December 22, 2021 Avos Locker remotely accesses boxes, even running in Safe Mode Infections involving this relatively new ransomware-as-a-service spiked in November and December SophosLabs Uncut Threat Research
December 20, 2021 Logjam: Log4j exploit attempts continue in globally distributed scans, attacks China and Russia, Kinsing miner botnet dominate sources of exploit attempts. SophosLabs UncutThreat Research
June 07, 2022 Move fast, unbreak things: About the Sophos Active Adversary Playbook 2022 Our latest report shows that the most pleasant way to learn from Rapid Response mayhem is to read about how it worked out for someone else Security OperationsSophosLabs UncutThreat Research
December 14, 2021 Microsoft wraps up 2021 with 64 patched vulnerabilities—including Windows 7 fixes SophosLabs UncutThreat Research
December 12, 2021 Log4Shell Hell: anatomy of an exploit outbreak A vulnerability in a widely-used Java logging component is exposing untold numbers of organizations to potential remote code attacks and information exposure. SophosLabs UncutThreat Research
November 23, 2021 Android APT spyware, targeting Middle East victims, enhances evasiveness The phone spyware has new features that confer resistance to takedowns or manual removal SophosLabs UncutThreat Research
November 18, 2021 New ransomware actor uses password-protected archives to bypass encryption protection Calling themselves "Memento team", actors use Python-based ransomware that they reconfigured after setbacks. SophosLabs UncutThreat Research
November 11, 2021 BazarLoader ‘call me back’ attack abuses Windows 10 Apps mechanism The unusual technique invokes the Windows App Installer to deliver malware SophosLabs UncutThreat Research
November 09, 2021 November, 2021 Patch Tuesday falls back to just 57 bug fixes Critical fixes on tap for Office, Windows, and some enterprise applications - including a possible avenue to escape a virtual machine SophosLabs UncutThreat Research
October 24, 2021 Node poisoning: hijacked package delivers coin miner and credential-stealing backdoor A hacked NPM account was used to deliver Linux and Windows Monero miners and Windows credential-stealing malware along with a popular node.js library. SophosLabs UncutThreat Research