Machine Learning With Feature Selection Using Principal Component Analysis for Malware Detection: A Case Study
SophosLabs Matrix Report
SophosLabs 2019 Threat Report
MLPdf: An Effective Machine Learning-Based Approach for PDF Malware Detection

Today's Malware

Real-time data on the top malware threats from our award-winning SophosLabs Team. More

Today's Spam Threats

We monitor spam from all sources, every day. View our spam dashboard for real-time data. More
Adware and PUAs
Controlled Applications

IP Address Lookup


If you can see this then you have CSS disabled. This is a honeypot to catch bots, leave this textbox empty



127.0.0.1

An error has occurred, please try again later.

SophosLabs maintains lists of IP addresses suspected to be spam sources.

Submit An Appeal

IP Address Classification Policy

Threat Awareness

Share your questions, answers, advice and comments about threats in the Sophos Community.
Visit the Forum

Technical Papers

Here you will find a range of papers aimed at system administrators and security specialists on a variety of topical issues. Some of these papers have been presented at security seminars and technical conferences around the world.
All Research

Featured Videos

Attacking/Defending Machine Learning Based SoftwareJoshua Saxe

Getting Insight Into Deep Neural NetworksRichard Harang

Network security threats explained: Social engineering

Petya Ransomware Attack: How to Protect Yourself

How WannaCry ransomware works

Comparing the incomparables Gábor Szappanos

Practical Shellcode Analysis Gábor Szappanos

The AI Challenge

Are you smarter than a machine? Play the game to find out.

Play the Game

Meet a SophosLabs Researcher

SophosLabs has a talented team of threat researchers and data scientists worldwide.

Learn More

Latest News

All News
18
Apr

CVE-2018-18500: Heap write-after-free in Firefox, Analysis and Exploitation

Editor’s note: This article is a technical description of a bug discovered by a member of the Offensive Research team at SophosLabs, and how the researcher created a proof-of-concept “Arbitrary Read/Write Primitive” exploit for this bug. The vulnerability was deemed critical by Mozilla’s bug tracking team and was patched in Firefox 65.0. It’s written for […]
09
Apr

Microsoft fixes 74 bugs in its April, 2019 Patch Tuesday releases

There are 16 Microsoft bugs marked as critical, as well as serious flaws in Adobe Flash and Acrobat that require immediate attention
09
Apr

Machine learning hones weapons of maldoc destruction

By Jason Zhang Criminals continue to leverage the features of Adobe’s PDF document format to engage in malware and phishing attacks, with no sign of a slowdown. Last year at Black Hat USA, I gave a presentation about PDF-based malware detection using machine learning. We discovered that the best AV engine could only catch fewer […]
14
Mar

What you need to know for Patch Tuesday, March 2019

By SophosLabs Offensive Security Research Microsoft released their monthly security updates for March this past Tuesday. This month’s fixes address 64 vulnerabilities that affect Windows and a range of software that runs on Windows, mainly the Internet Explorer and Edge browsers. In addition, there was a patch released for one critical vulnerability in Adobe Flash. […]
05
Mar

GandCrab 101: All about the most widely distributed ransomware of the moment

In this Sophos101 report, we'll give you the lowdown on what you need to know about this, unfortunately, widely disseminated malware.
05
Mar

Emotet 101, stage 5: a delivery vehicle for more malware

By SophosLabs Research Emotet is a botnet in its own right, one so prolific and dominant that the United States CERT, the body tasked with tracking cyberthreats to the country, named Emotet in July, 2018 “among the most costly and destructive malware” to affect governments, enterprises and organizations large and small, and individual computer users. […]
All News

SophosLabs Overview

Data Science
  • Machine learning model development
  • Artificial intelligence research, thought leadership
Threat Intelligence
  • Rapid response to new threats and escalations
  • Deep research into threats and attack profiles
Operations
  • Automation of threat analysis and response
  • Quality assurance testing, analysis, and metrics