June 22, 2022 Active Adversary Playbook 2022 Insights: Web Shells Public proofs-of-concept of web shell exploits coincide with major spikes in attacks. Threat Research
June 16, 2022 Confluence exploits used to drop ransomware on vulnerable servers Automated attacks are now widely exploiting the Atlassian vulnerability Security OperationsSophosLabs UncutThreat Research
June 15, 2022 Telerik UI exploitation leads to cryptominer, Cobalt Strike infections Attacker targets bugs in a popular web application graphical interface development tool Security OperationsSophosLabs UncutThreat Research
June 15, 2022 Sophos uncovers how APT groups carried out highly targeted attack Two groups with common task targeted network security devices in two-stage attacks, dropping remote access tools. SophosLabs UncutThreat Research
June 14, 2022 Lighter Patch Tuesday for June remains rich in LDAP vulns The second-lightest set of updates so far in 2022 goes heavy on RCEs, brings along four Intel patches for company SophosLabs UncutThreat Research
June 07, 2022 Move fast, unbreak things: About the Sophos Active Adversary Playbook 2022 Our latest report shows that the most pleasant way to learn from Rapid Response mayhem is to read about how it worked out for someone else Security OperationsSophosLabs UncutThreat Research
June 01, 2022 Analyzing CVE-2022-0778: When Square Root Results in a Denial of Service How could a humble SSL certificate entirely gridlock a system? Walk with us through the math Sophos SecOpsSophosLabs UncutThreat Research
May 30, 2022 ‘Follina’ Word doc taps previously unknown Microsoft Office vulnerability MSDT.exe misuse in May makes for Memorial Day Monday mayhem SophosLabs UncutThreat Research
May 17, 2022 Liquidity mining scams add another layer to cryptocurrency crime Organized rings use fake apps, malicious smart contracts, and lure of big returns to swindle victims out of their savings. SophosLabs UncutThreat Research
May 10, 2022 Hyper-V and Active Directory Front and Center for May Patch Tuesday Organizations should look at last month’s and this month’s bulletins and put their Hyper-V and Active Directory servers and infrastructure at the top of the priority list. SophosLabs UncutThreat Research
May 04, 2022 Attacking Emotet’s Control Flow Flattening Sweeping aside one obfuscation technique in a notorious strain of malware SophosLabs Uncut
April 12, 2022 RPC Vulnerability Stands Out in a Field of 128 in April This month’s Patch Tuesday is more about quantity than severity, with one flashback-inducing exception SophosLabs UncutThreat Research