MyKings: The Slow But Steady Growth of a Relentless Botnet
SophosLabs Ransomware Behavior Report
SophosLabs 2020 Threat Report
WannaCry Aftershock

Today's Malware

Real-time data on the top malware threats from our award-winning SophosLabs Team.More

Today's Spam Threats

We monitor spam from all sources, every day. View our spam dashboard for real-time data.More
Adware and PUAs
Controlled Applications

IP Address Lookup


If you can see this then you have CSS disabled. This is a honeypot to catch bots, leave this textbox empty



127.0.0.1

An error has occurred, please try again later.

SophosLabs maintains lists of IP addresses suspected to be spam sources.

Submit An Appeal

IP Address Classification Policy

Threat Awareness

Share your questions, answers, advice and comments about threats in the Sophos Community.

Visit the Forum

Technical Papers

Here you will find a range of papers aimed at system administrators and security specialists on a variety of topical issues. Some of these papers have been presented at security seminars and technical conferences around the world.

MyKings: The Slow But Steady Growth of a Relentless Botnet

The botnet known as MyKings wields a wide range of automated methods to break into servers – all just to install cryptocurrency miners.

View Research

SophosLabs Ransomware Behavior Report

What defenders should know about the most prevalent and persistent malware families.

View Research

SophosLabs 2020 Threat Report

Challenges the world faces for the coming year, securing data, devices, and people in an increasingly complex environment.

View Research

WannaCry Aftershock

On May 12th, 2017, organizations across the world were attacked by a new, fast-spreading piece of malware we now know as WannaCry. It is now considered one of the most widespread, and notoriously destructive malware attacks in history, halted only by a researcher getting a lucky break, registering a domain name embedded in the malware that unexpectedly acted as a kill switch. But even today, more than two years hence, WannaCry continues to affect thousands of computers worldwide.

View Research

Machine Learning With Feature Selection Using Principal Component Analysis for Malware Detection: A Case Study

Cybersecurity threats have been growing significantly in both volume and sophistication over the past decade. This poses great challenges to malware detection without considerable automation. In this paper, we have proposed a novel approach by extending our recently suggested artificial neural network (ANN)- based model with feature selection using the principal component analysis (PCA) technique for malware detection.

View Research

SophosLabs Matrix Report

The trend toward active, targeted attacks continues to grow in prominence. Matrix is the latest malware to use these tactics. In this report, SophosLabs takes a deeper look at this low-key, developing ransomware threat.

View Research
All Research

Featured Videos

Attacking/Defending Machine Learning Based SoftwareJoshua Saxe

Getting Insight Into Deep Neural NetworksRichard Harang

Network security threats explained: Social engineering

Petya Ransomware Attack: How to Protect Yourself

How WannaCry ransomware works

Comparing the incomparables Gábor Szappanos

Practical Shellcode Analysis Gábor Szappanos

The AI Challenge

Are you smarter than a machine? Play the game to find out.

Play the Game

Meet a SophosLabs Researcher

SophosLabs has a talented team of threat researchers and data scientists worldwide.

Learn More

Latest News

All News
24
Mar

Facing down the myriad threats tied to COVID-19

EDITOR'S NOTE: This is an ongoing, live report and will be updated continuously with new information as it becomes available.
17
Mar

“Double agent”: a MacOS bundleware installer that acts like a spy

Security software frequently blocks “bundleware” installers – software distribution tools that bundle their advertised applications with (usually undesired) additional software – as potentially undesirable applications. But one widely-used software distribution tool for MacOS applications goes to great lengths to avoid being blocked as “bundleware” – using a number of anti-forensics techniques that are more common […]
12
Mar

Patch now! Microsoft releases fixes for the serious SMB bug CVE-2020-0796

Microsoft issues its latest set of cumulative updates for Windows and other Microsoft products this week, but the March, 2020 Patch Tuesday is notable not only because of the sheer volume of fixes, but because it will prevent one very serious bug in its Server Message Block (SMB) technology (download the patch right now) that […]
04
Mar

Trickbot campaign targets Coronavirus fears in Italy

The operators of a Trickbot spam campaign have found a new way to spread their digital infection: by using fears of a biological one. Spam targeting Italian e-mail addresses is playing on fears over the Coronavirus outbreak in that country. The e-mail carries a document purported to be a list of precautions to take to […]
25
Feb

How I learned to stop worrying and love ‘grey hat’ tools

A comprehensive security solution needs a sense of subtlety: not all machine code lends itself to be classified easily as malicious. As with most things in life, there’s a grey area in malware detection that includes hacking tools, poorly designed or easily exploitable applications, or borderline adware that provides little benefit to the unfortunate user […]
25
Feb

Harden your public cloud environment against APT-style attacks

A new APT-style attack combines a bypassing technique with a multi-platform payload to target both Windows and Linux cloud workloads. Stop the attack with technical advice from Sophos.
All News

SophosLabs Overview

Data Science
  • Machine learning model development
  • Artificial intelligence research, thought leadership
Threat Intelligence
  • Rapid response to new threats and escalations
  • Deep research into threats and attack profiles
Operations
  • Automation of threat analysis and response
  • Quality assurance testing, analysis, and metrics