September 18, 2023 Latest evolution of ‘pig butchering’ scam lures victim into fake mining scheme Liquidity mining scam puts cruel new spin on Chinese cryptocurrency fraud, with a dash of AI chat Threat Research
September 12, 2023 A 59-CVE Patch Tuesday with something for nearly everyone A wide-ranging month includes four patches you may have applied in August, as well an item of particular end-user interest Threat Research
August 29, 2023 For the win? Offensive research contests on criminal forums We explore some of the entries in recent cybercrime research competitions, and what they say about threat actor innovation and priorities Threat Research
August 23, 2023 Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders A deep dive into incident-response cases from the first half of this year finds both attackers and defenders picking up the pace Threat Research
August 10, 2023 Attacker combines phone, email lures into believable, complex attack chain A social engineering phone call lends authenticity to the attacker's malicious email Threat Research
August 09, 2023 A piñata of patches for Microsoft in August A lighter month than July with just 73 fixes on tap, but a phalanx of advisories and third-party alerts will keep sysadmins bashing away Threat Research
August 08, 2023 Enough attribution to count Naming and shaming the bad guys can be gratifying, but for practical protection, Threat Activity Clusters are the way Threat Research
August 08, 2023 Clustering attacker behavior reveals hidden patterns A series of ransomware attacks made by different groups share curiously similar characteristics Threat Research
August 02, 2023 Sha zhu pan scam uses AI chat tool to target iPhone and Android users “CryptoRom” fake crypto-trading mobile apps pushed through AI-assisted romance scam, using ChatGPT to lure targets. Threat Research
July 27, 2023 Uncovering an Iranian mobile malware campaign Sophos X-Ops researchers discover a cluster of credential-harvesting apps targeting Iranian bank customers Threat Research
July 26, 2023 Into the tank with Nitrogen The element originally known as “foul air” stinks up computers as a new initial-access campaign exhibiting some uncommon techniques Threat Research
July 20, 2023 Bad ad fad leads to IcedID, Gozi infections Malvertising campaigns using paid ads result in infostealer and backdoor attacks Security OperationsThreat Research