In mid-2025, Counter Threat Unit™ (CTU) researchers observed a sophisticated BRONZE BUTLER campaign that exploited a zero-day vulnerability in Motex LANSCOPE Endpoint Manager to steal confidential information. The Chinese state-sponsored […]

Continue Reading

Counter Threat Unit™ (CTU) researchers are investigating exploitation of a remote code execution vulnerability (CVE-2025-59287) in Microsoft’s Windows Server Update Service (WSUS), a native IT management tool for Windows systems […]

Continue Reading

The Counter Threat Unit™ (CTU) research team analyzes security threats to help organizations protect their systems. Based on observations in July and August, CTU™ researchers identified the following noteworthy issues […]

Continue Reading

Microsoft on Tuesday announced 170 patches affecting 21 product families. Eight of the addressed issues are considered by Microsoft to be of Critical severity, and 18 have a CVSS base […]

Continue Reading

On October 15, 2025, F5 reported that a nation-state threat actor had gained long-term access to some F5 systems and exfiltrated data, including source code and information about undisclosed product […]

Continue Reading

Counter Threat Unit™ (CTU) researchers are investigating multiple incidents in an ongoing campaign targeting users of the WhatsApp messaging platform. The campaign, which started on September 29, 2025, is focused […]

Continue Reading

Over the past year and a bit more, we’ve monitored a constellation of events that share a set of general attributes: Malware impersonating, subverting, and embedding itself in legitimate software […]

Continue Reading

Counter Threat Unit™ (CTU) researchers are monitoring a threat group that refers to itself as Warlock Group. The group, which CTU™ researchers track as GOLD SALEM, has compromised networks and […]

Continue Reading

Dedicated to building a stronger, more inclusive Apple security community through open-source security tools Sophos is proud to be a gold friend of the Objective-See Foundation, supporting its mission to […]

Continue Reading

.Microsoft on Tuesday announced 81 patches affecting 15 product families. Nine of the addressed issues are considered by Microsoft to be of Critical severity, and nine have a CVSS base […]

Continue Reading

In August 2025, Counter Threat Unit™ (CTU) researchers investigated an intrusion that involved deployment of the legitimate open-source Velociraptor digital forensics and incident response (DFIR) tool. In this incident, the […]

Continue Reading

This issue of the Counter Threat Unit’s high-level bimonthly report discusses noteworthy updates in the threat landscape during May and June Contact us today for more information about SOPHOS cyber […]

Continue Reading

Microsoft haul this month covers 109 CVEs… more or less Contact us today for more information about SOPHOS cyber security solutions

Continue Reading

Following on from our preview, here’s Ben Gelman and Sean Bergeron’s research on enhancing command line classification with benign anomalous data Contact us today for more information about SOPHOS cyber […]

Continue Reading

A look under the hood at a tool designed to disable protections Contact us today for more information about SOPHOS cyber security solutions

Continue Reading

Attacks surged in July 2025 after the threat group updated its process to combine malicious LNK files and a recycled WebDAV technique Contact us today for more information about SOPHOS […]

Continue Reading