Today's Malware

Real-time data on the top malware threats from our award-winning SophosLabs Team. More

Today's Spam Threats

We monitor spam from all sources, every day. View our spam dashboard for real-time data. More

IP Address Lookup

If you can see this then you have CSS disabled. This is a honeypot to catch bots, leave this textbox empty

An error has occurred, please try again later.

SophosLabs maintains lists of IP addresses suspected to be spam sources.

IP Address Classification Policy

Threat Awareness

Share your questions, answers, advice and comments about threats in the Sophos Community.

The AI Challenge

Are you smarter than a machine? Play the game to find out.

Meet a SophosLabs Researcher

SophosLabs has a talented team of threat researchers and data scientists worldwide.

Latest News


What you need to know for Patch Tuesday, March 2019

By SophosLabs Offensive Security Research Microsoft released their monthly security updates for March this past Tuesday. This month’s fixes address 64 vulnerabilities that affect Windows and a range of software that runs on Windows, mainly the Internet Explorer and Edge browsers. In addition, there was a patch released for one critical vulnerability in Adobe Flash. […]

GandCrab 101: All about the most widely distributed ransomware of the moment

In this Sophos101 report, we'll give you the lowdown on what you need to know about this, unfortunately, widely disseminated malware.

Emotet 101, stage 5: a delivery vehicle for more malware

By SophosLabs Research Emotet is a botnet in its own right, one so prolific and dominant that the United States CERT, the body tasked with tracking cyberthreats to the country, named Emotet in July, 2018 “among the most costly and destructive malware” to affect governments, enterprises and organizations large and small, and individual computer users. […]

Emotet 101, stage 4: command and control

By SophosLabs Research The Emotet family could not do what it does without receiving a constant stream of instructions from its owners, or in the absence of the detailed level of feedback about its operating environment each bot sends home from an infected host machine. It also uses huge numbers of compromised websites that belong […]

Emotet 101, stage 3: The Emotet executable

By SophosLabs Research Emotet’s arrival is usually preceded by a deceptive spam email, which has a malicious attachment. Opening the attachment starts a process which can lead to an Emotet infection. The Emotet application is an evolved binary, in the sense that it has gone through thousands of iterations over its existence. Its presence as […]

Emotet 101, stage 2: The malicious attachment and killchain

By SophosLabs Research The Emotet malware family is in a constant state of evolution and change. From day to day or week to week, the malware’s creators and distributors take an active role in changing up the killchain – the sequence of events that begins with a victim receiving a malicious file attachment, and ends […]

SophosLabs Overview

Data Science
  • Machine learning model development
  • Artificial intelligence research, thought leadership
Threat Intelligence
  • Rapid response to new threats and escalations
  • Deep research into threats and attack profiles
  • Automation of threat analysis and response
  • Quality assurance testing, analysis, and metrics