Sophos Counter Threat Unit Research Team

Sophos Counter Threat Unit™ (CTU) researchers are recognized authorities in the cybersecurity field, regularly contributing expert analysis to global media, publishing technical analyses for the security community, and presenting about emerging threats at leading security conferences. Backed by Sophos’ advanced security technologies and a broad network of intelligence contacts and partners, the CTU™ plays a critical role in identifying and tracking threat actors and analyzing anomalous activity, uncovering new attack techniques, threats, and major shifts in the threat landscape.

内容提供者 Sophos Counter Threat Unit Research Team

Threat Research
NICKEL ALLEY
Contagious Interview
North Korea
clickfix
NICKEL ALLEY strategy: Fake it ‘til you make it
March 23, 2026
Threat Research
Android
Keenadu
Android devices ship with firmware-level malware
March 19, 2026
Threat Research
Iran
initial access
Initial access techniques used by Iran-based threat actors
March 13, 2026
Threat Research
hacktivism
Iran
israel
Operation Epic Fury
Hacktivist campaigns increase as United States, Iran, and Israel conflict intensifies
March 3, 2026
Threat Research
virtual machine
cybercrime
Ransomware
ISPs
Malicious use of virtual machine infrastructure
February 4, 2026
Threat Research
Ransomware
cybercrime
state-sponsored ransomware
victimization
Eeny, meeny, miny, moe? How ransomware operators choose victims
January 28, 2026
Threat Research
Microsoft Office
vulnerability
advisory
Microsoft Office vulnerability (CVE-2026-21509) in active exploitation
January 27, 2026
Threat Research
clickfix
Featured
GOLD FEATHER
human verification
infostealer
qilin
Ransomware
StealC
I am not a robot: ClickFix used to deploy StealC and Qilin
December 18, 2025
Threat Research
Featured
vulnerability
react2shell
React2Shell flaw (CVE-2025-55182) exploited for remote code execution
December 11, 2025