SophosLabs

(get it in RSS or Atom)

Taking a closer look at the Glazunov exploit kit

Taking a closer look at the Glazunov exploit kit

In this article, Fraser Howard takes a look at Glazunov - an exploit kit that has been increasingly active in recent weeks. In this deep dive, readers can learn more about how these attacks operate.

Who is SophosLabs: Numaan Huq, Threat Researcher

Who is SophosLabs

SophosLabs is at the centre of Sophos. It's where highly skilled analysts work round the clock to build protection from the latest threats. But what kind of people work there?

Monday review - the hot 16 stories of the week

Monday review

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.

Was Microsoft's takedown of Citadel effective?

Was Microsoft's takedown of Citadel effective?

Last week, Microsoft took aim at more than 1,400 Citadel botnets by sinkholing their command and control infrastructure.

What was the actual effect of this takedown? SophosLabs takes a look...

Guntior bootkit up to new tricks

Check your help

A technical analysis of the Guntior bootkit and its DLL load order abuse of the Windows Help Center.

Monday review - the hot 21 stories of the week

Monday review

Catch up with everything we've written in the last seven days - it's weekly roundup time.

A closer look at the malicious Redkit exploit kit

A closer look at the malicious Redkit exploit kit

In the second technical article of this series, Fraser Howard investigates deeper into the workings of Redkit exploit kit.

Learn more about the internals of this kit; bypassing of security mechanisms within Java, the use of file encryption, and delivery of multiple payloads.

Monday review - the hot 20 stories of the week

Monday review

Get up to date with everything we wrote in the past seven days - it's weekly roundup time.

Lifting the lid on the Redkit exploit kit

In the first of a two part series, Fraser Howard takes a closer look at the Redkit exploit kit.

Learn more about how this kit works and the compromised web servers that are being used to host it.

Monday review - the hot 21 stories of the week

Monday review

In case you missed anything, here's everything we wrote in the past seven days.

When is a password not a password? When Excel sees "VelvetSweatshop" [VIDEO]

When is a password not a password? When Excel sees VelvetSweatshop

Malware researcher Paul Baccas reveals how an Excel spreadsheet using the password "VelvetSweatshop" could be designed to put your computer at risk.

Mobile device security in the US military comes under fire

Mobile device security in the US military comes under fire

A recent report by the US Inspector General revealed staggering flaws in the US military's management of mobile devices, and a severe lack of basic IT security protection in place for such devices.

Monday review - the hot 13 stories of the week

Monday review - the hot stories of the week

Catch up with everything we've written in the last seven days with this handy weekly roundup

Spicing up phishing attacks

Spicing up phishing attacks

Phishing is often regarded as old hat. From a technical perspective, it's a case of 'been there, done that'. Sometimes however, we come across attacks that are just a little bit more interesting (or at least different) from the norm.

Monday review - the hot 21 stories of the week

Monday review - the hot stories of the week

It's weekly roundup time. Here's all the great stuff we've written in the past seven days.

Monday review - the hot 32 stories of the week

Monday review - the hot stories of the week

It's that time of the week again - here's your roundup of everything we wrote in the last seven days.

Seagate's blog pushes malware on unsuspecting visitors via rogue Apache modules

Seagate's blog pushes malware on unsuspecting visitors via rogue Apache modules

SophosLabs has been tracking an infection of Mal/Iframe-AL on Seagate's blog since late February.

Are you taking enough care of your company's websites?

Oh dear. SophosLabs has upset some malware authors

Oh dear. SophosLabs has upset some malware authors

Sometimes an insult can be amusing.. and even strangely complimentary.

Here's something which raised a smile for researchers at SophosLabs.

Monday review - the hot 26 stories of the week

dow-250

In case you missed it: Here's everything we wrote last week.

Rogue Apache modules pushing iFrame injections which drive traffic to Blackhole exploit kit

Rogue Apache modules pushing iFrame injections which drive traffic to Blackhole exploit kit

SophosLabs has seen huge volumes of legitimate sites being compromised with malicious redirects in recent weeks.

Fraser Howard explains what's going on, and how the compromised web servers are almost exclusively running Apache.