SophosLabs Uncut – Computer Security Articles

Sophos’ 2021 threat report highlights a path forward

November 18, 2020 admin 2021 threat report, annual report, cloud snooper, cobalt strike, Meterpreter, ransomware, RDP, SophosLabs, SophosLabs Uncut, VPN

Credit to Author: Andrew Brandt| Date: Wed, 18 Nov 2020 13:30:09 +0000

Sophos’ annual roundup of the security threats that demand attention in 2021<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/MOsEScYoR0Q” height=”1″ width=”1″ alt=””/>

Security Sophos

Hacks for sale: inside the Buer Loader malware-as-a-service

October 28, 2020 admin bazar, buer loader, Ryuk Ransomware, SophosLabs Uncut, Zloader

Credit to Author: gallagherseanm| Date: Wed, 28 Oct 2020 12:30:05 +0000

A year after its debut, Buer’s modular loader rises as an alternative to Emotet and Trickbot’s Bazar.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/M-ChNjA61-4″ height=”1″ width=”1″ alt=””/>

Security Sophos

LockBit uses automated attack tools to identify tasty targets

October 21, 2020 admin attack tools, defense evasion, lockbit ransomware, malicious google documents, Powershell, powershell empire, SophosLabs Uncut

Credit to Author: gallagherseanm| Date: Wed, 21 Oct 2020 12:30:09 +0000

Using renamed copies of PowerShell and Windows’VBscript host and scripts based on PowerShell pen-testing tool, LockBit actors searched for systems with valuable data to hit at small organizations.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/rPN_OaRbtnE” height=”1″ width=”1″ alt=””/>

Security Sophos

Top reason to apply October, 2020’s Microsoft patches: Ping of Death Redux

October 13, 2020 admin 2020-10, cve-2020-16891, cve-2020-16898, cve-2020-16911, cve-2020-16915, cve-2020-16923, cve-2020-16947, cve-2020-16951, cve-2020-16952, cve-2020-16966, microsoft, Patch Tuesday, SophosLabs Uncut

Credit to Author: SophosLabs Offensive Security| Date: Tue, 13 Oct 2020 18:11:11 +0000

A vulnerability in Windows’ TCP/IP driver handling of IPv6 allows denial of service—and possibly remote code execution.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/u1HrsSyhOLQ” height=”1″ width=”1″ alt=””/>

Security Sophos

Email-delivered MoDi RAT attack pastes PowerShell commands

September 24, 2020 admin dll injection, fileless, fileless malware, modi rat, reflective loader, scripted attack, SophosLabs Uncut, vbe

Credit to Author: Andrew Brandt| Date: Thu, 24 Sep 2020 13:00:12 +0000

Fileless attack scripts an interaction with the clipboard to evade detection<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/M9Spaj1zCMQ” height=”1″ width=”1″ alt=””/>

Security Sophos

Maze attackers adopt Ragnar Locker virtual machine technique

September 17, 2020 admin maze, ragnar locker, ransomware, sdrsmlink, SophosLabs Uncut, troj/ransom-gav, troj/swrort-eg, virtual machine, VM

Credit to Author: Andrew Brandt| Date: Thu, 17 Sep 2020 13:00:51 +0000

Under pressure to evade detection by endpoint protection, ransomware criminals try a more radical approach<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/Sl7s3Pwxoc8″ height=”1″ width=”1″ alt=””/>

Security Sophos

Faking it: the thriving business of “fake alert” web scams

September 15, 2020 admin fakealert, fleeceware, fraud, mal/fakealert, SophosLabs Uncut, Technical support scam

Credit to Author: gallagherseanm| Date: Wed, 09 Sep 2020 13:00:21 +0000

Tech support scams and “scarevertising” for questionable mobile apps use ad networks to find their unwitting victims.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/K501HPcYAA0″ height=”1″ width=”1″ alt=””/>

Security Sophos

Two dozen criticals among 129 patched vulnerabilities for September, 2020 Patch Tuesday

September 15, 2020 admin 2020-09, codec, gdi+, Patch Tuesday, SophosLabs Uncut, win32k.sys

Credit to Author: Andrew Brandt| Date: Tue, 08 Sep 2020 23:23:52 +0000

Patching Windows is like getting an immunization booster shot, but without the needle<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/mDKFOGGPHIE” height=”1″ width=”1″ alt=””/>

← Previous