June 15, 2022

Telerik UI exploitation leads to cryptominer, Cobalt Strike infections

Attacker targets bugs in a popular web application graphical interface development tool

Security OperationsThreat Research

June 07, 2022

The Active Adversary Playbook 2022

Cyberattacker behaviors, tactics and tools seen on the frontline of incident response during 2021

Security OperationsThreat Research

November 26, 2021

Cloud Security: Don’t wait until your next bill to find out about an attack!

Cloud security is the best sort of altruism: you need to do it to protect yourself, but you help to protect everyone else at the same time.

Naked Security

September 01, 2021

Fake pirated software sites serve up malware droppers as a service

Sites advertising "cracked" software packages lead into a network that serves up downloads full of malware instead.

Threat Research

May 07, 2021

New Lemon Duck variants exploiting Microsoft Exchange Server

SophosLabs UncutThreat Research

February 25, 2021

S3 Ep21: Cryptomining clampdown, the 100-ton man, and ScamClub ads [Podcast]

Latest episode - listen now!

Naked Security

June 15, 2020

Microsoft Azure users leave front door open for cryptomining crooks

Microsoft has discovered a campaign that exploits Kubernetes to install cryptomining software in its Azure cloud.

Naked Security

June 09, 2020

Cryptomining criminals under the spotlight – a SophosLabs report

A new SophosLabs report takes you inside a cryptomining gang.

Naked Security

March 19, 2020

Cryptojacking is almost conquered – crushed along with Coinhive

Cryptojacking may not be entirely gone following the shutdown of notorious cryptomining service Coinhive - but it's drastically diminished.

Naked Security