Big Office bug squashed for September 2021’s Patch Tuesday

August 27, 2021

LockFile ransomware’s box of tricks: intermittent encryption and evasion

A new ransomware family leveraging the ProxyShell attack uses intermittent encryption of files in an attempt to defeat detection by anti-ransomware tools.

SophosLabs UncutThreat Research

August 25, 2021

How PetitPotam hijacks the Windows API, and what you can do about it

The PetitPotam attack method is rapidly gaining attention from security researchers and threat actors

SophosLabs UncutThreat Research

August 12, 2021

Gootloader’s “mothership” controls malicious content

New evidence points to a central server that delivers the malicious content and payloads via compromised Wordpress sites

Threat Research

August 10, 2021

Microsoft pushes fixes for 44 more vulnerabilities in August Patch Tuesday update

A publicly-disclosed remote Print Spooler exploit, and bugs in JScript and NFS, lead the list of the most concerning CVEs.

SophosLabs UncutThreat Research

August 09, 2021

BlackMatter ransomware emerges from the shadow of DarkSide

Threat Research

August 03, 2021

Trash Panda as a Service: Raccoon Stealer steals cookies, cryptocoins, and more

Cookie and credential stealing malware-as-a-service delivered by dropper-as-a-service now packs a “clipper” to steal crypto-transactions, and can drop other malware.

SophosLabs UncutThreat Research

July 22, 2021

Malware increasingly targets Discord for abuse

Criminals abuse a successful chat service to host, spread, and control malware targeting their users.

SophosLabs UncutThreat Research

July 13, 2021

Panoply of critical patches in July updates require quick action

More than 40 remote code execution bugs get squished – and not a moment too soon

SophosLabs UncutThreat Research

July 04, 2021

Independence Day: REvil uses supply chain exploit to attack hundreds of businesses

Friday afternoon ransomware rampage exploited Kaseya update system to spread (and conceal) itself.

SophosLabs UncutThreat Research