• 更多产品
  • ENDPOINT PROTECTION
    Intercept X

    备有人工智能的端点防护

    下一代防火墙
    XG Firewall

    内置同步安全的防火墙

    托管服务
    Managed Threat Response

    24/7 全天候猎捕、检测和响应网络威胁

    PUBLIC CLOUD
    Cloud Security

    The world’s most trusted cloud security platform

    更多产品
    • Sophos Central
    • Sophos Wireless
    • Sophos Mobile
    • Phish Threat
    • Central Device Encryption
    • Cloud Optix
    • Sophos Email
    • UTM
    • Intercept X for Server
    • Secure Web Gateway
    Synchronized Security
    所有产品 A到Z
    解决方案
    免费试用
  • 家用产品
  • 企业级网络安全。
    现提供家庭使用版本。

    包括人工智能以阻挡高级病毒,恶意软件,漏洞利用和勒索软件。

    下载免费试用 查阅详情
  • 合作伙伴
  • 渠道商门户网站

    综合平台助您增加营收

    查找转售商

    您附近的 Sophos 合作伙伴。

    • Partner Program 合作伙伴计划
    • MSP
    • 合作伙伴培训
    • Partner News
    • 成为合作伙伴
    • OEM
    • 云安全
    • Partner Care
  • 支持
  • 向社区提问
    加入对话
    • 支持概观
    • Sophos支持组合
    • 联系服务支持
    • 培训
    • 下載及更新
    • 专业服务Professional Services
    • 技术文档
  • 关于我们
    • 关于 Sophos
    • Sophos Labs
    • 新闻发布
    • 社交媒体
    • 活动
    • 职位空缺
    • 联系方式
    • Naked Security
    • Sophos新知
    • 客户
    APPS 和服务
    • 我的帐户
    应用程序
    • Sophos Central
    • Sophos Home
    服务
    • 支持社区
    • 渠道商门户网站
    • 授权门户网站 (MySophos)
    免费安全工具 免费试用 产品演示

技术文章

您将在这里找到一系列针对系统管理员和安全专家,与各种时事问题有关的文章。其中部分文章已经在世界各地的安全研讨会和技术会议上发布。

Cyberthreats: A 20-Year Retrospective

In security we spend a lot of time trying to decipher the future. Where’s the next technology breakthrough? What are cybercriminals going to do next?

Annual threat reports provide an opportunity to look back at significant events of the past 12 months and identify trends for future development, action and protection. Looking back in time a little further helps to provide context for how we arrived at our current situation and why some things are the way they are. A long view of history can point to subtle changes or seismic shifts within an industry.

View Research

Sophos 2021 Threat Report

As much of the world shifted to remote work in 2020, cybercriminals upped their game, devising ways to use the fears and anxieties of organizations and end users against them.

View Research

An Insider View Into The Increasingly Complex Kingminer Botnet

Kingminer is an opportunistic botnet that keeps quiet and flies under the radar. The operators are ambitious and capable, but don’t have endless resources – they use any solution and concept that is freely available, getting inspiration from public domain tools as well as techniques used by APT groups.

View Research

MyKings: The Slow But Steady Growth of a Relentless Botnet

The botnet known as MyKings wields a wide range of automated methods to break into servers – all just to install cryptocurrency miners.

View Research

Cloud Snooper Attack Bypasses AWS Security Measures

An investigation into an attack against a cloud computing server reveals an unusual and innovative way for malware to communicate through Amazon’s firewalls

View Research

SophosLabs Ransomware Behavior Report

What defenders should know about the most prevalent and persistent malware families.

View Research

SophosLabs 2020 Threat Report

Challenges the world faces for the coming year, securing data, devices, and people in an increasingly complex environment.

View Research

WannaCry Aftershock

On May 12th, 2017, organizations across the world were attacked by a new, fast-spreading piece of malware we now know as WannaCry. It is now considered one of the most widespread, and notoriously destructive malware attacks in history, halted only by a researcher getting a lucky break, registering a domain name embedded in the malware that unexpectedly acted as a kill switch. But even today, more than two years hence, WannaCry continues to affect thousands of computers worldwide.

View Research

Machine Learning With Feature Selection Using Principal Component Analysis for Malware Detection: A Case Study

Cybersecurity threats have been growing significantly in both volume and sophistication over the past decade. This poses great challenges to malware detection without considerable automation. In this paper, we have proposed a novel approach by extending our recently suggested artificial neural network (ANN)- based model with feature selection using the principal component analysis (PCA) technique for malware detection.

View Research

SophosLabs Matrix Report

The trend toward active, targeted attacks continues to grow in prominence. Matrix is the latest malware to use these tactics. In this report, SophosLabs takes a deeper look at this low-key, developing ransomware threat.

View Research

SophosLabs 2019 Threat Report

Victories against cybercrime demand radical change to defense.

View Research

Baldr vs The World

In Baldr vs The World, we trace the malware's technical evolution and a peek into the ways that malware are marketed and sold by criminals to other criminals, and the varied business models such relationships can foster.

View Research

MLPdf: An Effective Machine Learning-Based Approach for PDF Malware Detection

Due to the popularity of portable document format (PDF) and the increasing number of vulnerabilities in major PDF viewer applications, malware writers continue to use the format to deliver malware via web downloads, email attachments, and other methods in both targeted and non-targeted attacks. The topic of how to effectively block malicious PDF documents has received a huge amount of research interests in both cybersecurity industry and academia with no sign of slowing down.

View Research

Understanding WebAssembly

An in-depth peek into the VM running in modern web browsers.

View Research

Adversarial Autoencoders

So what exactly is an adversarial autoencoder, and why might you want to use one? They are a clever idea leading to a flexible and general framework for a lot of interesting tasks. Take a deeper dive into AAEs in this paper.

View Research

Using Variational Autoencoders to Learn Variations in Data

Often, we would like to be able to model probability distributions of high-dimensional data points that represent an overall (much lower dimensional) concept. This lets us learn relevant characteristics of the data in question, and also allows us to easily sample from our data distribution.

View Research

SamSam: The (Almost) Six Million Dollar Ransomware

As the year 2016 began, a ransomware threat appeared that attacked its victims unlike any previous ransomware attack. SamSam, named after the filename of the earliest sample we uncovered, uses a brutally minimalist, manual approach to target and compromise victims.

View Research

“VPNFilter” botnet: Part 2

As mentioned in our previous1 report about VPNFilter malware, the rst stage implant relies on connecting either to one of 12 hardcoded Photobucket URLs or the Toknowall website to fetch an image that had been specially crafted to contain an encoded form of the command-and-control server’s IP address. The stage one sample extracts the address from the image’s EXIF metadata.

View Research

“VPNFilter” botnet: a SophosLabs analysis

A technical investigation of the malicious components involved in the attack that infected over 500,000 routers and network storage devices

View Research

“Known Unknowns”: Overcoming Catastrophic Failure Modes in Artificial Intelligence

"It ain’t what you know that gets you in trouble, it’s what you know for sure that just ain’t so."

View Research

BTCWare Ransomware

Last years’ news headlines were dominated by ransomware attacks like Wannacry and Petya, the constant presence of Cerber, the disappearance and return of Locky, and the growing popularity of Ransomware-as-a-Service (RaaS) and smaller campaigns like Jaff and BadRabbit.

View Research

SamSam Ransomware Chooses Its Targets Carefully

Unlike the spam-like approach of garden-variety ransomware, this family exploits vulnerabilities to attack specific organizations

View Research

Rogueware Reborn

A Business Analysis of a Growing Fraud in Android

View Research

Will 2018 be another year of Bankbots?

The malware family continues to frustrate efforts to keep it out of Google Play.

View Research

Guerilla Ad Clicker Targets Android Users

Cyber thieves are using aggressive ad platforms more and more to monetize free Android apps. The number of such apps in this disturbing trend finding their way into Google Play continues to grow every day. Find out more about these dangerous apps and what you can do to avoid them.

View Research

"Super Clean Plus” claims to be many helpful things, but its intent is malicious

On the surface, it looked like a helpful toolbox app. But Super Clean Plus hid malicious intentions.

View Research

CoinMiner and other malicious cryptominers target Android

SophosLabs has discovered several malicious apps on Google Play hiding dynamic JavaScript that taps into the CPU of a victim’s phone while mining for cryptocurrency.

View Research

Super Antivirus 2018: A shady app many are downloading on Google Play

The Super Antivirus 2018 app adds some legitimate action to what is really not an antivirus program at all, in order to throw researchers off the track.

View Research

SophosLabs 2018 Malware Forecast

In this report, we review malicious activity SophosLabs analyzed and protected customers against in 2017 and use the findings to predict what might happen in 2018.

View Research

Your handy guide to machine learning at Sophos

Sophos data scientists have written several articles about how machine learning works, how it will be applied to Sophos, and what that will mean for customers. This is a handy guide to that content.

View Research

Machine Learning: How to Build a Better Threat Detection Model

A look at how Sophos develops its machine learning models. Here, we explain the concepts and show the development and evaluation of a toy model meant to solve the very real problem of detecting malicious URLs.

View Research

Ransomware as a Service (RaaS): Deconstructing Philadelphia

Kits available on the Dark Web allow the least technically savvy among us to do evil. Philadelphia is one of the slickest, most chilling examples.

View Research

CVE-2017-0199: life of an exploit

The normal lifecycle of an Office exploit starts with the initial use in targeted attacks. Then, at some point, the information leaks out and cybercrime groups start using it more widely. Offensive security researchers then start experimenting with AV evasion, and the exploit finally ends up in underground exploit builders. Normally this cycle can take a few months. In the case of the CVE-2017-0199 Word exploit, we have observed this in a much more accelerated time scale.

View Research

BetaBot Configuration Data Extraction

This paper explores the inner workings of Betabot, including capabilities of the associated botnet server components and technical detail on how to extract and decrypt configuration data.

View Research

Looking ahead: SophosLabs malware forecast for 2017

Attackers set their sights on the Internet of Things, Android and MacOS devices in this look ahead for 2017.

View Research

AKBuilder – The crowdsourced exploit kit

Document exploitation remains a favorite attack technique for distributing malicious content because it is easier to trick victims into opening document attachments than executables. Exploited documents have the added benefit of not requiring victims to manually enable macros, as is often the case for VBA downloaders. 

View Research

Ancalog – the vintage exploit builder

Document exploitation is a popular method of distributing malware in the malware community. Even though it was never the most prevalent infection vector, document exploitation has been on the rise for the last few years, hiding in the shadow of the more seasonal VBA or JavaScript downloaders. This technical paper explores why we're seeing more document exploitation malware in the wild, as well as the long-standing popularity of the document exploitation generator Ancalog, which is widely commercially available, and its various applications in cybercrime.

View Research

Cryptomining malware on NAS servers

A couple of years ago, coin mining was a bubbling story. There were many threats that used infected machines to mine cryptocurrencies at the expense of the victim. The idea was perfect from the criminal's point of view, but as time went on the average PC was no longer powerful enough to mine even a single coin. It was time to give up on this type of attack and turn the attention to other ways to make money, like ransomware. Recently a new malware family has found a way to use PCs efficiently to mine new types of cryptocurrency. In this paper we examine this new trend.

View Research
简体中文
Languages
  • 简体中文
  • český
  • English
  • Français
  • Deutsch
  • Magyar
  • Italiano
  • 日本語
  • 한국어
  • Polski
  • Portuguese
  • Español
  • 繁體中文
  • Turkish

©  1997 -2021  Sophos 有限责任公司 保留所有权利。

法律声明
  • 法律声明
  • Speak Out
隐私
  • 隐私条款
  • Cookie 信息
条款
该网站使用了 cookies。您继续浏览本网站,即同意我们使用cookies。查阅详情 继续
1 of 5