sophoslabs

(get it in RSS or Atom)

Black Hat 2015 - get your FREE SOCKS :-)

We don't mean to be crassly commercial - and we aren't - but if you're attending Black Hat 2015, be sure to check out our socks.

Blue Screen of Death socks...for real!

SSCC 195 - Let's talk security (over HTTPS, of course) [PODCAST]

This week, Chester is at the RSA Conference 2015.

Get a feel for the conference vibe, hear about this year's themes, and, of course, catch up on the latest security news...

From the Labs: more advances in Advanced Persistent Threats

apt-scene-250

SophosLabs researcher Gabor Szappanos is back.

He presents another insightful installment in the ongoing saga of PlugX and other "malware factories" that are part of the Advanced Persistent Threat scene.

SSCC 184 - What's the lifespan of a GHOST? [PODCAST]

Our weekly security podcast - the latest news in 15 minutes, entertaining *and* educational.

Enjoy!

"Exploit This": Evaluating the exploit skills of malware groups

exploit-this-paper-250

SophosLabs researcher Gabor Szappanos compares APT actors and cybercrooks.

A comparative review of malware writers!

A fascinating study, well worth a read...

Notes from SophosLabs: On the trail of rootkits and other malware

When an interesting new piece of malware makes the news, the first question people ask is usually, "How does it work? "

And that leaves us with the question behind the question: "How do you tell what it does?"

From the Labs: VBA is definitely not dead - in fact, it's undergoing a resurgence

Fake Sophos Encryption

Our most recent detection statistics show that using Visual Basic code in malicious documents is a trend on the rise. So why have malware authors turned to Visual Basic to do their bidding?

Duping the machine - the cunning malware that throws off researchers

Malware. Image courtesy of Shutterstock

Traditionally, when malware detects that it is not running in a genuine victim setting, it will simply exit immediately. But there's a certain subset of malware families that are more cunning when they detect an analysis environment...

From the Labs: PlugX - the next generation

X. Image courtesy of Shutterstock

In this new paper from SophosLabs, Principal Researcher Gabor Szappanos takes a look into a new variation of the PlugX malware.

On the trail of Advanced Persistent Threats...

apt-article-250

SophosLabs expert Gabor Szappanos has written a highly-recommended report entitled "Advanced Persistent Threats - the new normal?"

Szappi explains how exploits once seen only in APTs are appearing ever more widely in money-making malware, and why that puts us all at ever greater risk.

Sophos scavenger hunt - test your security knowledge and win a T-shirt

Scavenger hunt

It's that time of year again - can you find the answers hidden within the Threat Report?

Who is SophosLabs: Vincent Lynch, Senior Threat Researcher

Who is SophosLabs: Vincent Lynch

SophosLabs is at the center of Sophos. It's the place where highly skilled experts in the field work round the clock to build protection from the latest threats. But what sort of people work there?

Who is SophosLabs: Rowland Yu

Who is SophosLabs

In our latest look at the people behind SophosLabs, we talk to Rowland Yu about his recommendations for those trying to get into computer security, his favorite book and how he's great at cooking chinese food.

Who is SophosLabs: Peter Szabo, Senior Threat Researcher

Who is SophosLabs

In our latest delve into the minds behind SophosLabs, Peter Szabo talks about how the problem with malware isn't going away any time soon. He also reveals that he's a "digital hermit" and stays far far away from Facebook.

Monday review - the hot 20 stories of the week

Monday review

In case you missed any recent stories, here's everything we wrote in the last seven days.

Who is SophosLabs: James Wyke, Senior Threat Researcher

Who is SophosLabs

In the third post in our ‘Who is SophosLabs’ series, threat researcher James Wyke discusses the challenge of securing a mobile distributed workforce and his tips on how to stay safe online. We think he's joking about living in a bunker...

The PlugX malware factory revisited: introducing "Smoaler"

smoaler-250

Popular SophosLabs writer Gabor Szappanos is back with more insights into the Tibetan-themed Advanced Persistent Threat (APT) scene.

This time, he looks at Smoaler, a new cousin of the PlugX family that starts off like what we've seen before, before branching off in new ways.

Monday review - the hot 15 stories of the week

Monday review

Missed anything last week? Catch up with everything we talked about with this handy weekly roundup.

Who is SophosLabs: Joanne Garvey, Threat Researcher

Who is SophosLabs

In the second post in our ‘Who is SophosLabs’ series, threat researcher Joanne Garvey reveals how she protects her information online, why she has no time for hobbies, and her fascination with chaos theory.

Monday review - the hot 22 stories of the week

dow-250

Did you miss anything in the past week?

Here's a recap of the hot 22 stories of the past seven days, so you can catch up quickly!