As cyber threats continue to escalate and regulatory requirements become more stringent, businesses need a modern PAM solution that is secure, scalable and simple to deploy. KeeperPAM redefines privileged access security by eliminating outdated architectures, reducing complexity and delivering an all-in-one, zero-trust security platform.

By combining enterprise password management, secrets management, connection management, zero-trust network access and remote browser isolation into a single, easy-to-use interface, KeeperPAM empowers businesses of all sizes to proactively prevent breaches, streamline compliance and simplify security.

Ready to take control of privileged access and eliminate standing privilege? Request a KeeperPAM demo today.

Source: Keeper Security

Sophos, a global leader of innovative security solutions for defeating cyberattacks, today released the 2025 Sophos Active Adversary Report, which details attacker behavior and techniques from over 400 Managed Detection and Response (MDR) and Incident Response (IR) cases in 2024. The report found that the primary way attackers gained initial access to networks (56% of all cases across MDR and IR) was by exploiting external remote services, which includes edge devices such as firewalls and VPNs, by leveraging valid accounts.

The combination of external remote services and valid accounts aligns with the top root causes of attacks. For the second year in row, compromised credentials were the number one root cause of attacks (41% of cases). This was followed by exploited vulnerabilities (21.79%) and brute force attacks (21.07%).

Understanding The Speed of Attacks

When analyzing MDR and IR investigations, the Sophos X-Ops team looked specifically at ransomware, data exfiltration, and data extortion cases to identify how fast attackers progressed through the stages of an attack within an organization. In those three types of cases, the median time between the start of an attack and exfiltration was only 72.98 hours (3.04 days). Furthermore, there was only a median of 2.7 hours from exfiltration to attack detection.

“Passive security is no longer enough. While prevention is essential, rapid response is critical. Organizations must actively monitor networks and act swiftly against observed telemetry. Coordinated attacks by motivated adversaries require a coordinated defense. For many organizations, that means combining business-specific knowledge with expert-led detection and response. Our report confirms that organizations with proactive monitoring detect attacks faster and experience better outcomes,” said John Shier, field CISO.

Other Key Findings from the 2025 Sophos Active Adversary Report:

• Attackers Can Take Control of a System in Just 11 Hours: The median time between attackers’ initial action and their first (often successful) attempt to breach Active Directory (AD) – arguably one of the most important assets in any Windows network – was just 11 hours. If successful, attackers can more easily take control of the organization.
• Top Ransomware Groups in Sophos Cases: Akira was the most frequently encountered ransomware group in 2024, followed by Fog and LockBit (despite a multi-government takedown of LockBit earlier in the year).
• Dwell Time is Down to Just 2 Days: Overall, dwell time – the time from the start of an attack to when it is detected – decreased from 4 days to just 2 in 2024, largely due to the addition of MDR cases to the dataset.
• Dwell Time in IR Cases: Dwell time remained stable at 4 days for ransomware attacks and 11.5 days for non-ransomware cases.
• Dwell Time in MDR Cases: In MDR investigations, dwell time was only 3 days for ransomware cases and just 1 day for non-ransomware cases, suggesting MDR teams are able to more quickly detect and respond to attacks.
• Ransomware Groups Work Overnight: In 2024, 83% of ransomware binaries were dropped outside of the targets’ local business hours.
• Remote Desktop Protocol Continues to Dominate: RDP was involved in 84% of MDR/IR cases, making it the most frequently abused Microsoft tool.

To shore up their defenses, Sophos recommends that companies do the following:

• Close exposed RDP ports
• Use phishing-resistant multifactor authentication (MFA) wherever possible
• Patch vulnerable systems in a timely manner, with a particular focus on internet-facing devices and services
• Deploy EDR or MDR and ensure it is proactively monitored 24/7
• Establish a comprehensive incident response plan and test it regularly through simulations or tabletop exercises

Read the full It Takes Two: The 2025 Sophos Active Adversary Report on Sophos.com.

Source: Sophos

Customers have spoken, and the results are in. G2, a major technology user review platform, has just released its Spring 2025 Reports, where users rated Sophos as the #1 overall Firewall, MDR, and EDR solution.

Recognizing the power of our platform, Sophos is – once again – the only vendor named a Leader across the G2 Overall Grid® Reports for Endpoint Protection Suites, Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Firewall Software, and Managed Detection and Response (MDR). Based on user feedback, Sophos was also ranked the #1 solution in 53 individual reports spanning the Antivirus, EDR, Endpoint Protection Suites, XDR, Firewall, and MDR markets.

Managed Detection and Response

In addition to the #1 overall ranking among MDR solutions, Sophos MDR is also rated the top solution in four additional report segments for the category, including the Enterprise and Mid-Market Grids, and earning the Best Results and Best Usability distinctions among Enterprise customers.

We continue to extend Sophos MDR to support the more than 29,000 organizations that use our service. Recent updates include enhanced ability to fortify Microsoft defenses with new Sophos-proprietary detections for Office 365, an expanded ecosystem of turnkey integrations with third-party cybersecurity and IT tools includes a new Backup and Recovery integration category, and new AI-powered workflows to streamline the operational processes and drive better security outcomes for our customers.

Endpoint Detection and Response/Extended Detection and Response

Sophos EDR/XDR was named a Leader across nine different segments in the Spring 2025 Reports, including the Overall, Enterprise, Mid-Market, and Small Business Grids. The Sophos XDR platform was rated #1 for Best Usability and Best Relationship across all four segments (Overall, Enterprise, Mid-Market, and Small Business), reinforcing why it is the overall top-rated XDR solution.

Firewall

In addition to being named the #1 Overall Firewall solution, Sophos Firewall was also rated as the #1 firewall solution by Mid-Market and Enterprise users. All four user segments (Overall, Small Business, Mid-Market, and Enterprise) named Sophos Firewall a Leader in their respective G2 Grid Reports. For usability, Sophos Firewall is the top-rated solution in the Overall, Enterprise, and Mid-market segments in the Usability Index.

What Sophos customers are saying

“Sophos MDR: 360 degree MDR solution for endpoint security” said a user in the Enterprise segment

“Sophos MDR helps us sleep at night knowing our environment is monitored 24/7” said a user in the Mid-Market segment

“Sophos Firewall is a robust and user-friendly security solution that provides comprehensive protection through advanced threat detection, deep packet inspection, and synchronized security with other Sophos products” said a Head of IT in the Mid-Market segment

“Sophos Firewall automatically identifies and blocks active threats, prevents the lateral movement of attacks, and delivers immediate insights into compromised devices, users and application” said a user in the Small Business segment

“What stands out the most is how effortlessly Sophos Firewall streamlines security tasks, allowing users to focus on protecting their networks without getting bogged down in complex configurations” said a user in the Mid-Market segment

“We can rest easy knowing that Sophos Intercept X is continuously guarding our endpoints from ransomware assaults, which are the kind of thing that keep IT administrators up at night” said a SOC Analyst in the Mid-Market segment

For more information on our services and products, speak to your Sophos partner or representative and visit our website.

Source: Sophos

Discover key insights on why Autotask has been recognized as a leader in the G2 Grid® Report for Professional Services Automation (PSA) – Spring 2025.

Autotask PSA is a cloud-based platform that enables MSPs to run their business at peak profitability because it’s reliable, centralizes their operations, and enables quick data-driven decisions. Autotask provides real-time metrics that give full visibility into service delivery, customer satisfaction, sales pipeline, internal operations, resource utilization, profitability and more. As the central hub of an MSP’s business, it integrates with more than 170 industry-leading solutions. Autotask PSA has consistently delivered 99.99% uptime over the last 10 years.

Autotask earned its place on the G2 Leader Grid® Report for Professional Services Automation thanks to exceptional customer satisfaction and a strong market presence. With 86% of users giving Autotask 4 or 5 stars, 85% believing it is headed in the right direction and 83% saying they would recommend it, Autotask stands out as a reliable solution for streamlining service delivery and project management.

Backed by robust features and a proven ROI, Autotask continues to provide IT professionals with seamless workflows, visibility and control over their operations.

Download the report to discover how Autotask is leading the way:

• User satisfaction and overall performance.
• Feature comparisons.
• User adoption and ROI.
• Autotask, also recognized in the ITSM Tools and Service Desk categories, brings powerful automation and service management under one unified platform.

Join thousands of IT service providers around the world who rely on Autotask to power their businesses.

As cyber threats continue to evolve, addressing cybersecurity challenges is more urgent than ever. Traditional passwords, long considered foundational to digital security, are increasingly vulnerable to sophisticated attacks like phishing and credential stuffing. With cybercriminals becoming more adept, businesses need more secure and reliable authentication methods. Enter passkeys – an innovative step forward in authentication technology.

Recent research from Keeper Security reveals a major shift in the industry: 80% of organizations have either adopted or plan to implement passkeys. But the transition is not without hurdles.

Why passkeys are the future

While passwords have long been the foundation of online security, they come with significant flaws. For example, 32% of employees admit to reusing passwords across multiple accounts, making them easy targets for cybercriminals. Combined with the pervasive threats of phishing and brute force attacks, it’s clear that traditional passwords are no longer sufficient.

Passkeys address these vulnerabilities by leveraging public key cryptography. Unlike passwords, which can be stolen or exposed, passkeys don’t require users to transmit sensitive information. Instead, they use a cryptographic key pair: One key is stored securely on the user’s device, and the other is stored on the authentication server, ensuring that credentials remain secure, private and resistant to phishing attacks.

A phased approach to passkey adoption

Transitioning to passkeys is not a one-size-fits-all solution. Businesses need a structured plan that addresses legacy systems, cost considerations and user adoption challenges. Here is a phased approach to ensuring a smooth and secure transition.

1. Conduct a risk assessment

Identify high-risk systems and prioritize their migration to passkeys. Focus on accounts that store sensitive data or have a history of security breaches. Keeper’s dark web monitoring tool, BreachWatch, can help detect exposed credentials and guide where to start.

2. Upgrade infrastructure

Evaluate authentication tools for compatibility with passkey technology. Hybrid authentication systems, which support both traditional passwords and passkeys, provide a seamless way to transition. Keeper’s password manager supports this hybrid approach, helping organizations secure existing credentials while preparing for a future with passkeys. This dual support enables gradual adoption, ensuring compatibility with legacy systems and minimizing disruption. By integrating passkeys at a manageable pace, organizations can enhance security without sacrificing functionality or user experience.

3. Drive user adoption

Successful implementation depends on user adoption. To support this, organizations must provide clear guidance, comprehensive training materials and hands-on demonstrations that highlight the benefits of passkeys. Keeper’s user-friendly interface and seamless autofill technology simplify the transition, encouraging widespread adoption. Establishing clear policies on when and how to use each authentication method helps ensure users feel confident in their choices. Hybrid solutions not only reduce resistance but also build trust, making the shift to passkeys smoother and more effective across the organization.

4. Launch a pilot program

Introduce passkeys to a smaller group before expanding company-wide. Gather feedback, refine processes and address concerns to optimize the user experience. Keeper’s enterprise-grade security tools ensure seamless integration with existing Identity and Access Management (IAM) frameworks to facilitate user adoption.

5. Execute an organization-wide rollout

Expand passkey usage across all systems, prioritizing high-value accounts and critical users before gradually including other platforms and the broader organization. Ongoing monitoring is essential for maintaining long-term security and user satisfaction.

A vision for the future

Passkeys mark a paradigm shift in authentication. As businesses strengthen their cybersecurity posture, adopting passkeys will be a crucial step toward eliminating credential-based attacks and enhancing the user experience.

Keeper is here to help organizations navigate this transformation. With enterprise-grade security solutions, seamless integrations and expert guidance, businesses can embrace the future of authentication with confidence.

Secure your future today

The journey to passkey adoption begins now. Download Keeper Security’s latest insight report, Navigating a Hybrid Authentication Landscape, for a deeper dive into emerging trends, challenges and solutions.

Source: Keeper Security

Over the years the industry has tied itself in knots in its attempts at augmenting (or upgrading) the password, using all sorts of confusing terminology such as two-factor authentication (2FA), two-step authentication, multifactor authentication (MFA), and the more modern confusion of universal second factor (U2F), Fast IDentity Online 2 (FIDO2), WebAuthn, and passkeys.

Up until now, most of us were happy enough to get someone to adopt any of the above. Anything more than a password is an improvement, but we have now reached the point where we need to raise the minimum bar of acceptability. In this post I’ll look at the current state of bypassing “stronger” authentication methods – and, I believe, point out the best path forward.

Not two smart

Too many of the simplest “2FA” options are not true to what two-factor authentication is really meant to be. Ideally the two factors are two of the following three types: something you know (like a password or PIN), something you have (like a USB/Bluetooth token, SmartCard or public/private keypair), or something you are (like a fingerprint or faceprint). Unfortunately, most of the early solutions boil down to something you know and . . . something else you know.

Take the RSA token, SMS text message, or TOTP (time-based one-time passwords; e.g., Google Authenticator or Authy) styles of “2FA,” where in most cases you are presented with a 6-digit code that rotates every 30 seconds. While people have criticized SMS implementations of this due to the possibility of SIM swapping, the reality is they are all weak and susceptible to interception.

Here’s the problem. Imagine you are sent a well-crafted (perhaps AI-generated?) phishing email. For the scammer to succeed in compromising you at this stage, you must believe the email is legitimate, whether you are using multifactor authentication or not. This is where challenging someone for two different things they know (their password and a secret code that is dynamically generated) ends in tears: If you really think you are logging into your bank, email, or corporate account, you will happily disclose not just your password, but the secret code as well. This type of authentication is only in a single direction; the scammer is verifying your identity, but you have not verified the identity of the entity asking for the proof.

There are in fact freely available tools to automate this deception. One of the more popular is called evilginx2. Originally based on the popular web server nginx, it is now a standalone Go application that serves as an all-in-one tool to phish knowledge-based multifactor authentication and steal session cookies to bypass authentication. This has lowered the barrier for malfeasance to new depths.

How did we get here?

If we consider the history of credential compromise, it all began with sniffing unencrypted Wi-Fi or performing other network-based attacks before things were encrypted. Back in 2010 there was an infamous tool called FireSheep that was designed to allow attackers to visit a cafe and passively steal people’s logins due to the lack of encryption on the web.

In response to these attacks, and to Edward Snowden’s leaks in 2013, we moved to encrypting nearly everything online. That change secured us against what are referred to as machine-in-the-middle (MitM) attacks. We now have nearly ubiquitous use of HTTPS across the web and even in our smartphone apps, which stops any random passersby from capturing everything you might see or do online.

Criminals then moved on to credential theft, and to a large degree most of us have moved on to some variation of multifactor authentication, but again, usually merely the cheapest and easiest variation — something we know, plus an ephemeral something-else we know. This is an ineffective speed bump, and we must move on once again.

Industry consensus has, after many a committee meeting and standards body creation, settled on a widely agreed-upon standard known as the Web Authentication API, or WebAuthn. If you want to dive deeply into the confusion over the various bits and pieces, there is a Reddit thread for that, but I won’t go too deeply into those weeds here.

A walk through WebAuthn

WebAuthn/passkeys make multifactor authentication close to phish-proof. Nothing is perfect, of course, and recent research has discovered a limited-but-interesting MitM attack vector involving specialized hardware devices and a since-patched CVE, but from here forward we are referring to it as phishing-resistant multifactor authentication.

Let’s walk through the process. I want to create an account on a popular social media site. Using my smartphone or computer with passkey support, I choose to create a new account with a passkey. The site prompts me for my desired username (usually my email address). My device sends the username to the site, and it responds back with my username, a challenge, and the site’s domain name. My device generates a unique cryptographic keypair, stores it safely alongside the site name and username, signs the challenge from the site, and attaches the associated public key for the site to now use as my identifier.

Next time I go to this site, I will no longer need or use a password, which by this definition is just a shared secret and could be stolen or replayed. Instead, as shown in Figure 1, I send the username that is matched to that site’s domain name. The site responds with a challenge. My device looks up the key for that domain name and uses it to sign the challenge, proving my identity.

For more information, vertx.io has a developer-centric dive into the mechanics of the process.

What could possibly go wrong?

With this combination of data points, the key can’t easily be stolen or reused, and I can’t be tricked into trying to sign into an imposter site with a lookalike domain name. (There is a small attack surface here as well: If you add a passkey for zuzax.com and I can create a subdomain under my control as an attacker, phish.zuzax.com, I can get you to sign a replayed challenge.)

Beyond my device, where the keys are stored determines their safety against theft and abuse. Using hardware U2F tokens, like a YubiKey or SmartCard, ensures the keys are locked to that device and cannot be extracted and physical theft is the only practical option. Some hardware tokens require a biometric, PIN, or passphrase to unlock as well. With the advent of passkeys, the secret keys can be synchronized across your OS vendor’s cloud (iCloud, Google Drive, OneDrive) or through your password manager (Bitwarden, 1password, etc.) making them more susceptible to theft if your account is compromised.

And, of course, it has to be implemented. The burden of implementation lies with the sites (where we have made reasonably quick progress on this in the past year) and, as ever, with enterprises that must enable and use it in their specific environments. This isn’t so different to our constant advice to security practitioners to treat MFA as basic hygiene (along with patching and disabling unnecessary RDP), but it still has to be budgeted for and done.

The last remaining weakness is the session cookie that gets set upon login, but that’s a topic for another article.

It goes both ways (and moves us forward)

As a user, I should be able to prove my identity to my device by using a PIN, fingerprint, or faceprint, and have the device do the work of authenticating both parties. That’s the most important part of this transaction — its bidirectionality.

We all know password theft is a problem, and we have really only extended their lifetimes by trying to augment them with other flavors of knowledge-based authentication. Information can be and will be stolen, intercepted, and replayed. If we truly want to have multifactor authentication, we must move beyond knowledge and demand stronger proof.

This is an opportunity to move beyond security being a source of friction for users; in fact, it actively improves security while diminishing the friction. Today’s passkey implementations can be finicky and awkward, but I am convinced those who embrace it will benefit the most and that in short order we will solve the user interface challenges. We don’t have a choice. It is the best solution available to us and the criminals won’t wait for us to argue the merits.

Source: Sophos

Sophos X-Ops’ research, presented at Virus Bulletin 2024, uses ‘multimodal’ AI to classify spam, phishing, and unsafe web content.

At the 2024 Virus Bulletin conference, Sophos Principal Data Scientist Younghoo Lee presented a paper on SophosAI’s research into ‘multimodal’ AI (a system that integrates diverse data types into a unified analytical framework). In his talk, Lee explored the team’s novel empirical research on applying multimodal AI to the detection of spam, phishing, and unsafe web content.

What is multimodal AI?

Multimodal AI represents a significant shift in artificial intelligence. Rather than traditional single-mode analysis, multimodal systems can process multiple data streams simultaneously, synthesizing data from multiple inputs.

In the context of cybersecurity – and particularly when it comes to classifying threats – this is a powerful capability. Rather than analyzing textual and visual content separately, a multimodal system can process both, and ‘understand’ the intricate relationships between them.

For example, in phishing detection, multimodal AI examines the linguistic patterns and writing style of the text alongside the visual fidelity of logos and branding elements, while also analyzing the semantic consistency between textual and visual components. This holistic approach means that the system can identify sophisticated attacks that might appear, to more traditional systems, to be legitimate. Moreover, multimodal AI can learn from, and adapt to, the correlations between different data types, developing a sense of how legitimate and malicious content differs across multiple dimensions.

Capabilities

In his research, Lee details some of the detection capabilities of multimodal AI systems:

Text analysis and natural language understanding

• Analysis of linguistic patterns, writing style, and contextual cues to identify manipulation attempts
• Detection of social engineering tactics such as manufactured urgency and unusual requests for sensitive information
• Maintenance of an evolving database of phishing pretexts and narratives

Visual intelligence and brand verification

• Comparison of logos, corporate styling, and visual layouts to legitimate templates
• Detection of subtle differences in brand colors, fonts, and layouts
• Examination of image metadata and digital signatures

Advanced URL and security analysis

• Identification of deceptive techniques like typosquatting and homograph attacks
• Analysis of relationships between displayed link text and actual destinations
• Detection of attempts to obscure malicious URLs with styling and formatting tricks

Case study: A fake Costco email

The below image is a genuine phishing attempt, designed to trick recipients into thinking that they have won a prize from Costco. The email looks official, complete with imitated Costco logo and branding.

Figure 1: A screenshot of a phishing email, purportedly from Costco

Multimodal AI can identify several suspicious aspects of this email, including:

• Phrases used to incite urgency and action
• The sender’s email domain not matching legitimate domains
• Inconsistencies with logos and images

As a result, the system assigns a high score to the email, flagging it as suspicious.

SophosAI also applied multimodal AI to NSFW (not safe for work) websites containing content relating to gambling, weapons, and more. As with the classification of phishing emails, detection leverages a number of capabilities, including the evaluation of keywords and phrases (agnostic of language), and analysis of imagery and graphics.

Experimental results

To test the efficacy of multimodal AI compared to traditional machine learning models such as Random Forest and XGBoost, SophosAI conducted a series of empirical experiments. The full results are available in Lee’s whitepaper and Virus Bulletin talk – but, briefly, traditional models performed well when detecting known threats, and struggled with new, unseen phishing emails. Their F1 scores (a measure that balances precision and recall to give an overall representation of accuracy between 0 and 1) were as low as 0.53 with unseen samples, reaching a high of 0.66. In contrast, multimodal AI (using GPT-4o) performed very well in detecting new phishing attempts, achieving F1 scores up to 0.97 even on unseen brands.

It was a similar story with NSFW content; traditional models achieved F1 scores of around 0.84-0.88, but models with multimodal AI embeddings achieved scores of up to 0.96.

Conclusion

The digital landscape is in a state of constant evolution, bringing with it an array of new threats – including the use of generative AI to deceive users. Phishing emails now meticulously, and routinely, mimic legitimate communications, while NSFW websites conceal harmful content behind deceptive visuals. While traditional cybersecurity methods remain important, they are increasingly inadequate on their own. Multimodal AI offers an innovative layer of defense that enhances our comprehension of content.

By effectively detecting sophisticated phishing emails and accurately classifying NSFW websites, multimodal AI not only protects users more effectively but also adapts to new threats. The experimental results Lee presents in his paper show significant improvements over traditional methods.

Going forward, incorporating multimodal AI into cybersecurity strategies is not just beneficial; it is crucial for ensuring the protection of our digital environment amid growing complexities and threats.

For further information, Lee’s full whitepaper is available here. A recording of his 2024 Virus Bulletin talk is available here (along with the slides).

Source: Sophos

The World’s Most Innovative Companies Award by Fast Company is the definitive source for recognizing organizations that transform industries and shape society. Today, we’re celebrating that Fast Company has named Silverfort a 2025 Most Innovative Company. We are honored to be listed in the security category alongside others who are pushing the boundaries of what’s possible to create a more secure world.

More than 1,000 enterprises trust Silverfort, and our gross customer retention rate remains high at 94%. We’ve raised more than $220M in funding from leading investors, and we’ve grown to over 450 team members worldwide, with revenue increasing by nearly 100% year over year for the last five years. The entire Silverfort team deserves this honor for working tirelessly to build a platform that delivers maximum security with minimal effort. Thank you to our employees, customers, and investors for all your hard work, loyalty, and unwavering support. And special thanks to our incredible Research, Engineering and Product teams for continuously delivering unmatched innovation that pushes the identity security market forward.

2024 was a big year for Silverfort. In the last six months alone, we acquired Rezonate, an impressive cloud identity security company, we released an incident response solution that flips the script on the traditional IR process, and our product team released an entirely new product—one that helps businesses go beyond managing privileged accounts to securing them (Privileged Access Security). We can proudly say our platform analyzes over 10B authentications daily, detects an average of 34K identity exposures and threats per customer, and is 17 times faster to deploy than traditional solutions.

Silverfort’s journey began with a mission to address a glaring—and growing—weakness we saw years ago in the security industry: identity. Determined to close this gap, the founding Silverfort team pioneered unique, patented Runtime Access Protection (RAP) architecture, which connects seamlessly to an organization’s existing identity stack. It provides unparalleled visibility into all identities and environments, leverages AI for adaptive authentication and threat detection, and even protects what used to be unprotectable, like non-human identities (NHIs), legacy systems, and command-line tools.

Over the last several years, we have worked continuously to build the identity security platform companies deserve. Unlike other solutions that solve one piece of the security puzzle or require overly complicated maintenance and deployments, Silverfort breaks down silos to eliminate security gaps and blind spots with one easy-to-deploy platform.

The result? Identity security without limits.

The Silverfort Identity Security Platform is the only solution that truly goes everywhere to deliver unparalleled protection, context, and visibility, without compromising on productivity. Today, over 1,000 organizations worldwide trust us to protect all identities, all resources, and all environments, all the time—and we look forward to seeing that number grow as we continue to take identity security where it has never gone before.

Thank you to Fast Company for the recognition, and congratulations to the team that got us here. This is identity security done right.

Source: Silverfort

We’re thrilled to announce that Datto RMM has taken home top honors in the G2 2025 Awards. Among thousands of solutions, it stood out as a top choice, securing wins in multiple categories.

Out of 125,912 products in the contest pool, Datto RMM rose to the top, earning top honors across several categories:

• Top 100 in the Best Software Products
• Top 50 in the Best Products for Small Business
• Top 50 in the Best Software for Mid-Market Business
• Top 50 Best Security Software Products
• Top 100 in Highest Satisfaction Products

These high-level rankings highlight how Datto RMM empowers IT professionals with seamless management, from multitenant visibility and automated monitoring to patch management and remote control.

With round-the-clock support, you can count on Datto RMM for:

• Ease of use – An intuitive, user-friendly experience
• Automation – Streamlining tasks and job scheduling
• Seamless integrations – Connecting multiple tools and platforms effortlessly
• Efficient monitoring – Proactive management to prevent issues before they arise

Built with a security-first approach, Datto RMM also delivers robust endpoint and data security through native ransomware detection, mandatory 2FA and agent encryption — helping IT professionals deliver the best experience to their customers and end users.

Milestones That Matter: Our Community’s Success

In addition to Datto RMM’s standout success, Datto earned several other awards worth celebrating.

• Datto BCDR: Known for its user-friendly interface, easy navigation and reliable support functions, Datto BCDR secured a position among the Top 50 IT Management Products and has been credited as the “3rd Easiest to Use” product in the Server Backup software category.

 

The key aspects of BCDR that stood out for users include:

• Ease of Use
• Customer Support
• Recovery Ease
• Cloud Backup

• Autotask has also ranked in the Top 50 IT Management Products. It secured the Leading Product within the Professional Services Automation category among 5,003 products for the Best IT Management Software Products 2025.

With real-time metrics that give full visibility into service delivery, customer satisfaction, sales pipeline, internal operations, resource utilization, profitability and more, Autotask PSA has consistently delivered 99.99% uptime over the last 10 years.

Explore More:

These awards reflect our strong standing with customers worldwide. If you’re seeking a proactive approach to endpoint protection, now is the perfect time to explore the world of Datto RMM and beyond.

Try for free in our 14-day t/rial!

Source: Datto  

Have you ever thought how many accounts in your environment operate outside of your visibility and control? One of the biggest identity security blind spots, often ignored by organizations but frequently used by attackers – is Local Accounts.

Unlike domain-based accounts that security teams can easily detect and monitor, local accounts are left in the dark with limited to no visibility into their activity and privileges. This gap has become such a critical issue that the FBI recently issued a warning, urging organizations to disable local administrator accounts to reduce the risk of cyberattacks.

In this blog, we’ll explore the different security risks posed by local accounts, and how Silverfort’s new local authentications visibility feature helps organizations to close the blind spot.

Understanding local accounts: what they are and how they work

Local accounts exist in 2 main types: local user accounts and local administrator accounts. Let’s describe each type in more detail:

• Local user accounts

These are standard accounts with limited access permissions, typically used for basic access to an endpoint. Local users can log in and operate a system but lack administrative privileges to make any system-wide changes.

• Local administrator accounts

These accounts have full control over an endpoint, allowing users to install software, modify system settings and create new accounts. Built-in local admin accounts (for instance, default Microsoft Windows “Administrator” account) are often under high risk as they can be exploited by attackers for compromise and privilege escalation.

While domain accounts are centrally managed through Active Directory (AD) or an Identity Provider (IdP), local accounts exist only on individual endpoint. From an identity management perspective, the key difference between local and domain accounts is who manages them:

• Local accounts exist and are controlled on the individual endpoint. The user has full control on the system, including privilege access to critical settings, with no visibility from the security teams.

• Domain accounts, on the other hand, are managed centrally by domain administrators within Active Directory (AD) or an Identity Provider (IdP). Security teams have more visibility into domain accounts and the ability to enforce security controls on each user, with specific policies and restrictions configuration.

Local accounts are often used for administrative tasks or legacy systems to provide access to a specific computer or device, but lack of monitoring and advanced security controls offered by domain-based accounts.

The hidden risks of local accounts

From a security perspective, local accounts by themselves won’t cause major security risks. But not managing them properly can have serious impact on the organization. Main of these risks are lack of visibility, limited centralized management, and weaker security controls. These challenges make local accounts a prime target for attackers looking to move laterally and escalate privileges undetected.

Let’s focus on the identity security risks of local accounts in more detail:

1.Lack of visibility: a blind spot in authentication monitoring

One of the biggest risks of local accounts is that security teams can’t see what they can’t track. Unlike domain-based authentications, which are centrally logged and stored, local accounts’ activities are isolated into individual endpoints and do not have any records in AD or IdP logs. This means that any malicious activity, including failed logins, unusual access patterns or compromised credentials, makes it nearly impossible to detect it before it’s too late.

2.Limited centralized management: a security and operational nightmare

Local accounts are stored outside of the directory-based identity management scope. And security teams struggle not only on enforcing policies but even on tracking who has access to what. Many organizations rely on default passwords or static credentials for local accounts without proper credential rotation, which increases the risk of unauthorized access. Without any central authentications management, organizations have fragmented security controls that attackers can easily exploit for compromise.

3.Weaker security controls: an open door for attackers

Local accounts are rarely secured with strong security controls, like Multi-Factor Authentication (MFA) or other security controls, resulting in an easy target for attackers. Once a local account is compromised, it can be used to escalate privileges or move laterally across the environment without triggering any security alerts. This makes local accounts a critical blind spot in organization’s identity security posture.

How Silverfort enables local accounts visibility

With Silverfort you can now enhance your visibility into local accounts authentications, starting from Silverfort for Windows Logon version 2.1.3.

When a local user accesses a Windows machine with Silverfort for Windows logon installed, the authentication will be recorded with the auth type “Local”, and you will gain complete visibility into these access attempts from Silverfort Logs screen by filtering by Auth type = “Local”.

This new product capability allows you to track local logons for Windows. By filtering local account access attempts, you can quickly identify any malicious activities, including potential credential misuse.

Shining a light on local accounts: the first step to protection

Local accounts have always been seen as a security blind spot which attackers can utilize to create an easy entry to compromise an environment and stay unnoticed. Without visibility into the accounts’ authentication activities, you could not detect or respond to any of these malicious activities before they escalate.

With Silverfort’s real-time visibility into local accounts’ authentications, you can finally unlock new hidden layer of identity security from being completely unseen to monitor, track and investigate these identities. This is a solid ground to start towards complete security and protection of local accounts.

Ready to explore hidden local accounts in your environment? If you are an existing customer, please reach out to your customer success manager or schedule a call with one of our experts.

Source: Silverfort

A password generator is an online tool that automatically creates strong, random passwords at the click of a button. To create unique passwords, a password generator combines a variety of uppercase and lowercase letters, numbers and symbols. Password generators dramatically ease the process of creating strong passwords by automatically producing random, lengthy ones – two qualities that make passwords more challenging for cybercriminals to crack.

Keep reading to learn why you should use a password generator and how you can use it to strengthen your online security.

Password vs passphrase generator: What’s the difference?

The main difference between a password generator and a passphrase generator is that a password generator creates a password, while a passphrase generator creates a passphrase. Password generators create strong passwords, which contain at least 16 characters, including uppercase and lowercase letters, numbers and symbols. For example, this would be a strong password produced by a password generator: B^F<>8=>56qXUQCkhN?$.

A passphrase is a combination of words separated by numbers or symbols that are used as a password. Therefore, a passphrase generator produces multiple unrelated words, making passphrases more difficult for cybercriminals to crack. An example of a strong passphrase created with a passphrase generator could look something like this: Leaf-Banana0-Joy_Friend4-Sunlight.

Why use a password generator?

You should use a password generator because it guarantees strong and unique passwords, eliminates the chances of using weak or reused passwords and makes updating your passwords convenient.

It ensures your passwords are always strong

Password generators naturally create strong passwords by randomly combining letters, numbers and symbols. This random combination of characters contributes to the strength and uniqueness of any password you create with a password generator. Strong passwords are essential in reducing your chances of a cybercriminal hacking into your online accounts, which, in turn, minimizes your risk of becoming a victim of fraud or identity theft.

You don’t have to rely on yourself to create passwords

Maybe you believe that you can come up with strong passwords on your own just fine. However, a recent study commissioned by Keeper^® found that 41% of people admit to reusing the same password across multiple accounts. Password generators eliminate dangerous human tendencies by creating passwords that are completely random and unrelated to personal information, such as a pet’s name or birthdate. If you only rely on yourself to create strong and memorable passwords, you will likely start to reuse the same password or slight iterations of the same password on multiple accounts. Using weak or reused passwords increases the likelihood of a cybercriminal cracking your passwords and stealing your private information.

It makes changing your passwords easy

If you need to change your password following a data breach or hacking, using a password generator makes updating your passwords simpler while ensuring the new ones are secure. All you have to do is hit a button to receive a new, strong and random password that will be very difficult for a cybercriminal to crack. Rather than racking your brain to come up with a password you haven’t used before, a password generator makes this process quick and convenient.

It helps you avoid dictionary attacks

A dictionary attack targets passwords that use common words or phrases found in dictionaries. Since common words or phrases are easy for a cybercriminal to crack in a password, using a password generator combats dictionary attacks because your password will contain a random combination of letters, numbers and symbols rather than easy-to-guess words or phrases. If each of your passwords to your many online accounts is a 16-character password with unique letters, numbers and symbols, a cybercriminal will have a very difficult time cracking them.

How to use a password generator

You may be wondering how simple it is to use a password generator after hearing all its benefits. Follow the steps below to learn how you can use a password generator to create strong and unique passwords.

1. Find a secure password generator to use

Luckily, there are many free password generators you can use online to create passwords. However, you should consider the benefits of using a password manager with a built-in password generator, like Keeper Password Manager. Having a built-in password generator makes it easy to create or update passwords that are strong and unique. Then, you can save your randomly generated passwords directly in your Keeper Vault to ensure your passwords are encrypted and protected from cybercriminals.

2. Adjust the password generator settings

After finding the best password generator for you, you can customize its settings to fit a specific website or app’s password requirements. For example, if an online account requires your password to contain both uppercase and lowercase letters, at least two numbers and one symbol, you can adjust your password generator’s settings so it creates a password based on those criteria. An app might require your password to contain at least 16 characters, which means your password must contain a minimum of 16 letters, numbers and symbols combined. Regardless of what requirements a website or app may have for your password, you can change your password generator’s settings to suit your password needs.

3. Generate your strong password

Once you’ve set your password generator’s settings, you can create your random password. After the password generator produces a strong and unique password, you can either try to remember it or save it in a password vault. Saving your passwords in a password vault like Keeper ensures your passwords are protected and saves you the hassle of remembering the password. Keeper has an autofill feature that works on all devices and browsers, so the next time you need to input your password, Keeper will do it for you.

Generate strong, unique passwords with Keeper

Using a password generator is not only convenient but also safe for strengthening your passwords and protecting your private information. Keeper Password Manager’s built-in password generator is easy to use and eliminates the risk of using weak or reused passwords.

Start a free 30-day trial of Keeper Password Manager to experience the ease of a built-in password generator and a safe place to store your passwords.

Source: Keeper Security

Sophos DNS Protection is now available for Sophos Firewall customers with Sophos Central accounts outside of the standard US and EU regions, adding five new management regions: Australia, Brazil, India, Japan, and Canada.

This matches similar regional expansions for other Sophos Central managed products including ZTNA, Sophos Switch, and our AP6 Wireless line. For a full list of Sophos Central products and which regions are supported, see this article.

If you currently manage Sophos Firewalls in one of these regions, you can now easily add Sophos DNS Protection to your account. Your Sophos Firewalls with Xstream Protection include DNS Protection at no extra charge (see below for how to get started).

Note that Sophos DNS Protection already provides a global network of DNS resolver points-of-presence (POPs) and DNS traffic is automatically directed to the nearest location using unicast routing technology to ensure the fastest response. This new release now enables management of DNS Protection from all Sophos Central locations as well.

Get started with Sophos DNS Protection

If you are a Sophos Firewall customer with Xstream Protection and are not already using Sophos DNS Protection, you can get started for free. Check out our online documentation and video resources.

Source: Sophos

Juggling daily demands can make it difficult to keep up with the renewal dates on your Sophos subscriptions. To help you avoid any gaps in your protection, we are improving expiration alerts in Sophos Central so you can enjoy seamless protection against the latest threats.

What to expect?

30 days before your renewal date we will begin notifying you of your upcoming license expiration when you log-in to Sophos Central. Expect to see a pop-up message like the image above that shows:

• Which license(s) are due for renewal
• The license expiry date(s)

Select “View licenses” to go to the “Licensing” page where you can apply a new license key, access your partner’s contact details, find additional contact information, or dismiss the notification for that log-in session. The messages will stop displaying once you renew your license.

If you do not renew your license before it expires, the alerts will let you know that you do not have an active subscription and that access to your products and services will be restricted after a period of time. Should you have no active Sophos licenses, access to your Sophos Central account will be restricted as well.

Is there anything else I should know?

The new license expiry notifications:

• Are only available in Central Admin
• Do not apply to free trials
• Do not change the behavior of Sophos products when licenses expire i.e., they are notification only. Details on individual product behaviors can be found within the Licensing Guide 

Source: Sophos

Sophos Firewall OS v21 MR1 brings several scalability, resiliency, and stability enhancements to your Sophos Firewall.

What’s new

• SSL VPN – Now supports key sizes of 3072 or 4096 bits for the Diffie-Hellman key exchange to enhance secure communication and compliance requirements. Enhanced UDP-based SSLVPN tunnel resiliency has also been added using a granular dead peer detection timeout configuration.
• IPsec VPN – Improved stability for offloaded policy-based VPN IPsec traffic that eliminates slow browsing issues.
• NAT64 – The firewall enables IPv6-only clients to access IPv4 websites through an explicit proxy. Also added support for an IPv4 upstream proxy for IPv6-only clients.
• DHCP – Implemented added resiliency to the DHCP service which now auto-restores if it gets into an error state.
• Cellular WAN – The firewall now offers enhanced cellular WAN monitoring by automatically setting “8.8.8.8” as the second probe target. This addresses the issue of ISPs blocking gateway pings, reducing the need for manual configuration.
• SD-RED support – SD-RED devices now support remote troubleshooting and diagnostics by Sophos Support.

How to get the firmware and documentation

Sophos Firewall OS v21 MR1 is a free upgrade for all licensed Sophos Firewall customers – including XGS Series, cloud, virtual, and software firewalls.

Note: XG Series devices are soon to be end-of-life and need to be upgraded to XGS Series devices immediately and are not supported by v21 or v21 MR1.

This firmware release will follow our standard update process. You can manually download SFOS v21 MR1 from Sophos Central and update any time. Otherwise, it will be rolled out to all connected devices over the coming weeks. A notification will appear on your local device or Sophos Central management console when the update is available, allowing you to schedule the update at your convenience.

You should update your Sophos Firewall firmware at your earliest opportunity.

Sophos Firewall OS v21 MR1 is a fully supported upgrade from all previous versions of v21, v20, v19.5 and v19.0. Please refer to the Upgrade Information tab in the release notes for more details.

Full product documentation is available online and within the product.

Source: Sophos

With the explosion of cloud computing, video streaming, AI, and other data-hungry technologies, traditional gigabit Ethernet (GE) networks are struggling to keep up. Bottlenecks and latency issues are hampering application performance and the overall user experience.

The newest addition to the Sophos Switch portfolio, CS1010-8FP, provides a cost-effective way to support the high-speed, low-latency requirements of modern networks and applications, such as:

• High-definition media streaming
• Large file content transfer, e.g., Computer-Aided Design (CAD), video editing
• Server-to-server and server-to-NAS data backups
• Communication with 10-gigabit servers
• Linking multiple 1-gigabit switches for improved performance
• Higher-speed LAN to reap the potential of high-speed internet, e.g., Fiber to the premises

Product highlights

For a brief overview of the new model, watch this video:

The CS1010-8FP offers eight 10-gigabit PoE-capable ports (PoE++/802.3bt) and four SFP+ interfaces. The 410W Power over Ethernet budget is sufficient to power up to six 60W devices or eight PoE++ devices with slightly lower power consumption, such as our AP6 840E access points

CS1010-8FP connectivity

• 8 x 1/2.5/5/10 GE multi-gigabit copper ports
• 4 x 1/10G SFP+ fiber ports
• 410W PoE budget [Ports 1-8 (max. 60W per port), 802.3bt/PoE++]

10 GE is fully compatible with earlier Ethernet standards, making it easy to integrate into existing networks (provided the required Cat6 cables are used).

Sophos multi-gig connectivity across your firewalls, access points, and switches gives you a future-proof solution to avoid network bottlenecks and the necessary throughput to handle evolving connectivity requirements. This allows you to scale your operations and seamlessly support emerging technologies, keeping your employees productive, and your business agile.

Find out more at Sophos.com/Switch.

Source: Sophos

In IT service management, every second counts. When you’re handling countless tickets, managing client relationships and overseeing intricate projects, an inefficient PSA tool can be your biggest roadblock.

If your system is slow, clunky or frustrating to use, it isn’t just an inconvenience -it’s a drain on your productivity and profitability. A PSA tool should work for you, not against you. But if navigating your current system feels like an uphill battle, it’s time to consider the impact of a poor UI.

10 reasons why your PSA needs a better UI

Here are the top reasons why upgrading your PSA’s interface is a necessity.

1. Faster workflows

An optimized UI minimizes unnecessary clicks, improves navigation and streamlines workflows so your team can accomplish tasks quickly and efficiently.

2. Reduced training time

A user-friendly interface ensures that new hires can learn the system faster, reducing the time and cost associated with onboarding and training.

3. Improved accuracy

A well-designed UI eliminates confusion, making key actions clear and logical, which helps reduce errors and misplaced data.

4. Increased technician satisfaction

Your team deserves a PSA tool that works with them, not against them. A modern UI reduces frustration, improves morale and keeps technicians happy and engaged.

5. Seamless multidevice use

Technicians aren’t always at their desks. A PSA tool with a responsive, mobile-friendly UI ensures productivity whether they’re in the office or on-site.

6. Enhanced customer interactions

When information is easy to find, your team can respond to customer or user inquiries faster and more effectively, improving service quality and satisfaction.

7. Greater customization

A PSA tool should adapt to your business, not the other way around. A flexible UI allows users to customize dashboards and layouts to fit their unique workflows.

8. Accessibility for all

A great UI ensures usability for everyone, including those who rely on keyboard navigation, screen readers or other accessibility tools.

9. Lower error rates

A cluttered or unintuitive UI leads to mistakes. A streamlined, well-designed interface helps prevent costly errors and miscommunications.

10. Future-proofing your business

Technology evolves fast, and so should your PSA tool. A PSA with a modern, continuously improving UI ensures you stay ahead of industry trends and efficiency standards.

Autotask PSA’s Next-Generation UI: A Case Study in Good UX

If you’re looking for a PSA tool that embraces all these UX principles, Autotask’s latest UI update is worth exploring. With the 2025.1 release, Autotask PSA is taking its user experience to the next level with:

• Enhanced navigation: A collapsible left navigation menu, cleaner top navigation and a revamped search bar for a smoother experience.

• Refreshed dashboards: Customizable layouts with resizable widgets to tailor the interface to your workflow.

• Streamlined Worklist panel: Pinned tickets and tasks remain front and center, reducing distractions and keeping priorities clear.
• Improved accessibility: Enhanced keyboard navigation, mobile usability and screen reader support to ensure everyone can work efficiently.
• Unified UI across Kaseya IT Complete: A consistent design across Autotask, IT Glue and other Kaseya tools for easy cross-platform navigation.

And this is just the beginning. Future updates will include in-line editing, bulk actions, preview panels for related items and even more ways to improve usability and efficiency.

Don’t let a poor UI hold you back

Your PSA tool should make your job easier, not harder. If your current system is slowing you down, frustrating your team or making simple tasks unnecessarily complicated, it’s time for a change.

Autotask’s next-generation UI is designed to maximize efficiency, accessibility and user satisfaction. If you’re ready to see how a modern PSA interface can transform your workflow, it’s time to experience Autotask for yourself.

Ready to stop wasting time? Learn more about Autotask’s new UI today by booking a one-on-one call with one of our PSA experts.

Source: Datto

You can share your WiFi password safely by using a strong password, creating a guest network, enabling your router’s encryption and regularly updating your router. Sharing your WiFi password safely is important because someone with bad intentions could use it to hack into your network, steal your personal information or infect your devices with malware.

Keep reading to learn about the consequences of insecurely sharing your WiFi password, ways to securely share it and best practices for sharing it with others.

The risks of insecurely sharing your WiFi password

When guests visit your house for the first time, one of the first things they might ask for is your WiFi password. Here are several insecure ways you could share your WiFi password with friends, family or other guests:

Imagine inviting a few friends over to watch a movie, and they ask for your WiFi password. You may have never changed your WiFi network’s default password, or you might be using a very weak WiFi password because it’s easier for people to type. Regardless of how secure your WiFi password is, sharing it with your friends through a group chat, individual text messages or email can leave your router vulnerable to hacking. Since emails and text messages are unencrypted, a cybercriminal could intercept your messages, revealing your WiFi password.

With your password, a cybercriminal could access your WiFi network, launch a malware infection and potentially infect other Internet of Things (IoT) devices connected to your network. By sharing your WiFi password via text with one of your friends, you risk a cybercriminal gaining unauthorized access to your WiFi network and potentially spying on you through any devices with cameras that are also connected to it.

How to securely share your WiFi password

Now that you know several insecure ways of sharing your WiFi password, let’s dive into how you can securely share it between Apple devices, Android devices and other devices.

Sharing your WiFi password between Apple devices

Before sharing your WiFi password with someone using an Apple device, make sure that both of your devices’ software is updated with the latest iOS version, WiFi and Bluetooth are turned on and you are signed in to your iCloud account with your Apple ID. Once you’re ready to share your WiFi password, unlock your device and connect to your WiFi network. A pop-up will appear at the bottom of your screen asking if you want to share your WiFi password with the other person. Tap Share Password, and the screen will indicate that the sharing was successful.

Sharing your WiFi password between Android devices

One way to share your WiFi password from one Android device to another is by turning your password into a scannable QR code. On Pixel and other Android phones, visit Settings, tap Network & Internet, then select Wi-Fi. Tap the settings icon next to your network, then tap Share. A screen will appear with a QR code displaying the name of your WiFi network and your WiFi password.

Not all Android devices follow the same steps, but the process is relatively similar. For example, if you use a Samsung phone, you will need to visit Settings, tap Connections, then select Wi-Fi. Tap the settings icon, then select QR Code in the bottom-left corner of your screen. On Samsung devices, you will not see your WiFi password written out.

How to safely share your WiFi password between any device

For a safe way to share your WiFi password between devices, consider using a password manager like Keeper^®. Although you may think password managers only store passwords, you can use Keeper Password Manager to send passwords safely through its One-Time Share feature without jeopardizing your privacy. If your WiFi password is saved as a record in your digital vault, you can share that record for a limited time using the One-Time Share feature, even if the recipient doesn’t have a Keeper account. One-Time Share encrypts your WiFi password and other login credentials with zero-knowledge security, reducing the risk of someone intercepting your WiFi password while it’s being shared.

Best practices to follow when sharing your WiFi password

Whenever you share your WiFi password with someone, follow best practices to do so safely and minimize your chances of allowing a hacker access to your network or connected devices.

Use a strong, unique WiFi password

Change your default WiFi router’s password, if you haven’t already, to a strong, unique password that you don’t use for any other account. Even if you have changed the default password but it is weak or reused, update it with a randomly generated, secure password. A strong password for your WiFi should consist of at least 16 characters, with a combination of uppercase and lowercase letters, numbers and symbols. An easy way to create a strong, unique password for your WiFi network is by using a password generator, which produces random passwords based on customizable criteria.

Create a guest network

Instead of having guests use your primary WiFi network, create a guest WiFi network with a limited connection that won’t affect your devices. Your guest WiFi network should have a different password than your primary network, but it should be just as strong to keep your guests’ devices secure. Creating a guest network is a smart practice because you never know if any of your guests’ devices might be infected with malware. If an infected device connects to your primary WiFi network, malware could spread to other devices connected to your network.

Enable your router’s encryption

Make sure your WiFi router is encrypted to prevent cybercriminals from stealing transferable information by hacking into your network. Enable your router’s encryption with WPA3, which is the newest and best type of encryption protocol for WiFi. To enable encryption on your router, update it through your Internet Service Provider (ISP) settings.

Keep your router up to date

It’s important to keep your WiFi router up to date with the latest software because software updates equip your router with the most recent security patches, bug fixes and improved features. Keeping your WiFi router updated ensures it remains secure and stable, protecting your network and devices from cyber threats.

Securely share your WiFi password using Keeper

Instead of jeopardizing your network’s privacy by sending your WiFi password via email or SMS, securely share it using Keeper’s One-Time Share feature. With Keeper Password Manager, you can create a strong WiFi password, update it to be more unique, store it in a secure vault and share it with anyone you choose for a limited time to protect its safety.

Start your free 30-day trial of Keeper Password Manager today to protect your WiFi password and securely share your other login credentials.

Source: Keeper Security

For over two decades, Autotask has been a trusted go-to solution for IT professionals worldwide. As technology has evolved, so has Autotask — from client-server beginnings to a cloud-based powerhouse. Now, with the release of the 2025.1 update, we’re excited to usher in the next chapter: a reimagined user interface (UI) designed to modernize, simplify and empower.

Whether you’re a long-time Autotask power user or new to the platform, this update delivers a refreshed experience that adapts to your workflow, reduces friction and introduces a consistent design philosophy across the Kaseya IT Complete platform. Let’s take a closer look at the journey and what you can expect.

The philosophy behind the UI refresh

“Revamping the Autotask UI has been one of our biggest initiatives yet,” says Kevin Sequeira, General Manager of Kaseya’s PSA Suite. “We’ve invested heavily to make it not just visually appealing, but truly intuitive and efficient, so our customers can work smarter and get more done with less hassle.”

At the heart of the new UI refresh, our commitment is to create a more intuitive, streamlined and empowering user experience. You will see it kickstart starting in the 2025.1 release. This UI update is a thoughtful reimagining of how Autotask serves you in your day-to-day tasks. By focusing on user feedback and real-world workflows, we’ve developed a philosophy that prioritizes consistency, accessibility and ease of use.

Unified consistency across IT complete

The new Autotask UI is built on the Kaseya Design System (KDS), which ensures consistency across the IT Complete suite. Whether you’re switching between Autotask, IT Glue or other Kaseya tools, the familiar layout and functionality make the transition seamless. Think of it as learning one tool and being able to navigate them all effortlessly.

User-centric modernization

Our mission with this refresh is to make Autotask align seamlessly with your workflow. By minimizing clicks and maintaining context, features like collapsible navigation and inline editing simplify tasks, boost efficiency and improve usability. This update ensures you can stay focused on what truly matters, without unnecessary distractions.

Accessibility for all

We’ve enhanced keyboard navigation, improved mobile usability and made strides in screen reader support to ensure that Autotask is accessible to everyone, regardless of environment or ability. From the desk to on-the-go scenarios, we’re making it easier to stay productive.

Empowerment through simplicity

Autotask’s new UI strikes the perfect balance between simplicity and capability. Designed to help you get started quickly, it eliminates the overwhelm often associated with advanced tools. As you grow more comfortable, the intuitive interface allows you to self-discover Autotask’s powerful features, unlocking its full potential at your own pace.

A look back: Autotask’s evolution

Autotask has undergone three major UI overhauls in its history, each building upon the last to meet the needs of modern IT professionals.

From its client-server roots to its web-based iteration and cloud-based transition, every evolution has brought new features and opportunities.

The 2025.1 release marks the beginning of Autotask’s new UI, laying the foundation for even more transformative updates in the coming months and years.

What’s new in the 2025.1 release?

The phased rollout of the 2025.1 release begins January 22, 2025, and will be complete by February 6, 2025.

Here’s what’s included:

Enhanced navigation

Navigating Autotask has never been smoother. With thoughtful updates to both the top and left navigation menus, users can expect a cleaner, more intuitive experience that minimizes clicks and maximizes productivity.

• Left navigation: A collapsible left navigation menu replaces the previous top hover-navigation, offering more screen space and flexibility.
• Top navigation reordering: Icons have been introduced for a cleaner and more intuitive interface.
• Search bar improvements: Now located on the right-hand side, with plans for a global search feature later this year.

Refreshed dashboards

Dashboards now feature a modern look and improved layout capabilities. You can resize and rearrange widgets directly on the screen for a personalized experience.

Streamlined Worklist panel

The updated Worklist panel makes it easier than ever to access pinned tickets and tasks, keeping your priorities front and center.

What’s next?

The 2025.1 release is just the beginning. Future updates will focus on key areas in Autotask such as contracts (including umbrella contracts), devices, tickets, projects and scheduling with core changes to the user experience:

• Refreshed grids and filters
• In-line editing
• At-a-glance preview panels for related items
• Bulk updates

We’re taking a progressive approach to the rollout, actively gathering feedback from users to refine and improve. If something feels new or unfamiliar, know that we’re here to listen and evolve.

Why change is worth it

Change can be uncomfortable, especially when it’s with a tool as central to your workflow as Autotask. However, history shows that every Autotask refresh has ultimately delivered greater value and usability. This update is no different. It’s about resetting how Autotask serves you in your day-to-day work, removing unnecessary steps and creating a platform that grows with your needs.

Share your feedback

We’re committed to making Autotask the best it can be. Help shape the future by sharing your thoughts through our UX Research Interest Form.

Together, we’re building the next generation of Autotask, one click at a time.

Source: Datto

In 2024, we introduced Generative AI features in the Sophos Extended Detection and Response (XDR) platform, empowering security analysts to operate confidently and make smart decisions fast.

Today, we are excited to extend these capabilities with the launch of the Sophos AI Assistant.

Crafted by experts, created for everyone

Designed and developed by Sophos experts for your in-house team, the Sophos AI Assistant guides security professionals of all skill levels through each stage of a case investigation, maximizing efficiency to identify and neutralize threats fast.

Feature video: Introducing the Sophos AI Assistant

The Sophos AI Assistant makes it easy for all users — from IT generalists to Tier 3 SOC analysts — to get the information they need to progress threat investigations and rapidly neutralize threats.

• Conduct an extensive range of SecOps tasks: Identify impacted entities, check URL reputation, analyze suspicious and complex commands, enrich data with the latest threat intelligence, and more.
• Accelerate investigations with accessible insights: The AI Assistant provides clear explanations and summarized information to help you understand context — and recommends next steps.
• Get the data you need quickly, without complex SQL: Ask your own questions using everyday language or use pre-defined prompts provided by Sophos’ threat detection and response experts.
• Create detailed case reports: Communicate with stakeholders with clear, focused reports that summarize investigations, highlight issues, and outline protective measures.

SecOps expertise — from our team to yours

Our people are at the heart of our AI-powered cybersecurity solutions. The Sophos AI Assistant isn’t just another AI tool — it’s expertise from the team behind the world’s leading Managed Detection and Response service, distilled into an intelligent agent.

• Designed in partnership with Sophos’ frontline security analysts, enabling your in-house team to benefit from real-world workflows and the experience of Sophos MDR experts.
• Developed by the Sophos AI team who apply their extensive AI expertise to design, build, and maintain over 50 AI models specific to cybersecurity. Our robust development processes — following secure-by-design principles — allow you to use Sophos AI with confidence.
• Continually updated based on the evolving threat landscape, ensuring you have access to the latest investigation techniques and current threat intelligence from Sophos X-Ops, our cross-functional cybersecurity task force.

Demo: See the new Sophos AI Assistant in action in this end-to-end real-world scenario

Outcome-focused AI

We’ve been elevating cybersecurity with AI since 2017, with deep learning and GenAI capabilities embedded across Sophos products and services and delivered through the largest AI-native platform in the industry. We know how to deliver real-world impact. While other vendors focus on the AI technology itself, we focus on the benefits and security outcomes it can deliver.

Our robust, battle-proven AI-powered solutions make a material difference by neutralizing threats faster and empowering analysts to make smart decisions. In addition to the new Sophos AI Assistant, GenAI capabilities in Sophos XDR enable your security team to neutralize adversaries faster, increasing both analyst and business confidence:

• AI Case Summary provides an easy-to-understand overview of detections, helping analysts make smart decisions fast.
• AI Command Analysis delivers insights into attacker behavior by examining commands that create detections.
• AI Search uses natural language search to accelerate day-to-day tasks and lower the technology barrier to security operations.

Sophos’ GenAI features are included with Sophos XDR subscriptions and are available on an opt-in basis, giving you full control over their use.

Elevate your cybersecurity with GenAI today

To explore how GenAI capabilities in Sophos XDR can help your organization better defend against active adversaries, speak with a Sophos adviser or your Sophos partner.

Already using Sophos XDR? Learn more about the GenAI features available to you, and how to activate them, on the Sophos Community.

Source: Sophos

Making sure your password is strong yet memorable can be challenging and stressful. However, following best practices – like using passphrases, incorporating acronyms and relying on a password manager – will ensure your passwords are strong and safe. A strong password should contain at least 16 characters, with a combination of uppercase and lowercase letters, numbers and symbols. Never use common phrases or personal information in your passwords, as these can be easily guessed by cybercriminals. Also, do not reuse the same passwords across multiple accounts because they can become compromised due to poor password practices.

Continue reading to learn the best practices for creating strong and memorable passwords.

1. Use passphrases

Passphrases are made up of multiple unrelated words, making them longer than typical passwords. The longer your password is, the harder it is for a cybercriminal to crack. Since passphrases are random words rather than random letters, numbers and symbols, they are easier to remember and provide more security benefits than a normal password due to their length and complexity.

You can create a strong passphrase by including a combination of words that have uppercase and lowercase letters, numbers and symbols, but make sure the words you use are completely random. For example, if you enjoy going to the beach and create a passphrase using words related to the beach (ocean, dolphin, sunshine, etc.), those words are not completely random, making the passphrase unsafe. A strong passphrase could look like this: Mixture-Pie-Met-State-Planning6. None of these words have anything in common, and this passphrase also includes a variety of characters and symbols separating the words.

2. Incorporate acronyms

Remember when you needed to learn a complex subject or study for an exam? You probably used an acronym to help you remember a concept. Acronyms are still useful when it comes to creating strong and memorable passwords. To incorporate acronyms into your password creation process, think of a sentence or phrase that holds meaning for you. Take the first letter of each word and turn it into a password, but don’t forget to still include numbers and symbols.

Let’s create a strong password using acronyms together. Imagine the sentence “I like going to the diner to eat strawberry chocolate cheesecake with my best friend Amy” is very meaningful to you. As an acronym, that sentence would be “IlgttdtesccwmbfA,” but you still need to incorporate a mixture of uppercase and lowercase letters, numbers and symbols to make it stronger; more on that below.

3. Replace letters for numbers and symbols

Following our example above, we still need to swap out letters for numbers or symbols to make our password strong. After making these changes, your password has gone from the acronym “IlgttdtesccwmbfA” to something like “I1g2tD2eSccWmbfA!.” To anyone who didn’t know your original sentence or phrase, this password would be challenging to guess since it contains random letters, numbers and symbols.

You can also replace letters with numbers and symbols in a passphrase. For example, if you have the words “cheese,” “sofa,” “motorcycle” and “sapling,” you can incorporate numbers and symbols to turn these random words into a strong passphrase. The outcome of replacing some letters with numbers and symbols could look like this: Ch3e5e_s0fA!Mot0rcYc1E-5ap1iNg. Because this password is long, contains a variety of characters and is completely random, it is a very strong passphrase.

4. Avoid common dictionary words and related phrases

Make sure to avoid using common dictionary words and phrases in your passwords. You may be thinking, “Doesn’t the dictionary have the kinds of words I’d use in a password? How am I supposed to avoid using common words?” Your password can still incorporate commonly used words; however, they should include a variety of characters or have letters replaced by numbers and symbols to make them more secure. Make sure your password does not contain the word “password” or the phrase “qwerty,” since cybercriminals expect people with poor password practices to use these for convenience. Common dictionary phrases might also include “iloveyou,” “goodmorning” or other popular sayings that could be cracked in a dictionary attack.

Dictionary attacks occur when a cybercriminal cracks your login credentials by guessing familiar phrases or words found in dictionaries. Even if you think adding “123456” to the end of your password makes it unique and more secure, it does not, because cybercriminals know this is a popular pattern. A good way to avoid using common dictionary words or phrases is to use a password or passphrase generator, which provides random combinations of characters and words, making it much harder for cybercriminals to crack your credentials.

5. Start using a password manager

In addition to using a password or passphrase generator, you should start using a password manager, which not only creates strong passwords but also stores them in a safe place. Keeper Password Manager offers a built-in passphrase generator, allowing you to replace any weak or reused passwords with strong, random passphrases at the click of a button. Keeper Password Manager can also automatically fill in your login credentials using KeeperFill^®, which enters the username and password from your digital vault into websites by recognizing which website or account you need the login credentials for. To access your password manager, all you need to remember is your master password, which is a single password or passphrase that unlocks your digital vault.

How Keeper^® helps you create strong passwords

By following these best practices for creating strong and memorable passwords, you will protect your online accounts and private information from potential cyber threats. Using Keeper Password Manager helps you create and store strong passwords and passphrases in a secure digital vault, making it a helpful tool for maintaining password security.

Start your free 30-day trial today to explore the convenient and safe features that Keeper Password Manager has to offer.

Source: Keeper Security