SophosLabs – the bloggers revealed

Since we started the SophosLabs blog back in April 2007 we’ve been asked a few times to share a little information about the people who post up here.

The SophosLabs blog is updated around the clock, seven days a week, from our research centres around the world. Some of our bloggers are more camera-shy than others, but below we’ve tried to give you a brief look behind the scenes into who some of our more prolific bloggers are, and what makes them tick.

We’ll update this page from time-to-time with information about more SophosLabs staff.

So, in no particular order, lets kick off..

Billy McCourt

Billy McCourt is a senior virus researcher at SophosLabs.

Billy joined Sophos in 2001 as a virus analyst after graduating from the University of Reading with a degree in computer science.

As a member of the detection development team, Billy is involved in researching into areas such as generic detection technologies, automated exploit detection and Linux malware.

Fraser Howard

Fraser Howard

Fraser Howard is a principal virus researcher at SophosLabs.

Fraser is a respected security expert, and has been principal virus researcher with SophosLabs since 2006. Fraser joined Sophos from McAfee where he managed anti-malware researchers across EMEA. He was previously technical editor of Virus Bulletin magazine, the industry’s leading publication dealing with the issue of viruses and associated malware.

Listen to Fraser discussing zero-day threats in a podcast.

Gareth Catterall

Gareth Catterall is a malware researcher at SophosLabs.

Gareth is particularly interested in fighting the bad guys by trying to incorporate aspects of machine learning into detection. This interest follows his university dissertation which focused on genetic algorithms and machine learning to evolve workable and compilable programs capable of outperforming humans.

Gareth spends his spare time developing an MMORPG and practising Aikido, Judo and Ju Jutsu. He admits to being a dedicated fan of science fiction shows such as “Doctor Who” and “Firefly” and “Babylon 5”.

Graham Lee

Graham Lee

Graham Lee is a senior software engineer at Sophos.

Graham joined Sophos in 2007 where he is the technical lead on the Mac software development team.

He is an active member of the Mac community, being on the committee for the Oxford Mac User Group and a co-founder of the Swindon branch of CocoaHeads, a worldwide Mac developer gathering.

Graham has written and spoken frequently about Mac security including his paper, “Ten Tips…” which was published in MacFormat magazine. He believes that many problems can be solved by reversing the polarity of the neutron flow.

Mark Harris

Mark Harris

Mark Harris is the Global Director of SophosLabs.

Mark joined Sophos from McAfee in September 2005 where he had a variety of roles ranging from Development Manager, Chief Software Architect and Director of Engineering. He has spent 10 years in the security software industry.

Mark is responsible for the overall direction and strategy of SophosLabs but freely admits that he relies on the ‘really smart guys’ to do the real work.

As well as regular presentations at a variety of events, he has also made a number of appearances on TV and Radio recently, much to the bemusement of his teenage children.

Niall FitzGibbon

Since Niall FitzGibbon joined SophosLabs as a virus researcher in December 2006, he has helped with proactive detection of server-side polymorphic packers and obfuscators such as Tibs and Swizzor. He has a long term project to improve detection for this kind of malware.

Niall learnt all about reverse-engineering by dismantling computer games and tacking extra stuff onto them. It’s something he still enjoys in his spare time.

Numaan Huq

Numaan Huq

Numaan Huq is a virus researcher with SophosLabs Canada. Numaan joined Sophos in 2007 after completing his BSc in Computer Science from the University of Victoria, BC.

Numaan became interested in the tech security field after spending a lot of time researching potential vulnerabilities for VoIP phones in one of his internship jobs. Numaan’s current interests includes script based malware, software protection systems (packers), viruses and software vulnerabilities.

Beyond the realm of malware Numaan likes: to drive around aimless in the city and countryside, experiment with cooking, Macs, Wii, read fantasy novels (go Terry Brooks & George R. R. Martin!) and try to finish his MSc on time.

Paul Baccas


Paul O Baccas joined Sophos in 1997 after studying Engineering Science at Oxford University. Currently, he is employed as a virus and spam researcher for SophosLabs.

Paul has published several papers, and was a technical editor for the “AVIEN Malware Defense Guide”. He has written articles for security industry journal Virus Bulletin and is a frequent contributor to the SophosLabs blog under his nom-de-plume “Pob”.

Listen to Paul discussing pump-and-dump email scams in our podcast: “Surfing the pump-and-dump wave”

Richard Cohen

Richard Cohen

Richard Cohen is the technical lead for malware research in SophosLabs Canada.

Richard joined the Oxford lab in 2002 after studying Engineering at Cambridge University. Four years later he moved to Canada to help expand the malware operations in the Vancouver lab, and not at all for the skiing, definitely not.

Outside of work Richard enjoys a wide range of music, plays the double bass, and recently learned to ski.

Samir Mody

Samir Mody

Samir Mody, who blogs under the nom-de-plume “SKM”, joined Sophos in 2000 after studying Engineering, Economics and Management at the University of Oxford, and is presently employed as a Threat Operations Manager at SophosLabs.

In that role, Samir co-ordinates a team of malware experts looking at the many samples of suspicious files sent in by customers every day.

Outside the office Samir is a keen cricketer, and has an active interest in literature, politics, economics, philosophy and history. Although he cannot play a musical instrument himself, he makes up for it by writing reviews of classical musical concerts.

Samir has presented papers at conferences related to malware research and computer security, such as Eicar.

He was also the star of Sophos’s 2009 April Fool’s Day video.

Stuart Taylor

Stuart Taylor

Having joined Sophos in 1997 as a virus researcher, Stuart Taylor is now employed as the manager of Sophos’s UK lab operations, ensuring that all threats reported to SophosLabs UK are analysed. This covers the whole spectrum of malware, spam, web-based threats and vulnerabilities.

Stuart is also responsible for ensuring that Sophos participates and passes the various industry standards for malware testing such as VB100, West Coast Checkmark and ICSA Certification.

As the UK manager he is also responsible for ensuring that SophosLabs has an appropriate infrastructure to effectively handle constantly changing threats.

Outside of work Stuart’s principal interest is steam railways and he is often to be found working on a variety of model railway layouts. He claims not to own an anorak.

Vanja Svajcer

Vanja Svajcer

Vanja Svajcer is a principal virus researcher at SophosLabs.

Vanja joined Sophos as a virus analyst in 1998 after graduating from the Faculty of Electrical Engineering and Computing, University of Zagreb, Croatia.

Vanja’s interests include automated analysis, honeypots and research of malware for mobile devices. He is a frequent speaker at conferences related to malware research and computer security, such as Virus Bulletin, Eicar and Websec.

Vanja was also the star of Sophos’s 2008 April Fool’s Day video, and Sophos’s most popular podcast: “Rootkits: What you need to know”

Zoe Markham

Zoe Markham

Zoe Markham has been working at Sophos since 2003, and is currently employed as a virus researcher inside SophosLabs.

Zoe comes from a non-technical background and is a former English teacher – which probably explains why she is known throughout SophosLabs for being the “grammar police”.

Zoe’s interests include online gaming and she has written a number of blog entries about what happens when the worlds of videogames and malware collide.

If you want to get in touch with any of us just drop us a line at the usual address:

Note that this isn’t the email address you should use if you need technical support, or if you want to send us a suspected malware sample.