Android APT spyware, targeting Middle East victims, enhances evasiveness

November 11, 2021

BazarLoader ‘call me back’ attack abuses Windows 10 Apps mechanism

The unusual technique invokes the Windows App Installer to deliver malware

SophosLabs UncutThreat Research

November 09, 2021

November, 2021 Patch Tuesday falls back to just 57 bug fixes

Critical fixes on tap for Office, Windows, and some enterprise applications - including a possible avenue to escape a virtual machine

SophosLabs UncutThreat Research

October 24, 2021

Node poisoning: hijacked package delivers coin miner and credential-stealing backdoor

A hacked NPM account was used to deliver Linux and Windows Monero miners and Windows credential-stealing malware along with a popular node.js library.

SophosLabs UncutThreat Research

October 13, 2021

CryptoRom fake iOS cryptocurrency apps hit US, European victims for at least $1.4 million

Scammers combine romantic lures with crypto scams, abusing Apple's ad-hoc app distribution to steal millions from people around the world.

SophosLabs UncutThreat Research

October 12, 2021

Exchange Server, Windows Print Spooler get more patches in October’s Patch Tuesday

SophosLabs UncutThreat Research

October 05, 2021

Python ransomware script targets ESXi server for encryption

Configuration errors rapidly escalated to a ransomware attack inside a virtual machine hypervisor

SophosLabs Uncut

October 04, 2021

Atom Silo ransomware actors use Confluence exploit, DLL side-load for stealthy attack

A new ransomware operator uses stealthy techniques, but borrows heavily from other players.

SophosLabs UncutThreat Research

September 23, 2021

Phishing and malware actors abuse Google Forms for credentials, data exfiltration

SophosLabs UncutThreat Research

September 21, 2021

Cring ransomware group exploits ancient ColdFusion server

The rarely-seen ransomware family leveraged commercial remote access tools to move laterally on the network

SophosLabs UncutThreat Research