threat research – Page 10 – PossibleThreat Articles

Sha zhu pan scam uses AI chat tool to target iPhone and Android users

August 2, 2023 0 Comments #chatgpt, Android, Apple App Store, cryptocurrency, cryptorom, featured, Google Play, iOS, large language models, shazhupan, sophos x-ops, threat research

Credit to Author: Jagadeesh Chandraiah| Date: Wed, 02 Aug 2023 10:00:40 +0000

CryptoRom” fake crypto-trading mobile apps pushed through AI-assisted romance scam, using ChatGPT to lure targets.

Security Sophos

Uncovering an Iranian mobile malware campaign

July 27, 2023 0 Comments Android, banking malware, credentials, featured, Firebase, iran, sophos x-ops, threat research

Credit to Author: Pankaj Kohli| Date: Thu, 27 Jul 2023 10:00:44 +0000

Sophos X-Ops researchers discover a cluster of credential-harvesting apps targeting Iranian bank customers

Security Sophos

Into the tank with Nitrogen

July 26, 2023 0 Comments featured, initial access, malvertising, nitrogen, sideloading, sophos x-ops, threat research

Credit to Author: Gabor Szappanos| Date: Wed, 26 Jul 2023 10:00:04 +0000

The element originally known as “foul air” stinks up computers as a new initial-access campaign exhibiting some uncommon techniques

Security Sophos

Bad ad fad leads to IcedID, Gozi infections

July 20, 2023 0 Comments batloader, fakebat, featured, gozi, icedid, malvertising, mdr, security operations, sophos x-ops, threat research

Credit to Author: Matt Wixey| Date: Thu, 20 Jul 2023 10:00:07 +0000

Malvertising campaigns using paid ads result in infostealer and backdoor attacks

Security Sophos

Sophos Discovers Ransomware Abusing “Sophos” Name

July 18, 2023 0 Comments brand abuse, brandjacking, featured, raas, Ransomware, sophos, threat research

Credit to Author: Andrew Brandt| Date: Tue, 18 Jul 2023 21:20:01 +0000

Attackers will sometimes use the name of security companies in their malware. While performing a regular search on VirusTotal looking for interesting malware and new ransomware variants using our threat hunting rules this week, a Sophos X-Ops analyst discovered a novel ransomware executable that appears to use “Sophos” in the UI of the panel alerting […]

Security Sophos

Update 1: July’s Patch Tuesday: A rich harvest

July 13, 2023 0 Comments adv23001, cve-2023-32049, featured, Patch Tuesday, threat research

Credit to Author: Angela Gunn| Date: Tue, 11 Jul 2023 17:18:08 +0000

Over a hundred Windows patches, a high-impact advisory, and a guest appearance by… Internet Explorer?!

Security Sophos

Microsoft Revokes Malicious Drivers in Patch Tuesday Culling

July 11, 2023 0 Comments 2023-07, anti-edr, drivers, drivers.stl, EDR, featured, fivesys, fk_undead, fu rootkit, netfilter, Patch Tuesday, Patches, rootkit, sophos x-ops, threat research, uac, wfp, windows filtering platform, windows update

Credit to Author: Andrew Brandt| Date: Tue, 11 Jul 2023 17:20:38 +0000

In December 2022, Microsoft published their monthly Windows Update packages that included an advisory about malicious drivers, signed by Microsoft and other code-signing authorities, that Sophos X-Ops (and others) observed threat actors abusing during attacks. Today, Microsoft issued Security Advisory ADV230001 as part of their July Windows Update that addresses Sophos’ discovery of more than […]

Security Sophos