Our threat experts at SophosLabs have analyzed a new Trojan in the PlugX family seeking to exploit a vulnerability in Ichitaro, a word processing software popular in Japan, that allows a hacker to take control of your computer.
Although it’s not yet clear why the PlugX malware writers are targeting a relatively small number of Ichitaro users, our researchers have been tracking PlugX and its related variants for some time. And we can draw some important lessons from this recent attack.
Retailers are expecting a crush of online traffic this Cyber Monday, as holiday shoppers flood e-commerce sites on the Monday after Thanksgiving. But watch out for phony offers and online scams: a wave of spam raises the risk of credit card fraud and malware attacks.
At SophosLabs, we’ve already seen spam emails targeting shoppers ahead of Black Friday and Cyber Monday. Chet Wisniewski, Sophos Senior Security Advisor, writes at Naked Security that if a deal “sounds too good to be true, it probably is.”
A widespread outbreak of a sneaky, file-encrypting piece of ransomware called Cryptolocker has many people talking. One very important question raised by Cryptolocker’s success to date: Should you ever pay a ransom to a cybercriminal?
Our security expert James Lyne, head of global security research at Sophos, went on cable network CNBC to explain how the criminal gang behind Cryptolocker is demanding a ransom in return for unlocking a victim’s files. In the video embedded below, James explains why you might not want to pay up, even if it means losing your valuable data.
SophosLabs today raised the Threat Level to “High Risk,” due to a vulnerability in the Microsoft Graphics component that could allow remote code execution. The flaw affects Microsoft Windows, Microsoft Office, and Microsoft Lync.
Our High Risk designation means there is a strong possibility of this vulnerability being actively exploited by malware.
According to SophosLabs, Microsoft has yet to release a patch to fix this vulnerability. In the meantime, we recommend running the FixIt tool provided by Microsoft to block the vulnerability until a patch is released.
For the people at SophosLabs, tracking malware is a 24/7 job—the threats never stop, so neither do we. Our labs in Australia, Hungary, England and Canada allow us to “follow the sun,” meaning we always have experts on duty to respond to new threats.
It’s essential that we do it this way to keep our customers protected in real time. Our labs process millions of emails, URLs, files, and other data points to keep our protection up to date. So how do we do it?
Recently we told you about how Sophos protects you from the nasty Cryptolocker ransomware. Now we’d like to give you a little demonstration of how it spreads, how it encrypts files, and how it extracts a ransom from its victims.
Our Support teams have put together a video demonstration (embedded below) that shows what Cryptolocker actually looks like and how it works.
Learn how Sophos is protecting you against the popular and nasty ‘Cryptolocker’ ransomware that is holding hundreds of computers hostage around the globe.
When news broke in October that the criminals behind the notorious Blackhole exploit kit had been arrested in Russia, our threat experts were understandably excited. But more importantly, SophosLabs went to work to understand this development and figure out what it means for cybercrime and IT security at large.
As SophosLabs researcher Fraser Howard reported yesterday in his post at Naked Security, Blackhole had already been declining in prevalence prior to the arrests. So does this mean the end of Blackhole? And how will this news change the threat landscape overall?
We had a very strong showing last week at VB2013, a major malware research conference, in which SophosLabs researchers presented five papers (with another one in reserve!).
One of our security gurus, Chet Wisniewski, provided some great coverage from the event at our Naked Security blog.
Later this week, Sophos will be center stage at VB2013, one of the premier malware research conferences in the world. Researchers from SophosLabs will present no fewer than five papers in Berlin this week, with a sixth waiting in reserve.
The papers are: