Featured

RSS

Threat Research

clickfix

Featured

GOLD FEATHER

human verification

infostealer

qilin

Ransomware

StealC

I am not a robot: ClickFix used to deploy StealC and Qilin

The fake human verification process led to infostealer and ransomware infections

Sophos Counter Threat Unit Research Team

Sophos Insights

digital identity

Featured

Identity Threat Detection and Response

Information Stealers

infostealer

Sophos ITDR

Infostealers: The silent doorway to identity attacks — and why proactive defense matters

Threat Research

Featured

Iran

israel

law enforcement action

LummaC2

naming conventions

Threat Intelligence Executive Report – Volume 2025, Number 4

This issue of the Counter Threat Unit’s high-level bimonthly report discusses noteworthy updates in the threat landscape during May and June

Threat Research

ATT&CK

Emulation

Featured

MITRE

MUSTANG PANDA

scattered spider

Sophos X-Ops

Game of clones: Sophos and The MITRE ATT&CK Enterprise 2025 Evaluations

GOLD SALEM tradecraft for deploying Warlock ransomware

Threat Research

cybercrime

Featured

GOLD SALEM

Ransomware

Warlock

GOLD SALEM tradecraft for deploying Warlock ransomware

Threat Research

Featured

vulnerability

react2shell

React2Shell flaw (CVE-2025-55182) exploited for remote code execution

X-ops

Threat Research

Featured

Microsoft

Patch Tuesday

Zero Days

A big finish to 2025 in December’s Patch Tuesday

Products & Services

Featured

Firewall

network

Sophos Firewall

v22

Sophos Firewall v22 is now available

Inside Shanya, a packer-as-a-service fueling modern attacks

Threat Research

EDR killer

Featured

packer

Ransomware

shanya

SophosLabs

Inside Shanya, a packer-as-a-service fueling modern attacks

Sharpening the knife: GOLD BLADE’s strategic evolution

Threat Research

Canada

featured

GOLD BLADE

QWCrypt

recruitment platforms

RedLoader

STAC6565

Sharpening the knife: GOLD BLADE’s strategic evolution

Products & Services

Security Operations

featured

Microsoft

Microsoft 365 Copilot

Microsoft Copilot

Microsoft Defender

Microsoft Intelligent Security Association (MISA)

Microsoft Security Copilot

Sophos Intelix

Sophos X-Ops

Introducing Sophos Intelix for Microsoft 365 Copilot

Products & Services

Security Operations

featured

Microsoft

Microsoft 365 Copilot

Microsoft Copilot

Microsoft Defender

Microsoft Intelligent Security Association (MISA)

Microsoft Security Copilot

Sophos Intelix

Sophos X-Ops

Introducing Sophos Intelix for Microsoft Security Copilot

…