Threat Research

RSS

Threat Research

Ransomware

cybercrime

state-sponsored ransomware

victimization

Eeny, meeny, miny, moe? How ransomware operators choose victims

Most ransomware attacks are opportunistic, not targeted at a specific sector or region

Threat Research

clickfix

Featured

GOLD FEATHER

human verification

infostealer

qilin

Ransomware

StealC

I am not a robot: ClickFix used to deploy StealC and Qilin

The fake human verification process led to infostealer and ransomware infections

Threat Research

virtual machine

cybercrime

Ransomware

ISPs

Malicious use of virtual machine infrastructure

Threat Research

Microsoft Office

vulnerability

advisory

Microsoft Office vulnerability (CVE-2026-21509) in active exploitation

Threat Research

TamperedChef

EvilAI

infostealer

Sophos X-Ops

TamperedChef serves bad ads, with infostealers as the main course

Threat Research

ATT&CK

Emulation

Featured

MITRE

MUSTANG PANDA

scattered spider

Sophos X-Ops

Game of clones: Sophos and The MITRE ATT&CK Enterprise 2025 Evaluations

It takes two: The 2025 Sophos Active Adversary Report

Security Operations

Threat Research

active adversary

Active Adversary Report

Compromised Credentials

detection

dwell time

featured

impact

incident response

LOLBIN

MFA

Monitoring

RDP

Remote Ransomware

root cause

It takes two: The 2025 Sophos Active Adversary Report

Threat Research

election

Featured

fraud

Phishing

Sophos X-Ops

Spam

Phishing, BEC attackers target candidates in local election, among others