Gabor Szappanos from SophosLabs takes a detailed examination of a targeted attack involving multiple stages and an innocent signed application - from the social engineering in the initial lure, to the technical capabilities of the malware it delivers.
A new technical paper from SophosLabs explores the history and technology of ransomware. From payment by SMS to public key encryption, ransomware has certainly evolved.
A targeted Mac malware attack strikes a minority group in China, exploiting an old Microsoft Word vulnerability.
The Spanish police have arrested 11 individuals suspected of being members of the infamous Reveton ransomware gang.
Learn more about what our experts have seen, and ensure that you have protection in place.
Here are 10 questions you should be asking your hosting provider about features and services that will help to keep your site secure, covering general security practices, application security and operation of the site itself.
A new variant of the prevalent Citadel crimeware kit has been discovered to target Point of Sale (POS) devices. Find out more, in this analysis from SophosLabs expert James Wyke.
SophosLabs researcher Richard Wang ran into a unusual opt-out disclaimer earlier today in an email message. It would appear that this spammer has a sense of humor and is polite to boot!
For those interested in exploit kits and how they work, Gabor Szappanos has published the second (and concluding) part of his technical paper looking at the Blackhole kit.
Recommended reading for all those that want a little more detail as to how one of the most prolific and widely used crimeware kits actually works.
SophosLabs process thousands of Android apps daily with many applications approaching the fine line between the completely legitimate and potentially unwanted applications.
Android Armour a premium priced security app was particularly well represented in the incoming stream of samples. Vanja Svajcer investigates why.
In the past 24 hours, many popular exploit kits have been found to be targeting what appears to be a new zero-day vulnerability in Java. Read this article for advice on how to fend off these attacks.
A man in his eighties tries to sell a generator for his friend online.
When a potential buyer asks to send his payment through via PayPal - what could possibly go wrong?
Interested in the buzz around the Mayan calendar ceasing to increment after December 21st, 2012? Don't go looking for presentations about the topic, you might be in for a nasty surprise.
As the end of the year approaches and things calm down around the office, what better way to while away a few minutes than with a harmless Sudoku?
Perhaps not so harmless...
Iran's CERT has issued a warning about a new targeted malware attack that erases hard drives. Is this really the next Stuxnet? Hardly.
What do you do when attackers are abusing legitimate domain Registration services?
How do you stop or at least disrupt the malicious attacks?
Reporting the incident to the appropriate Registrar is the correct course of action, but as you can read, doing so does not necessarily guarantee results.
When security researchers make available proof of concept code to demonstrate vulnerabilities, are they actually supporting the malicious exploit kit authors?
SophosLabs expert Gabor Szappanos shows that the creators of exploit kits aren't the ones discovering the zero day vulnerabilities.
Ever since the source code of Zeus/Zbot leaked in May 2011, many new variants have appeared.
One particularly prevalent example is Citadel.
James Wyke of SophosLabs puts it under the microscope....