.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
Andrew Brandt
Sophos X-Ops Principal Researcher Andrew Brandt blends a 20-year journalism background with deep, retrospective analysis of cyberattacks as a malware and network forensic investigator. His work with the Labs team helps Sophos protect its global customers, and alerts the world about notable criminal behavior and activity, whether it's normal or novel. Follow him at @[email protected] on Mastodon for up-to-the-minute news about all things malicious.
Content by Andrew Brandt
Threat Research
.svg
Featured
Phishing
Scalable vector graphics
Spam
Scalable Vector Graphics files pose a novel phishing threat
February 5, 2025
Security Operations
Chinese APT
Cyberoam
Featured
Pacific Rim Story
Sophos Firewall
state-sponsored attackers
Pacific Rim timeline: Information for defenders from a braid of interlocking attack campaigns
October 31, 2024
Threat Research
Featured
Phishing
QR code
Quishing
Sophos X-Ops
Spam
spearphishing
x-ops
From QR to compromise: The growing “quishing” threat
October 16, 2024
Threat Research
Azure
database
Dynamics365
EoP
Microsoft
Microsoft SQL Server
MS-SQL
Office365
Patch Tuesday
people rating
RCE
Sophos X-Ops
SQL server
Windows
July Patch Tuesday Unleashes a Torrent of Updates
July 9, 2024
Threat Research
election
Email
Featured
fraud
Phishing
Sophos X-Ops
Spam
Telegram
Phishing, BEC attackers target candidates in local election, among others
June 13, 2024
Threat Research
2024 threat report
Featured
pig butchering
PigButchering
ShaShuPan
Small business
Sophos X-Ops
Telegram
The 2024 Sophos Threat Report: Cybercrime on Main Street
March 12, 2024
Threat Research
Asyncrat
cobalt strike
CVE-2024-1708
CVE-2024-1709
Featured
IR
Lockbit
MDR
Ransomware
rust
ScreenConnect
Sophos X-Ops
ConnectWise ScreenConnect attacks deliver malware
February 23, 2024
Threat Research
Featured
Hotel
malspam
malware
RH-ISAC
Social engineering
Sophos X-Ops
Spam
Telegram
“Inhospitality” malspam campaign targets hotel industry
December 19, 2023
Threat Research
Defcon
Electron
Featured
image spam
Notepad++
socat
Social engineering
Sophos X-Ops
Tor
War Stories
Attacker combines phone, email lures into believable, complex attack chain
August 10, 2023
