Avos Locker remotely accesses boxes, even running in Safe Mode

June 07, 2022

Move fast, unbreak things: About the Sophos Active Adversary Playbook 2022

Our latest report shows that the most pleasant way to learn from Rapid Response mayhem is to read about how it worked out for someone else

Security OperationsSophosLabs UncutThreat Research

December 14, 2021

Microsoft wraps up 2021 with 64 patched vulnerabilities—including Windows 7 fixes

SophosLabs UncutThreat Research

December 12, 2021

Log4Shell Hell: anatomy of an exploit outbreak

A vulnerability in a widely-used Java logging component is exposing untold numbers of organizations to potential remote code attacks and information exposure.

SophosLabs UncutThreat Research

November 23, 2021

Android APT spyware, targeting Middle East victims, enhances evasiveness

The phone spyware has new features that confer resistance to takedowns or manual removal

SophosLabs UncutThreat Research

November 18, 2021

New ransomware actor uses password-protected archives to bypass encryption protection

Calling themselves "Memento team", actors use Python-based ransomware that they reconfigured after setbacks.

SophosLabs UncutThreat Research

November 11, 2021

BazarLoader ‘call me back’ attack abuses Windows 10 Apps mechanism

The unusual technique invokes the Windows App Installer to deliver malware

SophosLabs UncutThreat Research

November 09, 2021

November, 2021 Patch Tuesday falls back to just 57 bug fixes

Critical fixes on tap for Office, Windows, and some enterprise applications - including a possible avenue to escape a virtual machine

SophosLabs UncutThreat Research

November 09, 2021

Sophos releases the 2022 Threat Report

SophosLabs UncutThreat Research

October 24, 2021

Node poisoning: hijacked package delivers coin miner and credential-stealing backdoor

A hacked NPM account was used to deliver Linux and Windows Monero miners and Windows credential-stealing malware along with a popular node.js library.

SophosLabs UncutThreat Research