Latest evolution of ‘pig butchering’ scam lures victim into fake mining scheme

August 23, 2023

Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders

A deep dive into incident-response cases from the first half of this year finds both attackers and defenders picking up the pace

Threat Research

August 10, 2023

Attacker combines phone, email lures into believable, complex attack chain

A social engineering phone call lends authenticity to the attacker's malicious email

Threat Research

August 09, 2023

A piñata of patches for Microsoft in August

A lighter month than July with just 73 fixes on tap, but a phalanx of advisories and third-party alerts will keep sysadmins bashing away

Threat Research

August 08, 2023

Enough attribution to count

Naming and shaming the bad guys can be gratifying, but for practical protection, Threat Activity Clusters are the way

Threat Research

August 08, 2023

Clustering attacker behavior reveals hidden patterns

A series of ransomware attacks made by different groups share curiously similar characteristics

Threat Research

August 02, 2023

Sha zhu pan scam uses AI chat tool to target iPhone and Android users

“CryptoRom” fake crypto-trading mobile apps pushed through AI-assisted romance scam, using ChatGPT to lure targets.

Threat Research

July 27, 2023

Uncovering an Iranian mobile malware campaign

Sophos X-Ops researchers discover a cluster of credential-harvesting apps targeting Iranian bank customers

Threat Research

July 26, 2023

Into the tank with Nitrogen

The element originally known as “foul air” stinks up computers as a new initial-access campaign exhibiting some uncommon techniques

Threat Research

July 20, 2023

Bad ad fad leads to IcedID, Gozi infections

Malvertising campaigns using paid ads result in infostealer and backdoor attacks

Security OperationsThreat Research