SophosLabs Uncut

RSS

SophosLabs Uncut

Threat Research

AnyDesk

Avos Locker

Avos2

featured

PDQ

PDQ Deploy

Ransomware

Rapid Response

Avos Locker remotely accesses boxes, even running in Safe Mode

SophosLabs Uncut

Threat Research

Featured

Log4J

Log4shell

Inside the code: How the Log4Shell exploit works

SophosLabs Uncut

Threat Research

CVE-2021-41333

CVE-2021-43207

CVE-2021-43226

CVE-2021-43233

CVE-2021-43883

Patch Tuesday

Microsoft wraps up 2021 with 64 patched vulnerabilities—including Windows 7 fixes

SophosLabs Uncut

Threat Research

Featured

IPS

JNDI

LDAP

Log4J

Log4shell

Log4Shell Hell: anatomy of an exploit outbreak

SophosLabs Uncut

ESXi

Fcker

Python

Ransomware

VMware

Python ransomware script targets ESXi server for encryption

400px-Missile_silo_of_a_SS-24_missile_(2)

SophosLabs Uncut

Threat Research

Atom Silo

featured

LockFile

Ransomware

Atom Silo ransomware actors use Confluence exploit, DLL side-load for stealthy attack

SophosLabs Uncut

Threat Research

ColdFusion

cring

Ransomware

Cring ransomware group exploits ancient ColdFusion server

SophosLabs Uncut

Threat Research

featured

LockFile

ProxyShell

Ransomware

LockFile ransomware’s box of tricks: intermittent encryption and evasion

Pygmy Hippopotamus, photo by William Warby (https://www.flickr.com/photos/wwarby/19446821910)

SophosLabs Uncut

Threat Research

featured

LockFile

metasploit

NTLM

PetitPotam

ProxyLogon

Ransomware

How PetitPotam hijacks the Windows API, and what you can do about it

…