SophosLabs

(get it in RSS or Atom)

A closer look at the malicious Redkit exploit kit

by Fraser Howard on May 9, 2013 | 5 Comments
A closer look at the malicious Redkit exploit kit

In the second technical article of this series, Fraser Howard investigates deeper into the workings of Redkit exploit kit.

Learn more about the internals of this kit; bypassing of security mechanisms within Java, the use of file encryption, and delivery of multiple payloads.

Monday review - the hot 20 stories of the week

by Anna Brading on May 6, 2013 | Leave a comment
Monday review

Get up to date with everything we wrote in the past seven days - it's weekly roundup time.

Lifting the lid on the Redkit exploit kit

by Fraser Howard on May 3, 2013 | 7 Comments

In the first of a two part series, Fraser Howard takes a closer look at the Redkit exploit kit.

Learn more about how this kit works and the compromised web servers that are being used to host it.

Monday review - the hot 21 stories of the week

by Anna Brading on April 15, 2013 | Leave a comment
Monday review

In case you missed anything, here's everything we wrote in the past seven days.

When is a password not a password? When Excel sees "VelvetSweatshop" [VIDEO]

by Paul Baccas on April 11, 2013 | 7 Comments
When is a password not a password? When Excel sees VelvetSweatshop

Malware researcher Paul Baccas reveals how an Excel spreadsheet using the password "VelvetSweatshop" could be designed to put your computer at risk.

Mobile device security in the US military comes under fire

by Beth Jones on April 2, 2013 | 7 Comments
Mobile device security in the US military comes under fire

A recent report by the US Inspector General revealed staggering flaws in the US military's management of mobile devices, and a severe lack of basic IT security protection in place for such devices.

Monday review - the hot 13 stories of the week

by Anna Brading on April 1, 2013 | Leave a comment
Monday review - the hot stories of the week

Catch up with everything we've written in the last seven days with this handy weekly roundup

Spicing up phishing attacks

by Fraser Howard on March 27, 2013 | 4 Comments
Spicing up phishing attacks

Phishing is often regarded as old hat. From a technical perspective, it's a case of 'been there, done that'. Sometimes however, we come across attacks that are just a little bit more interesting (or at least different) from the norm.

Monday review - the hot 21 stories of the week

by Anna Brading on March 25, 2013 | Leave a comment
Monday review - the hot stories of the week

It's weekly roundup time. Here's all the great stuff we've written in the past seven days.

Monday review - the hot 32 stories of the week

by Anna Brading on March 18, 2013 | Leave a comment
Monday review - the hot stories of the week

It's that time of the week again - here's your roundup of everything we wrote in the last seven days.

Seagate's blog pushes malware on unsuspecting visitors via rogue Apache modules

by Paul Baccas on March 14, 2013 | 2 Comments
Seagate's blog pushes malware on unsuspecting visitors via rogue Apache modules

SophosLabs has been tracking an infection of Mal/Iframe-AL on Seagate's blog since late February.

Are you taking enough care of your company's websites?

Oh dear. SophosLabs has upset some malware authors

by Fraser Howard on March 14, 2013 | 8 Comments
Oh dear. SophosLabs has upset some malware authors

Sometimes an insult can be amusing.. and even strangely complimentary.

Here's something which raised a smile for researchers at SophosLabs.

Monday review - the hot 26 stories of the week

by Anna Brading on March 11, 2013 | 2 Comments
dow-250

In case you missed it: Here's everything we wrote last week.

Rogue Apache modules pushing iFrame injections which drive traffic to Blackhole exploit kit

by Fraser Howard on March 5, 2013 | 7 Comments
Rogue Apache modules pushing iFrame injections which drive traffic to Blackhole exploit kit

SophosLabs has seen huge volumes of legitimate sites being compromised with malicious redirects in recent weeks.

Fraser Howard explains what's going on, and how the compromised web servers are almost exclusively running Apache.

Russian ransomware takes advantage of Windows PowerShell

by Anand Ajjan on March 5, 2013 | 11 Comments
Russian flag eye

What's a reasonable price to pay to get your data safely returned to you from the guys who stole it?

How about 10,000 Rubles? No?

According to the cybercriminals behind this new ransomware targeting Russians, the answer is "да".

USA is number one! (...for spam)

by Richard Wang on March 5, 2013 | 4 Comments
usa flag

USA! USA! USA! is back on top as the world’s leading spam-relaying country.

See what other countries top our 'dirty dozen' list and get the latest spam stats from SophosLabs.

Monday review - the hot 22 stories of the week

by Anna Brading on March 4, 2013 | Leave a comment
dow-250

In case you missed anything, here's everything we wrote in the past seven days.

Targeted malware attack piggybacks on Nvidia digital signature

by Gabor Szappanos on February 27, 2013 | 4 Comments
Nvidia_thumb

Gabor Szappanos from SophosLabs takes a detailed examination of a targeted attack involving multiple stages and an innocent signed application - from the social engineering in the initial lure, to the technical capabilities of the malware it delivers.

Technical paper: Exploring the history and technology of ransomware

by Richard Wang on February 26, 2013 | Leave a comment
whitepaper

A new technical paper from SophosLabs explores the history and technology of ransomware. From payment by SMS to public key encryption, ransomware has certainly evolved.

More Mac malware attacking minority groups in China

by Paul Baccas on February 15, 2013 | 4 Comments
More Mac malware attacking minority groups in China

A targeted Mac malware attack strikes a minority group in China, exploiting an old Microsoft Word vulnerability.