CINXE.COM

<!DOCTYPE html> <html lang="en-US"> <head> <meta charset="UTF-8"> <meta http-equiv="x-ua-compatible" content="ie=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="profile" href="http://gmpg.org/xfn/11"> <link rel="pingback" href="https://news.sophos.com/xmlrpc.php"> <link rel="alternate" hreflang="es-419" href="https://news.sophos.com/es-419/category/threat-research" /> <link rel="alternate" hreflang="nl-nl" href="https://news.sophos.com/nl-nl/category/threat-research" /> <link rel="alternate" hreflang="pt-br" href="https://news.sophos.com/pt-br/category/threat-research" /> <link rel="alternate" hreflang="de-de" href="https://news.sophos.com/de-de/category/threat-research" /> <link rel="alternate" hreflang="en-us" href="https://news.sophos.com/en-us/category/threat-research" /> <link rel="alternate" hreflang="fr-fr" href="https://news.sophos.com/fr-fr/category/threat-research" /> <link rel="alternate" hreflang="es-es" href="https://news.sophos.com/es-es/category/threat-research" /> <link rel="alternate" hreflang="it-it" href="https://news.sophos.com/it-it/category/threat-research" /> <link rel="alternate" hreflang="ja-jp" href="https://news.sophos.com/ja-jp/category/threat-research" /> <link rel="alternate" hreflang="zh-tw" href="https://news.sophos.com/zh-tw/category/threat-research" />  <script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start': new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0], j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src= 'https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f); })(window,document,'script','dataLayer','GTM-TW8W88B');</script>  <title>Threat Research – Sophos News</title> <meta name='robots' content='max-image-preview:large' /> <style>img:is([sizes="auto" i], [sizes^="auto," i]) { contain-intrinsic-size: 3000px 1500px }</style>  <meta name="google-site-verification" content="8r1qg681OjOolfxmHEY1IYupmTBdyKXc-OPfpgeQHFk" /> <link rel='dns-prefetch' href='//unpkg.com' /> <link rel='dns-prefetch' href='//stats.wp.com' /> <link rel='dns-prefetch' href='//v0.wordpress.com' /> <link rel="alternate" type="application/rss+xml" title="Sophos News » Feed" href="https://news.sophos.com/feed/" /> <link rel="alternate" type="application/rss+xml" title="Sophos News » Comments Feed" href="https://news.sophos.com/comments/feed/" /> <link rel="alternate" type="application/rss+xml" title="Sophos News » Threat Research Category Feed" href="https://news.sophos.com/en-us/category/threat-research/feed/" /> <script type="text/javascript"> /* <![CDATA[ */ window._wpemojiSettings = {"baseUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/72x72\/","ext":".png","svgUrl":"https:\/\/s.w.org\/images\/core\/emoji\/15.0.3\/svg\/","svgExt":".svg","source":{"concatemoji":"https:\/\/news.sophos.com\/wp-includes\/js\/wp-emoji-release.min.js?ver=6.7.1"}}; /*! This file is auto-generated */ !function(i,n){var o,s,e;function c(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function p(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data),r=(e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0),new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data));return t.every(function(e,t){return e===r[t]})}function u(e,t,n){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\uddfa\ud83c\uddf3","\ud83c\uddfa\u200b\ud83c\uddf3")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!n(e,"\ud83d\udc26\u200d\u2b1b","\ud83d\udc26\u200b\u2b1b")}return!1}function f(e,t,n){var r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):i.createElement("canvas"),a=r.getContext("2d",{willReadFrequently:!0}),o=(a.textBaseline="top",a.font="600 32px Arial",{});return e.forEach(function(e){o[e]=t(a,e,n)}),o}function t(e){var t=i.createElement("script");t.src=e,t.defer=!0,i.head.appendChild(t)}"undefined"!=typeof Promise&&(o="wpEmojiSettingsSupports",s=["flag","emoji"],n.supports={everything:!0,everythingExceptFlag:!0},e=new Promise(function(e){i.addEventListener("DOMContentLoaded",e,{once:!0})}),new Promise(function(t){var n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),p.toString()].join(",")+"));",r=new Blob([e],{type:"text/javascript"}),a=new Worker(URL.createObjectURL(r),{name:"wpTestEmojiSupports"});return void(a.onmessage=function(e){c(n=e.data),a.terminate(),t(n)})}catch(e){}c(n=f(s,u,p))}t(n)}).then(function(e){for(var t in e)n.supports[t]=e[t],n.supports.everything=n.supports.everything&&n.supports[t],"flag"!==t&&(n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&n.supports[t]);n.supports.everythingExceptFlag=n.supports.everythingExceptFlag&&!n.supports.flag,n.DOMReady=!1,n.readyCallback=function(){n.DOMReady=!0}}).then(function(){return e}).then(function(){var e;n.supports.everything||(n.readyCallback(),(e=n.source||{}).concatemoji?t(e.concatemoji):e.wpemoji&&e.twemoji&&(t(e.twemoji),t(e.wpemoji)))}))}((window,document),window._wpemojiSettings); /* ]]> */ </script> <style id='wp-emoji-styles-inline-css'> img.wp-smiley, img.emoji { display: inline !important; border: none !important; box-shadow: none !important; height: 1em !important; width: 1em !important; margin: 0 0.07em !important; vertical-align: -0.1em !important; background: none !important; padding: 0 !important; } </style> <link rel='stylesheet' id='all-css-2' href='https://news.sophos.com/wp-includes/css/dist/block-library/style.min.css?m=1732206022g' type='text/css' media='all' /> <style id='safe-svg-svg-icon-style-inline-css'> .safe-svg-cover{text-align:center}.safe-svg-cover .safe-svg-inside{display:inline-block;max-width:100%}.safe-svg-cover svg{height:100%;max-height:100%;max-width:100%;width:100%} </style> <link rel='stylesheet' id='all-css-6' href='https://news.sophos.com/_static/??-eJzTLy/QzcxLzilNSS3WzyrWz01NyUxMzUnNTc0rQeEU5CRWphbp5qSmJyZX6uVm5uklFxfr6OPTDpRD5sM02efaGpobGxkZmBkYGQMARIMu1Q==' type='text/css' media='all' /> <style id='jetpack-sharing-buttons-style-inline-css'> .jetpack-sharing-buttons__services-list{display:flex;flex-direction:row;flex-wrap:wrap;gap:0;list-style-type:none;margin:5px;padding:0}.jetpack-sharing-buttons__services-list.has-small-icon-size{font-size:12px}.jetpack-sharing-buttons__services-list.has-normal-icon-size{font-size:16px}.jetpack-sharing-buttons__services-list.has-large-icon-size{font-size:24px}.jetpack-sharing-buttons__services-list.has-huge-icon-size{font-size:36px}@media print{.jetpack-sharing-buttons__services-list{display:none!important}}.editor-styles-wrapper .wp-block-jetpack-sharing-buttons{gap:0;padding-inline-start:0}ul.jetpack-sharing-buttons__services-list.has-background{padding:1.25em 2.375em} </style> <style id='co-authors-plus-coauthors-style-inline-css'> .wp-block-co-authors-plus-coauthors.is-layout-flow [class*=wp-block-co-authors-plus]{display:inline} </style> <style id='co-authors-plus-avatar-style-inline-css'> .wp-block-co-authors-plus-avatar :where(img){height:auto;max-width:100%;vertical-align:bottom}.wp-block-co-authors-plus-coauthors.is-layout-flow .wp-block-co-authors-plus-avatar :where(img){vertical-align:middle}.wp-block-co-authors-plus-avatar:is(.alignleft,.alignright){display:table}.wp-block-co-authors-plus-avatar.aligncenter{display:table;margin-inline:auto} </style> <style id='co-authors-plus-image-style-inline-css'> .wp-block-co-authors-plus-image{margin-bottom:0}.wp-block-co-authors-plus-image :where(img){height:auto;max-width:100%;vertical-align:bottom}.wp-block-co-authors-plus-coauthors.is-layout-flow .wp-block-co-authors-plus-image :where(img){vertical-align:middle}.wp-block-co-authors-plus-image:is(.alignfull,.alignwide) :where(img){width:100%}.wp-block-co-authors-plus-image:is(.alignleft,.alignright){display:table}.wp-block-co-authors-plus-image.aligncenter{display:table;margin-inline:auto} </style> <style id='elasticpress-facet-style-inline-css'> .widget_ep-facet input[type=search],.wp-block-elasticpress-facet input[type=search]{margin-bottom:1rem}.widget_ep-facet .searchable .inner,.wp-block-elasticpress-facet .searchable .inner{max-height:20em;overflow:scroll}.widget_ep-facet .term.hide,.wp-block-elasticpress-facet .term.hide{display:none}.widget_ep-facet .empty-term,.wp-block-elasticpress-facet .empty-term{opacity:.5;position:relative}.widget_ep-facet .empty-term:after,.wp-block-elasticpress-facet .empty-term:after{bottom:0;content:" ";display:block;left:0;position:absolute;right:0;top:0;width:100%;z-index:2}.widget_ep-facet .level-1,.wp-block-elasticpress-facet .level-1{padding-left:20px}.widget_ep-facet .level-2,.wp-block-elasticpress-facet .level-2{padding-left:40px}.widget_ep-facet .level-3,.wp-block-elasticpress-facet .level-3{padding-left:60px}.widget_ep-facet .level-4,.wp-block-elasticpress-facet .level-4{padding-left:5pc}.widget_ep-facet .level-5,.wp-block-elasticpress-facet .level-5{padding-left:75pt}.widget_ep-facet input[disabled],.wp-block-elasticpress-facet input[disabled]{cursor:pointer;opacity:1}.widget_ep-facet .term a,.wp-block-elasticpress-facet .term a{-webkit-box-align:center;-ms-flex-align:center;align-items:center;display:-webkit-box;display:-ms-flexbox;display:flex;position:relative}.widget_ep-facet .term a:hover .ep-checkbox,.wp-block-elasticpress-facet .term a:hover .ep-checkbox{background-color:#ccc}.ep-checkbox{-webkit-box-align:center;-ms-flex-align:center;-ms-flex-negative:0;-webkit-box-pack:center;-ms-flex-pack:center;align-items:center;background-color:#eee;display:-webkit-box;display:-ms-flexbox;display:flex;flex-shrink:0;height:1em;justify-content:center;margin-right:.25em;width:1em}.ep-checkbox:after{border:solid #fff;border-width:0 .125em .125em 0;content:"";display:none;height:.5em;-webkit-transform:rotate(45deg);transform:rotate(45deg);width:.25em}.ep-checkbox.checked{background-color:#5e5e5e}.ep-checkbox.checked:after{display:block} </style> <link rel='stylesheet' id='all-css-18' href='https://news.sophos.com/wp-content/mu-plugins/search/elasticpress/dist/css/related-posts-block-styles.min.css?m=1730999764g' type='text/css' media='all' /> <style id='classic-theme-styles-inline-css'> /*! This file is auto-generated */ .wp-block-button__link{color:#fff;background-color:#32373c;border-radius:9999px;box-shadow:none;text-decoration:none;padding:calc(.667em + 2px) calc(1.333em + 2px);font-size:1.125em}.wp-block-file__button{background:#32373c;color:#fff;text-decoration:none} </style> <style id='global-styles-inline-css'> :root{--wp--preset--aspect-ratio--square: 1;--wp--preset--aspect-ratio--4-3: 4/3;--wp--preset--aspect-ratio--3-4: 3/4;--wp--preset--aspect-ratio--3-2: 3/2;--wp--preset--aspect-ratio--2-3: 2/3;--wp--preset--aspect-ratio--16-9: 16/9;--wp--preset--aspect-ratio--9-16: 9/16;--wp--preset--color--black: #000000;--wp--preset--color--cyan-bluish-gray: #abb8c3;--wp--preset--color--white: #ffffff;--wp--preset--color--pale-pink: #f78da7;--wp--preset--color--vivid-red: #cf2e2e;--wp--preset--color--luminous-vivid-orange: #ff6900;--wp--preset--color--luminous-vivid-amber: #fcb900;--wp--preset--color--light-green-cyan: #7bdcb5;--wp--preset--color--vivid-green-cyan: #00d084;--wp--preset--color--pale-cyan-blue: #8ed1fc;--wp--preset--color--vivid-cyan-blue: #0693e3;--wp--preset--color--vivid-purple: #9b51e0;--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple: linear-gradient(135deg,rgba(6,147,227,1) 0%,rgb(155,81,224) 100%);--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan: linear-gradient(135deg,rgb(122,220,180) 0%,rgb(0,208,130) 100%);--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange: linear-gradient(135deg,rgba(252,185,0,1) 0%,rgba(255,105,0,1) 100%);--wp--preset--gradient--luminous-vivid-orange-to-vivid-red: linear-gradient(135deg,rgba(255,105,0,1) 0%,rgb(207,46,46) 100%);--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray: linear-gradient(135deg,rgb(238,238,238) 0%,rgb(169,184,195) 100%);--wp--preset--gradient--cool-to-warm-spectrum: linear-gradient(135deg,rgb(74,234,220) 0%,rgb(151,120,209) 20%,rgb(207,42,186) 40%,rgb(238,44,130) 60%,rgb(251,105,98) 80%,rgb(254,248,76) 100%);--wp--preset--gradient--blush-light-purple: linear-gradient(135deg,rgb(255,206,236) 0%,rgb(152,150,240) 100%);--wp--preset--gradient--blush-bordeaux: linear-gradient(135deg,rgb(254,205,165) 0%,rgb(254,45,45) 50%,rgb(107,0,62) 100%);--wp--preset--gradient--luminous-dusk: linear-gradient(135deg,rgb(255,203,112) 0%,rgb(199,81,192) 50%,rgb(65,88,208) 100%);--wp--preset--gradient--pale-ocean: linear-gradient(135deg,rgb(255,245,203) 0%,rgb(182,227,212) 50%,rgb(51,167,181) 100%);--wp--preset--gradient--electric-grass: linear-gradient(135deg,rgb(202,248,128) 0%,rgb(113,206,126) 100%);--wp--preset--gradient--midnight: linear-gradient(135deg,rgb(2,3,129) 0%,rgb(40,116,252) 100%);--wp--preset--font-size--small: 13px;--wp--preset--font-size--medium: 20px;--wp--preset--font-size--large: 36px;--wp--preset--font-size--x-large: 42px;--wp--preset--spacing--20: 0.44rem;--wp--preset--spacing--30: 0.67rem;--wp--preset--spacing--40: 1rem;--wp--preset--spacing--50: 1.5rem;--wp--preset--spacing--60: 2.25rem;--wp--preset--spacing--70: 3.38rem;--wp--preset--spacing--80: 5.06rem;--wp--preset--shadow--natural: 6px 6px 9px rgba(0, 0, 0, 0.2);--wp--preset--shadow--deep: 12px 12px 50px rgba(0, 0, 0, 0.4);--wp--preset--shadow--sharp: 6px 6px 0px rgba(0, 0, 0, 0.2);--wp--preset--shadow--outlined: 6px 6px 0px -3px rgba(255, 255, 255, 1), 6px 6px rgba(0, 0, 0, 1);--wp--preset--shadow--crisp: 6px 6px 0px rgba(0, 0, 0, 1);}:where(.is-layout-flex){gap: 0.5em;}:where(.is-layout-grid){gap: 0.5em;}body .is-layout-flex{display: flex;}.is-layout-flex{flex-wrap: wrap;align-items: center;}.is-layout-flex > :is(*, div){margin: 0;}body .is-layout-grid{display: grid;}.is-layout-grid > :is(*, div){margin: 0;}:where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;}:where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;}.has-black-color{color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-color{color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-color{color: var(--wp--preset--color--white) !important;}.has-pale-pink-color{color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-color{color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-color{color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-color{color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-color{color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-color{color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-color{color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-color{color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-color{color: var(--wp--preset--color--vivid-purple) !important;}.has-black-background-color{background-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-background-color{background-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-background-color{background-color: var(--wp--preset--color--white) !important;}.has-pale-pink-background-color{background-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-background-color{background-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-background-color{background-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-background-color{background-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-background-color{background-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-background-color{background-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-background-color{background-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-background-color{background-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-background-color{background-color: var(--wp--preset--color--vivid-purple) !important;}.has-black-border-color{border-color: var(--wp--preset--color--black) !important;}.has-cyan-bluish-gray-border-color{border-color: var(--wp--preset--color--cyan-bluish-gray) !important;}.has-white-border-color{border-color: var(--wp--preset--color--white) !important;}.has-pale-pink-border-color{border-color: var(--wp--preset--color--pale-pink) !important;}.has-vivid-red-border-color{border-color: var(--wp--preset--color--vivid-red) !important;}.has-luminous-vivid-orange-border-color{border-color: var(--wp--preset--color--luminous-vivid-orange) !important;}.has-luminous-vivid-amber-border-color{border-color: var(--wp--preset--color--luminous-vivid-amber) !important;}.has-light-green-cyan-border-color{border-color: var(--wp--preset--color--light-green-cyan) !important;}.has-vivid-green-cyan-border-color{border-color: var(--wp--preset--color--vivid-green-cyan) !important;}.has-pale-cyan-blue-border-color{border-color: var(--wp--preset--color--pale-cyan-blue) !important;}.has-vivid-cyan-blue-border-color{border-color: var(--wp--preset--color--vivid-cyan-blue) !important;}.has-vivid-purple-border-color{border-color: var(--wp--preset--color--vivid-purple) !important;}.has-vivid-cyan-blue-to-vivid-purple-gradient-background{background: var(--wp--preset--gradient--vivid-cyan-blue-to-vivid-purple) !important;}.has-light-green-cyan-to-vivid-green-cyan-gradient-background{background: var(--wp--preset--gradient--light-green-cyan-to-vivid-green-cyan) !important;}.has-luminous-vivid-amber-to-luminous-vivid-orange-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-amber-to-luminous-vivid-orange) !important;}.has-luminous-vivid-orange-to-vivid-red-gradient-background{background: var(--wp--preset--gradient--luminous-vivid-orange-to-vivid-red) !important;}.has-very-light-gray-to-cyan-bluish-gray-gradient-background{background: var(--wp--preset--gradient--very-light-gray-to-cyan-bluish-gray) !important;}.has-cool-to-warm-spectrum-gradient-background{background: var(--wp--preset--gradient--cool-to-warm-spectrum) !important;}.has-blush-light-purple-gradient-background{background: var(--wp--preset--gradient--blush-light-purple) !important;}.has-blush-bordeaux-gradient-background{background: var(--wp--preset--gradient--blush-bordeaux) !important;}.has-luminous-dusk-gradient-background{background: var(--wp--preset--gradient--luminous-dusk) !important;}.has-pale-ocean-gradient-background{background: var(--wp--preset--gradient--pale-ocean) !important;}.has-electric-grass-gradient-background{background: var(--wp--preset--gradient--electric-grass) !important;}.has-midnight-gradient-background{background: var(--wp--preset--gradient--midnight) !important;}.has-small-font-size{font-size: var(--wp--preset--font-size--small) !important;}.has-medium-font-size{font-size: var(--wp--preset--font-size--medium) !important;}.has-large-font-size{font-size: var(--wp--preset--font-size--large) !important;}.has-x-large-font-size{font-size: var(--wp--preset--font-size--x-large) !important;} :where(.wp-block-post-template.is-layout-flex){gap: 1.25em;}:where(.wp-block-post-template.is-layout-grid){gap: 1.25em;} :where(.wp-block-columns.is-layout-flex){gap: 2em;}:where(.wp-block-columns.is-layout-grid){gap: 2em;} :root :where(.wp-block-pullquote){font-size: 1.5em;line-height: 1.6;} </style> <link rel='stylesheet' id='all-css-22' href='https://news.sophos.com/wp-content/themes/sophosnews-2017/style-2021.css?m=1722941894g' type='text/css' media='all' /> <script type="text/javascript" src="https://news.sophos.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraG5sZGRgZmBkXEWAK8tIhI=" ></script><link rel="https://api.w.org/" href="https://news.sophos.com/wp-json/" /><link rel="alternate" title="JSON" type="application/json" href="https://news.sophos.com/wp-json/wp/v2/categories/418107744" /><link rel="EditURI" type="application/rsd+xml" title="RSD" href="https://news.sophos.com/xmlrpc.php?rsd" /> <meta name="generator" content="WordPress 6.7.1" /> <link rel="me" href="https://infosec.exchange/@SophosXOps"/> <style>img#wpstats{display:none}</style>   <meta property="og:type" content="website" /> <meta property="og:title" content="Threat Research – Sophos News" /> <meta property="og:url" content="https://news.sophos.com/en-us/category/threat-research/" /> <meta property="og:site_name" content="Sophos News" /> <meta property="og:image" content="https://news.sophos.com/wp-content/uploads/2024/11/shutterstock_2409651119.jpg?w=640" /> <meta property="og:image:secure_url" content="https://news.sophos.com/wp-content/uploads/2024/11/shutterstock_2409651119.jpg?w=640" /> <meta property="og:image:width" content="512" /> <meta property="og:image:height" content="512" /> <meta property="og:image:alt" content="" /> <meta property="og:locale" content="en_US" /> <meta property="fb:admins" content="28552295016" />  <link rel="icon" href="https://news.sophos.com/wp-content/uploads/2020/01/cropped-sophos.png?w=32" sizes="32x32" /> <link rel="icon" href="https://news.sophos.com/wp-content/uploads/2020/01/cropped-sophos.png?w=192" sizes="192x192" /> <link rel="apple-touch-icon" href="https://news.sophos.com/wp-content/uploads/2020/01/cropped-sophos.png?w=180" /> <meta name="msapplication-TileImage" content="https://news.sophos.com/wp-content/uploads/2020/01/cropped-sophos.png?w=270" /> <style type="text/css" id="wp-custom-css"> .entry-content .embed-vimeo iframe, .entry-content .embed-youtube iframe { aspect-ratio: 16/9; width: 100%; height: auto; } </style> </head> <body class="archive category category-threat-research category-418107744 group-blog">  <noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-TW8W88B" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>  <div id="page" class="hfeed site"> <a class="sr-only" href="#content">Skip to content</a> <header class="bg-blue-600" x-data="{ mobileMenu: false, searchField: false }"> <div class="container"> <div class="flex items-center justify-between h-16">  <div class="flex-shrink-0"> <a class="site-logo" href="https://news.sophos.com/en-us/" rel="home"> <svg width="172" height="17" xmlns="http://www.w3.org/2000/svg"> <g fill="#FFF" fill-rule="evenodd"> <path d="M113.024 5.298V16.74h-2.595V.259h2.265l7.997 11.49V.26h2.619v16.482h-2.289l-7.997-11.443M126.064.259h10.78v2.307H128.8v4.521h7.549v2.214h-7.55v5.133h8.376v2.307h-11.111V.259M138.478.259h2.855l2.694 12.29L147.29.26h2.783l3.61 12.314L156.005.26h2.783l-3.62 16.482h-2.76l-3.751-12.126-3.426 12.126h-2.784L138.478.259M168.933 4.968v-.283c0-1.318-.778-2.425-3.492-2.425-2.43 0-3.279 1.013-3.279 2.284 0 1.201.708 1.743 2.218 2.073l3.491.776c2.123.448 4.129 1.602 4.129 4.333 0 3.014-1.675 5.274-6.204 5.274-5.214 0-6.559-2.26-6.559-4.52v-.307h2.737v.26c0 1.2.755 2.284 3.774 2.284 2.5 0 3.421-1.084 3.421-2.638 0-1.224-.731-1.907-2.289-2.237l-3.49-.777c-2.407-.517-3.917-1.742-3.917-4.309 0-2.566 1.77-4.756 6.016-4.756 4.553 0 6.18 2.26 6.18 4.639v.33h-2.736M85.303 16.718h8.88c2.492 0 3.549-.15 4.379-.677 1.308-.803 2.139-2.378 2.139-4.162 0-1.457-.504-2.868-1.258-3.622-.981-1.006-2.316-1.382-4.783-1.382h-2.693c-1.208 0-2.097-.05-2.6-.276-.605-.277-.956-.81-.956-1.562 0-.88.427-1.455 1.132-1.632.529-.124 1.14-.124 2.726-.15h7.949V.265h-8.754c-1.963 0-2.843.075-3.598.353-1.737.602-2.921 2.383-2.921 4.518 0 1.458.58 2.745 1.587 3.624.881.753 2.189 1.105 4.202 1.105h3.584c.805 0 1.46.1 1.813.3.678.327 1.08.934 1.08 1.714 0 .652-.301 1.122-.83 1.447-.426.278-1.158.403-2.49.403h-8.588v2.99zm-84.945 0h8.88c2.492 0 3.549-.15 4.38-.677 1.307-.803 2.138-2.378 2.138-4.162 0-1.457-.504-2.868-1.258-3.622-.982-1.006-2.316-1.382-4.783-1.382H7.023c-1.209 0-2.098-.05-2.6-.276-.605-.277-.957-.81-.957-1.562 0-.88.427-1.455 1.132-1.632.53-.124 1.141-.124 2.726-.15h7.95V.265H6.52c-1.964 0-2.844.075-3.6.353C1.185 1.22 0 3 0 5.136 0 6.594.582 7.881 1.587 8.76c.881.753 2.19 1.105 4.203 1.105h3.582c.807 0 1.46.1 1.814.3.678.327 1.08.934 1.08 1.714 0 .652-.3 1.122-.83 1.447-.426.278-1.157.403-2.49.403H.358v2.99zM71.99 4.596c-.52.813-.765 2.118-.765 3.87 0 3.845 1.331 5.595 4.294 5.595 2.915 0 4.248-1.75 4.248-5.546 0-3.847-1.308-5.571-4.248-5.571-1.604 0-2.864.592-3.53 1.652zm10.05-1.897c1.013 1.33 1.58 3.498 1.58 6.039 0 2.882-.914 5.249-2.544 6.555-1.233.986-3.11 1.528-5.335 1.528-3.16 0-5.654-1.037-6.937-2.884-.964-1.355-1.435-3.155-1.435-5.35 0-3.152.866-5.544 2.495-6.826C71.149.726 73.175.158 75.497.158c2.938 0 5.284.913 6.543 2.54zM65.36.279h-3.507v6.73h-6.345V.278h-3.507v16.439h3.507V9.94h6.345v6.778h3.506V.278zM43.533 8.042c.938 0 1.48-.123 1.852-.469.442-.37.715-1.158.715-2.07 0-1.084-.443-1.872-1.208-2.144-.272-.1-.717-.149-1.286-.149h-4.839v4.832h4.766zm-4.766 8.674h-3.507V.278h8.223c2.889 0 3.902.295 4.988 1.504.964 1.036 1.481 2.39 1.481 3.845 0 1.725-.69 3.327-1.826 4.289-.962.813-1.854 1.058-3.728 1.058h-5.63v5.743zM21.665 4.596c-.519.813-.764 2.118-.764 3.87 0 3.845 1.333 5.595 4.297 5.595 2.913 0 4.247-1.75 4.247-5.546 0-3.847-1.308-5.571-4.247-5.571-1.606 0-2.866.592-3.533 1.652zm10.052-1.897c1.014 1.33 1.581 3.498 1.581 6.039 0 2.882-.914 5.249-2.545 6.555-1.233.986-3.11 1.528-5.333 1.528-3.162 0-5.656-1.037-6.94-2.884-.964-1.355-1.432-3.155-1.432-5.35 0-3.152.865-5.544 2.496-6.826C20.825.726 22.85.158 25.173.158c2.938 0 5.286.913 6.544 2.54z"/> </g> </svg> </a> </div>  <div class="lg:flex justify-end flex-grow hidden" x-show="searchField" x-cloak> <div class="relative w-1/2 rounded-md shadow-sm"> <form role="search" method="get" action="https://news.sophos.com/en-us/"> <input type="text" class="block w-full text-lg text-white placeholder-gray-100 bg-blue-800 border-0 rounded-md font-sansMedium font-medium" placeholder="Type to Search News" x-ref="searchInput" name="s" /> <div class="absolute inset-y-0 right-0 flex items-center px-3"> <button class="hover:opacity-100 opacity-60 p-1 text-xs text-white uppercase rounded-full cursor-pointer" type="submit" > Search </button> </div> </form> </div> </div>  <div class="lg:flex items-center flex-grow hidden" x-show="!searchField" x-cloak> <div class="flex ml-auto"> <ul id="menu-en-us-primary" class="primary-menu"><li id="menu-item-77773" class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-77773"><a href="https://news.sophos.com/en-us/category/products-services/">Products & Services<div class="menu-item-description"></div></a></li> <li id="menu-item-77772" class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-77772"><a href="https://news.sophos.com/en-us/category/security-operations/">Security Operations<div class="menu-item-description"></div></a></li> <li id="menu-item-77774" class="menu-item menu-item-type-taxonomy menu-item-object-category current-menu-item menu-item-77774"><a href="https://news.sophos.com/en-us/category/threat-research/" aria-current="page">Threat Research<div class="menu-item-description"></div></a></li> <li id="menu-item-85326" class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-85326"><a href="https://news.sophos.com/en-us/category/ai-research/">AI Research<div class="menu-item-description"></div></a></li> <li id="menu-item-951374" class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-951374"><a href="https://news.sophos.com/en-us/category/serious-security/">Naked Security<div class="menu-item-description"></div></a></li> <li id="menu-item-83702" class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-83702"><a href="https://news.sophos.com/en-us/category/sophos-life/">Sophos Life<div class="menu-item-description"></div></a></li> </ul> </div> </div>  <div class="lg:block hidden ml-4"> <div class="flex items-center"> <button class="border-2 border-transparent hover:border-white inline-flex items-center justify-center p-2 text-white rounded-md focus:outline-none transition-colors" @click.prevent="searchField = !searchField; $nextTick(() => { setTimeout(() => { $refs.searchInput.focus(); }, 150);});" > <span class="sr-only">Search</span>  <svg class="w-5 h-5" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" :class="{ 'block': !searchField, 'hidden': searchField }" > <path stroke-linecap="round" stroke-linejoin="round" stroke-width="3" d="M21 21l-6-6m2-5a7 7 0 11-14 0 7 7 0 0114 0z" /> </svg> <svg class="hidden w-5 h-5" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" aria-hidden="true" :class="{ 'block': searchField, 'hidden': !searchField }" > <path stroke-linecap="round" stroke-linejoin="round" stroke-width="3" d="M6 18L18 6M6 6l12 12" /> </svg> </button> </div> </div>  <div class="lg:hidden flex -mr-2"> <button type="button" class="hover:text-white hover:bg-blue-800 focus:outline-none hover:ring-2 focus:ring-offset-2 focus:ring-offset-gray-300 focus:ring-white inline-flex items-center justify-center p-2 text-white rounded-md" aria-controls="mobile-menu" aria-expanded="false" @click="mobileMenu = !mobileMenu" > <span class="sr-only">Open main menu</span>  <svg class="block w-6 h-6" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" :class="{ 'block': !mobileMenu, 'hidden': mobileMenu }" > <path stroke-linecap="round" stroke-linejoin="round" stroke-width="3" d="M4 6h16M4 12h16m-7 6h7" /> </svg>  <svg class="hidden w-6 h-6" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" aria-hidden="true" :class="{ 'block': mobileMenu, 'hidden': !mobileMenu }" > <path stroke-linecap="round" stroke-linejoin="round" stroke-width="3" d="M6 18L18 6M6 6l12 12" /> </svg> </button> </div> </div> </div>  <div class="lg:hidden container" x-show="mobileMenu" x-cloak x-transition:enter="transition-all ease-out duration-100" x-transition:enter-start="transform opacity-0 scale-95" x-transition:enter-end="transform opacity-100 scale-100" x-transition:leave="transition ease-in duration-75" x-transition:leave-start="transform opacity-100 scale-100" x-transition:leave-end="transform opacity-0 scale-95" > <div class="pt-2 pb-8 space-y-2"> <div class="relative rounded-md shadow-sm"> <form role="search" method="get" action="https://news.sophos.com/en-us/"> <input type="text" class="focus:ring-blue-600 focus:border-blue-600 sm:text-sm block w-full placeholder-gray-600 border-gray-300 rounded-md" placeholder="Search News" name="s" /> <div class="absolute inset-y-0 right-0 flex items-center px-3 pointer-events-none" > <button class="p-1 text-gray-500 rounded-full" type="submit"> <span class="sr-only">Search</span>  <svg class="w-4 h-4" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24" stroke="currentColor" > <path stroke-linecap="round" stroke-linejoin="round" stroke-width="3" d="M21 21l-6-6m2-5a7 7 0 11-14 0 7 7 0 0114 0z" /> </svg> </button> </div> </form> </div> <ul id="menu-en-us-primary-1" class="mobile-menu"><li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-77773"><a href="https://news.sophos.com/en-us/category/products-services/">Products & Services<div class="menu-item-description"></div></a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-77772"><a href="https://news.sophos.com/en-us/category/security-operations/">Security Operations<div class="menu-item-description"></div></a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category current-menu-item menu-item-77774"><a href="https://news.sophos.com/en-us/category/threat-research/" aria-current="page">Threat Research<div class="menu-item-description"></div></a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-85326"><a href="https://news.sophos.com/en-us/category/ai-research/">AI Research<div class="menu-item-description"></div></a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-951374"><a href="https://news.sophos.com/en-us/category/serious-security/">Naked Security<div class="menu-item-description"></div></a></li> <li class="menu-item menu-item-type-taxonomy menu-item-object-category menu-item-83702"><a href="https://news.sophos.com/en-us/category/sophos-life/">Sophos Life<div class="menu-item-description"></div></a></li> </ul> </div> </div> </header> <div id="content"> <div id="primary" class="content-area"> <div class="bg-black bg-center bg-no-repeat bg-contain bg-auto" > <div class="container relative"> <div class="aspect-w-16 aspect-h-4 bg-top-left lg:bg-top-right bg-no-repeat bg-contain bg-auto lg:bg-40% xl:bg-60%" style="background-image: url('https://news.sophos.com/wp-content/uploads/2022/07/Category-Banner-Threat-Research@2x.jpg');" > </div> <div class="lg:aspect-w-16 lg:aspect-h-4 lg:absolute lg:top-0 w-full"> <div class="flex flex-col justify-center"> <div class="md:max-w-xl sm:pb-8 pb-6"> <div class="text-style-h1 text-white"> Threat Research </div> <div class="md:text-2xl md:mt-4 mt-1 text-lg text-white"> The latest intelligence and analysis from Sophos X‑Ops threat experts </div> </div> </div> </div> </div> </div> <main id="main" class="lg:pt-8 pt-4 pb-4" role="main"> <div class="container"> <div class="flex items-baseline justify-between"> <div class="section-title"> Featured Articles </div> <a class="text-sophos-blue-600 font-sansMedium font-medium leading-tight flex items-baseline" href="feed" > <svg aria-hidden="true" data-prefix="fas" data-icon="rss" class="w-3 h-3 mr-1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 448 512"> <path fill="currentColor" d="M128.081 415.959c0 35.369-28.672 64.041-64.041 64.041S0 451.328 0 415.959s28.672-64.041 64.041-64.041 64.04 28.673 64.04 64.041zm175.66 47.25c-8.354-154.6-132.185-278.587-286.95-286.95C7.656 175.765 0 183.105 0 192.253v48.069c0 8.415 6.49 15.472 14.887 16.018 111.832 7.284 201.473 96.702 208.772 208.772.547 8.397 7.604 14.887 16.018 14.887h48.069c9.149.001 16.489-7.655 15.995-16.79zm144.249.288C439.596 229.677 251.465 40.445 16.503 32.01 7.473 31.686 0 38.981 0 48.016v48.068c0 8.625 6.835 15.645 15.453 15.999 191.179 7.839 344.627 161.316 352.465 352.465.353 8.618 7.373 15.453 15.999 15.453h48.068c9.034-.001 16.329-7.474 16.005-16.504z"/> </svg> RSS </a> </span> </div>  <div class="article-grid article-grid--1-column">  <article id="post-958406" class="md:flex-row hover:shadow-lg dark:text-white dark:bg-gray-900 flex flex-col overflow-hidden text-gray-700 transition-all bg-white rounded-md shadow-md border border-sophos-gray-200 post-958406 post type-post status-publish format-standard has-post-thumbnail hentry category-threat-research tag-cve-2024-43451 tag-cve-2024-43623 tag-cve-2024-43630 tag-cve-2024-49033 tag-cve-2024-49039 tag-featured tag-microsoft-defender tag-microsoft-windows tag-patch-tuesday region-en-us">  <a class="md:aspect-w-3 md:aspect-h-1 aspect-w-16 aspect-h-9 flex block bg-gray-400 bg-right bg-no-repeat bg-cover" href="https://news.sophos.com/en-us/2024/11/13/november-patch-tuesday-loads-up-everyones-plate/" rel="bookmark" style=" background-image: url('https://news.sophos.com/wp-content/uploads/2024/11/shutterstock_1829686103.jpg?w=640'); min-width: 50%; " ></a>  <div class="flex flex-col justify-between flex-grow">  <div class="sm:px-8 sm:py-8 p-4 py-6">  <div class="text-sophos-blue-600 font-sansMedium mb-2 text-xs leading-tight uppercase truncate" > November 13, 2024 </div>  <h1 class="text-style-h1 line-clamp-3 lg:line-clamp-none lg:overflow-visible dark:text-white max-w-5xl mb-4 text-gray-700"><a href="https://news.sophos.com/en-us/2024/11/13/november-patch-tuesday-loads-up-everyones-plate/" rel="bookmark" class="dark:text-white line-clamp-3 text-gray-900 no-underline cursor-pointer">November Patch Tuesday loads up everyone鈥檚 plate</a></h1>  <div class="line-clamp-3 mb-4 text-lg leading-snug"> Fourteen product families affected as 2024 passes an unfortunate milestone </div> </div>  <div class="sm:px-8 sm:pb-8 sm:pt-4 flex items-end justify-between p-4 pt-0">  <div class="flex -space-x-3"> <span class="author-coin"> <img width="96" height="71" src="https://news.sophos.com/wp-content/uploads/2022/03/angela.gunn_.png?w=96" class="avatar avatar-96 photo wp-post-image" alt="" /> </span> </div>  <div class="sm:flex hidden space-x-1 space-y-1 flex-wrap justify-end items-baseline space-x-1 space-y-1"> <a href="https://news.sophos.com/en-us/category/threat-research/" class="category-tag-pill">Threat Research</a> </div> </div> </div> </article> </div> <div class="article-grid article-grid--2-column md:mb-16 mb-8">  <article id="post-957839" class="hover:shadow-lg dark:bg-sophos-gray-900 border-sophos-gray-200 flex flex-col overflow-hidden text-gray-700 transition-all bg-white border rounded-md shadow-md post-957839 post type-post status-publish format-standard has-post-thumbnail hentry category-threat-research tag-featured tag-phishing tag-qr-code tag-quishing tag-sophos-x-ops tag-spam tag-spearphishing tag-x-ops region-en-us">  <a class="aspect-w-16 aspect-h-9 flex block bg-gray-400 bg-right bg-no-repeat bg-cover" href="https://news.sophos.com/en-us/2024/10/16/quishing/" rel="bookmark" style=" background-image: url('https://news.sophos.com/wp-content/uploads/2024/10/image1.png?w=640'); " ></a>  <div class="flex flex-col justify-between flex-grow">  <div class="sm:px-8 sm:py-8 p-4 py-6">  <div class="text-sophos-blue-600 font-sansMedium mb-2 text-xs leading-tight uppercase truncate" > October 16, 2024 </div>  <h2 class="text-style-h2 line-clamp-3 sm:mb-4 sm:text-2xl sm:leading-snug text-lg leading-tight text-gray-700"><a href="https://news.sophos.com/en-us/2024/10/16/quishing/" rel="bookmark" class="dark:text-white font-sansSemiBold font-semibold text-gray-900 no-underline cursor-pointer">From QR to compromise: The growing “quishing” threat</a></h2>  <div class="sm:line-clamp-3 dark:text-white hidden text-lg leading-snug" > Attackers leverage QR codes in PDF email attachments to spearphish corporate credentials from mobile devices </div> </div>  <div class="sm:px-8 sm:pb-8 sm:pt-4 flex items-end justify-between p-4 pt-0">  <div class="flex -space-x-3"> <span class="author-coin"> <img width="84" height="96" src="https://news.sophos.com/wp-content/uploads/2024/10/amit.png?w=84" class="avatar avatar-96 photo wp-post-image" alt="Amit Panjawani" /> </span> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2020/01/f50259f64d178cc64a3136ba9f1eedaa072cc0645110d9357a50a2fe76398cbe.png?w=96" class="avatar avatar-96 photo wp-post-image" alt="" /> </span> </div>  <div class="sm:flex hidden space-x-1 space-y-1 flex-wrap justify-end items-baseline space-x-1 space-y-1"> <a href="https://news.sophos.com/en-us/category/threat-research/" class="category-tag-pill">Threat Research</a> </div> </div> </div> </article>  <article id="post-957250" class="hover:shadow-lg dark:bg-sophos-gray-900 border-sophos-gray-200 flex flex-col overflow-hidden text-gray-700 transition-all bg-white border rounded-md shadow-md post-957250 post type-post status-publish format-standard has-post-thumbnail hentry category-security-operations category-threat-research tag-backdoordiplomacy tag-chinese-apt tag-crimson-palace tag-earth-longzhi tag-featured tag-mdr tag-ref5961 tag-sophos-x-ops tag-ta428 tag-unfading-sea-haze region-en-us">  <a class="aspect-w-16 aspect-h-9 flex block bg-gray-400 bg-right bg-no-repeat bg-cover" href="https://news.sophos.com/en-us/2024/09/10/crimson-palace-new-tools-tactics-targets/" rel="bookmark" style=" background-image: url('https://news.sophos.com/wp-content/uploads/2024/09/shutterstock_2458057241.jpg?w=640'); " ></a>  <div class="flex flex-col justify-between flex-grow">  <div class="sm:px-8 sm:py-8 p-4 py-6">  <div class="text-sophos-blue-600 font-sansMedium mb-2 text-xs leading-tight uppercase truncate" > September 10, 2024 </div>  <h2 class="text-style-h2 line-clamp-3 sm:mb-4 sm:text-2xl sm:leading-snug text-lg leading-tight text-gray-700"><a href="https://news.sophos.com/en-us/2024/09/10/crimson-palace-new-tools-tactics-targets/" rel="bookmark" class="dark:text-white font-sansSemiBold font-semibold text-gray-900 no-underline cursor-pointer">Crimson Palace returns: New Tools, Tactics, and Targets聽</a></h2>  <div class="sm:line-clamp-3 dark:text-white hidden text-lg leading-snug" > Chinese cyberespionage campaign renews efforts in multiple organizations in Southeast Asia, blending tactics and expanding efforts聽 </div> </div>  <div class="sm:px-8 sm:pb-8 sm:pt-4 flex items-end justify-between p-4 pt-0">  <div class="flex -space-x-3"> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2024/06/mark.jpg?w=96" class="avatar avatar-96 photo wp-post-image" alt="Mark Parsons" /> </span> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2023/07/Morgan-profile.jpg?w=96" class="avatar avatar-96 photo wp-post-image" alt="Morgan Demboski, Sophos X-Ops (MDR)" /> </span> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2020/02/sean-gallagher.jpg?w=96" class="avatar avatar-96 photo wp-post-image" alt="Sean Gallagher" /> </span> </div>  <div class="sm:flex hidden space-x-1 space-y-1 flex-wrap justify-end items-baseline space-x-1 space-y-1"> <a href="https://news.sophos.com/en-us/category/security-operations/" class="category-tag-pill">Security Operations</a><a href="https://news.sophos.com/en-us/category/threat-research/" class="category-tag-pill">Threat Research</a> </div> </div> </div> </article> </div> <div class="ajax-content-wrapper"> <div class="article-grid article-grid--3-column">  <article id="post-958497" class="hover:shadow-lg dark:bg-sophos-gray-900 border-sophos-gray-200 flex flex-col overflow-hidden text-gray-700 transition-all bg-white border rounded-md shadow-md post-958497 post type-post status-publish format-standard has-post-thumbnail hentry category-security-operations category-threat-research tag-atera tag-legitimate-service-abuse tag-mdr tag-muddywater tag-phishing tag-rmm tag-stac-1171 tag-ta450 region-en-us">  <a class="aspect-w-16 aspect-h-9 flex block bg-gray-400 bg-right bg-no-repeat bg-cover" href="https://news.sophos.com/en-us/2024/11/20/sophos-mdr-blocks-and-tracks-activity-from-probable-iranian-state-actor-muddywater/" rel="bookmark" style=" background-image: url('https://news.sophos.com/wp-content/uploads/2024/11/shutterstock_2409651119.jpg?w=640'); " ></a>  <div class="flex flex-col justify-between flex-grow">  <div class="sm:px-8 sm:py-8 p-4 py-6">  <div class="text-sophos-blue-600 font-sansMedium mb-2 text-xs leading-tight uppercase truncate" > November 20, 2024 </div>  <h2 class="text-style-h2 line-clamp-3 sm:mb-4 sm:text-2xl sm:leading-snug text-lg leading-tight text-gray-700"><a href="https://news.sophos.com/en-us/2024/11/20/sophos-mdr-blocks-and-tracks-activity-from-probable-iranian-state-actor-muddywater/" rel="bookmark" class="dark:text-white font-sansSemiBold font-semibold text-gray-900 no-underline cursor-pointer">Sophos MDR blocks and tracks activity from probable Iranian state actor “MuddyWater”</a></h2>  </div>  <div class="sm:px-8 sm:pb-8 sm:pt-4 flex items-end justify-between p-4 pt-0">  <div class="flex -space-x-3"> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2020/02/sean-gallagher.jpg?w=96" class="avatar avatar-96 photo wp-post-image" alt="Sean Gallagher" /> </span> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2023/07/Morgan-profile.jpg?w=96" class="avatar avatar-96 photo wp-post-image" alt="Morgan Demboski, Sophos X-Ops (MDR)" /> </span> </div>  <div class="sm:flex hidden space-x-1 space-y-1 flex-wrap justify-end items-baseline space-x-1 space-y-1"> <a href="https://news.sophos.com/en-us/category/security-operations/" class="category-tag-pill">Security Operations</a><a href="https://news.sophos.com/en-us/category/threat-research/" class="category-tag-pill">Threat Research</a> </div> </div> </div> </article>  <article id="post-958371" class="hover:shadow-lg dark:bg-sophos-gray-900 border-sophos-gray-200 flex flex-col overflow-hidden text-gray-700 transition-all bg-white border rounded-md shadow-md post-958371 post type-post status-publish format-standard has-post-thumbnail hentry category-security-operations category-threat-research tag-crypto-ransomware tag-junk-gun tag-mdr tag-veeam tag-vpns region-en-us">  <a class="aspect-w-16 aspect-h-9 flex block bg-gray-400 bg-right bg-no-repeat bg-cover" href="https://news.sophos.com/en-us/2024/11/08/veeam-exploit-seen-used-again-with-a-new-ransomware-frag/" rel="bookmark" style=" background-image: url('https://news.sophos.com/wp-content/uploads/2024/11/frag-note-redact.png?w=640'); " ></a>  <div class="flex flex-col justify-between flex-grow">  <div class="sm:px-8 sm:py-8 p-4 py-6">  <div class="text-sophos-blue-600 font-sansMedium mb-2 text-xs leading-tight uppercase truncate" > November 08, 2024 </div>  <h2 class="text-style-h2 line-clamp-3 sm:mb-4 sm:text-2xl sm:leading-snug text-lg leading-tight text-gray-700"><a href="https://news.sophos.com/en-us/2024/11/08/veeam-exploit-seen-used-again-with-a-new-ransomware-frag/" rel="bookmark" class="dark:text-white font-sansSemiBold font-semibold text-gray-900 no-underline cursor-pointer">VEEAM exploit seen used again with a new ransomware: “Frag”</a></h2>  </div>  <div class="sm:px-8 sm:pb-8 sm:pt-4 flex items-end justify-between p-4 pt-0">  <div class="flex -space-x-3"> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2020/02/sean-gallagher.jpg?w=96" class="avatar avatar-96 photo wp-post-image" alt="Sean Gallagher" /> </span> </div>  <div class="sm:flex hidden space-x-1 space-y-1 flex-wrap justify-end items-baseline space-x-1 space-y-1"> <a href="https://news.sophos.com/en-us/category/security-operations/" class="category-tag-pill">Security Operations</a><a href="https://news.sophos.com/en-us/category/threat-research/" class="category-tag-pill">Threat Research</a> </div> </div> </div> </article>  <article id="post-958247" class="hover:shadow-lg dark:bg-sophos-gray-900 border-sophos-gray-200 flex flex-col overflow-hidden text-gray-700 transition-all bg-white border rounded-md shadow-md post-958247 post type-post status-publish format-standard has-post-thumbnail hentry category-security-operations category-threat-research tag-gootloader tag-javascript tag-loader tag-mdr tag-search-engine-poisoning tag-seo-poisoning region-en-us">  <a class="aspect-w-16 aspect-h-9 flex block bg-gray-400 bg-right bg-no-repeat bg-cover" href="https://news.sophos.com/en-us/2024/11/06/bengal-cat-lovers-in-australia-get-psspsspssd-in-google-driven-gootloader-campaign/" rel="bookmark" style=" background-image: url('https://news.sophos.com/wp-content/uploads/2024/10/shutterstock_asset-generation-9e8a3dcf-7a9d-4795-a22c-6077ad8cd3d4-2_edited.jpeg?w=640'); " ></a>  <div class="flex flex-col justify-between flex-grow">  <div class="sm:px-8 sm:py-8 p-4 py-6">  <div class="text-sophos-blue-600 font-sansMedium mb-2 text-xs leading-tight uppercase truncate" > November 06, 2024 </div>  <h2 class="text-style-h2 line-clamp-3 sm:mb-4 sm:text-2xl sm:leading-snug text-lg leading-tight text-gray-700"><a href="https://news.sophos.com/en-us/2024/11/06/bengal-cat-lovers-in-australia-get-psspsspssd-in-google-driven-gootloader-campaign/" rel="bookmark" class="dark:text-white font-sansSemiBold font-semibold text-gray-900 no-underline cursor-pointer">Bengal cat lovers in Australia get psspsspss鈥檇 in Google-driven Gootloader campaign</a></h2>  <div class="sm:line-clamp-3 dark:text-white hidden text-lg leading-snug" > The Internet is full of cats鈥攁nd in this case, malware-delivering fake cat websites used for very targeted search engine optimization. </div> </div>  <div class="sm:px-8 sm:pb-8 sm:pt-4 flex items-end justify-between p-4 pt-0">  <div class="flex -space-x-3"> <span class="author-coin"> <img alt='' src='https://news.sophos.com/wp-content/themes/sophosnews-2017/img/avatars/avatar-two.png' class='avatar avatar-96 photo avatar-default' height='96' width='96' /> </span> <span class="author-coin"> <img alt='' src='https://news.sophos.com/wp-content/themes/sophosnews-2017/img/avatars/avatar-one.png' class='avatar avatar-96 photo avatar-default' height='96' width='96' /> </span> <span class="author-coin"> <img alt='' src='https://news.sophos.com/wp-content/themes/sophosnews-2017/img/avatars/avatar-one.png' class='avatar avatar-96 photo avatar-default' height='96' width='96' /> </span> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2020/02/sean-gallagher.jpg?w=96" class="avatar avatar-96 photo wp-post-image" alt="Sean Gallagher" /> </span> </div>  <div class="sm:flex hidden space-x-1 space-y-1 flex-wrap justify-end items-baseline space-x-1 space-y-1"> <a href="https://news.sophos.com/en-us/category/security-operations/" class="category-tag-pill">Security Operations</a><a href="https://news.sophos.com/en-us/category/threat-research/" class="category-tag-pill">Threat Research</a> </div> </div> </div> </article>  <article id="post-957712" class="hover:shadow-lg dark:bg-sophos-gray-900 border-sophos-gray-200 flex flex-col overflow-hidden text-gray-700 transition-all bg-white border rounded-md shadow-md post-957712 post type-post status-publish format-standard has-post-thumbnail hentry category-threat-research tag-deepspeed tag-patch-tuesday tag-windows region-en-us">  <a class="aspect-w-16 aspect-h-9 flex block bg-gray-400 bg-right bg-no-repeat bg-cover" href="https://news.sophos.com/en-us/2024/10/09/october-patch-tuesday-harvest-hauls-in-117-cves/" rel="bookmark" style=" background-image: url('https://news.sophos.com/wp-content/uploads/2024/10/shutterstock_1789663277.jpg?w=640'); " ></a>  <div class="flex flex-col justify-between flex-grow">  <div class="sm:px-8 sm:py-8 p-4 py-6">  <div class="text-sophos-blue-600 font-sansMedium mb-2 text-xs leading-tight uppercase truncate" > October 09, 2024 </div>  <h2 class="text-style-h2 line-clamp-3 sm:mb-4 sm:text-2xl sm:leading-snug text-lg leading-tight text-gray-700"><a href="https://news.sophos.com/en-us/2024/10/09/october-patch-tuesday-harvest-hauls-in-117-cves/" rel="bookmark" class="dark:text-white font-sansSemiBold font-semibold text-gray-900 no-underline cursor-pointer">October Patch Tuesday harvest hauls in 117 CVEs</a></h2>  <div class="sm:line-clamp-3 dark:text-white hidden text-lg leading-snug" > Bumper crop of Windows vulns leads the way; 15 product groups represented </div> </div>  <div class="sm:px-8 sm:pb-8 sm:pt-4 flex items-end justify-between p-4 pt-0">  <div class="flex -space-x-3"> <span class="author-coin"> <img width="96" height="71" src="https://news.sophos.com/wp-content/uploads/2022/03/angela.gunn_.png?w=96" class="avatar avatar-96 photo wp-post-image" alt="" /> </span> </div>  <div class="sm:flex hidden space-x-1 space-y-1 flex-wrap justify-end items-baseline space-x-1 space-y-1"> <a href="https://news.sophos.com/en-us/category/threat-research/" class="category-tag-pill">Threat Research</a> </div> </div> </div> </article>  <article id="post-957257" class="hover:shadow-lg dark:bg-sophos-gray-900 border-sophos-gray-200 flex flex-col overflow-hidden text-gray-700 transition-all bg-white border rounded-md shadow-md post-957257 post type-post status-publish format-standard has-post-thumbnail hentry category-products-services category-threat-research tag-endpoint-antivirus tag-endpoint-security tag-kernel-driver tag-microsoft region-en-us">  <a class="aspect-w-16 aspect-h-9 flex block bg-gray-400 bg-right bg-no-repeat bg-cover" href="https://news.sophos.com/en-us/2024/09/12/endpoint-security-ecosystem/" rel="bookmark" style=" background-image: url('https://news.sophos.com/wp-content/uploads/2024/09/shutterstock_2129942807.jpg?w=640'); " ></a>  <div class="flex flex-col justify-between flex-grow">  <div class="sm:px-8 sm:py-8 p-4 py-6">  <div class="text-sophos-blue-600 font-sansMedium mb-2 text-xs leading-tight uppercase truncate" > September 12, 2024 </div>  <h2 class="text-style-h2 line-clamp-3 sm:mb-4 sm:text-2xl sm:leading-snug text-lg leading-tight text-gray-700"><a href="https://news.sophos.com/en-us/2024/09/12/endpoint-security-ecosystem/" rel="bookmark" class="dark:text-white font-sansSemiBold font-semibold text-gray-900 no-underline cursor-pointer">Standing on the Windows platform, waiting for change</a></h2>  <div class="sm:line-clamp-3 dark:text-white hidden text-lg leading-snug" > In the wake of a gathering of industry leaders at Microsoft to discuss the endpoint-security ecosystem, some thoughts </div> </div>  <div class="sm:px-8 sm:pb-8 sm:pt-4 flex items-end justify-between p-4 pt-0">  <div class="flex -space-x-3"> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2024/09/neil-watkiss-bio-photo.png?w=96" class="avatar avatar-96 photo wp-post-image" alt="Neil Watkiss" /> </span> </div>  <div class="sm:flex hidden space-x-1 space-y-1 flex-wrap justify-end items-baseline space-x-1 space-y-1"> <a href="https://news.sophos.com/en-us/category/products-services/" class="category-tag-pill">Products & Services</a><a href="https://news.sophos.com/en-us/category/threat-research/" class="category-tag-pill">Threat Research</a> </div> </div> </div> </article>  <article id="post-957336" class="hover:shadow-lg dark:bg-sophos-gray-900 border-sophos-gray-200 flex flex-col overflow-hidden text-gray-700 transition-all bg-white border rounded-md shadow-md post-957336 post type-post status-publish format-standard has-post-thumbnail hentry category-threat-research tag-intercept-x tag-microsoft tag-microsoft-windows tag-patch-tuesday region-en-us">  <a class="aspect-w-16 aspect-h-9 flex block bg-gray-400 bg-right bg-no-repeat bg-cover" href="https://news.sophos.com/en-us/2024/09/12/september-patch-tuesday-addresses-79-cves/" rel="bookmark" style=" background-image: url('https://news.sophos.com/wp-content/uploads/2024/09/shutterstock_1521141509.jpg?w=640'); " ></a>  <div class="flex flex-col justify-between flex-grow">  <div class="sm:px-8 sm:py-8 p-4 py-6">  <div class="text-sophos-blue-600 font-sansMedium mb-2 text-xs leading-tight uppercase truncate" > September 12, 2024 </div>  <h2 class="text-style-h2 line-clamp-3 sm:mb-4 sm:text-2xl sm:leading-snug text-lg leading-tight text-gray-700"><a href="https://news.sophos.com/en-us/2024/09/12/september-patch-tuesday-addresses-79-cves/" rel="bookmark" class="dark:text-white font-sansSemiBold font-semibold text-gray-900 no-underline cursor-pointer">September Patch Tuesday addresses 79 CVEs</a></h2>  <div class="sm:line-clamp-3 dark:text-white hidden text-lg leading-snug" > Seven critical-severity vulnerabilities addressed, including an extraordinary (but narrow) Windows Update flaw </div> </div>  <div class="sm:px-8 sm:pb-8 sm:pt-4 flex items-end justify-between p-4 pt-0">  <div class="flex -space-x-3"> <span class="author-coin"> <img width="96" height="71" src="https://news.sophos.com/wp-content/uploads/2022/03/angela.gunn_.png?w=96" class="avatar avatar-96 photo wp-post-image" alt="" /> </span> </div>  <div class="sm:flex hidden space-x-1 space-y-1 flex-wrap justify-end items-baseline space-x-1 space-y-1"> <a href="https://news.sophos.com/en-us/category/threat-research/" class="category-tag-pill">Threat Research</a> </div> </div> </div> </article>  <article id="post-957191" class="hover:shadow-lg dark:bg-sophos-gray-900 border-sophos-gray-200 flex flex-col overflow-hidden text-gray-700 transition-all bg-white border rounded-md shadow-md post-957191 post type-post status-publish format-standard has-post-thumbnail hentry category-threat-research tag-amos tag-atomic-stealer tag-infostealer tag-macos tag-sophos-x-ops region-en-us">  <a class="aspect-w-16 aspect-h-9 flex block bg-gray-400 bg-right bg-no-repeat bg-cover" href="https://news.sophos.com/en-us/2024/09/06/atomic-macos-stealer-leads-sensitive-data-theft-on-macos/" rel="bookmark" style=" background-image: url('https://news.sophos.com/wp-content/uploads/2024/09/shutterstock_2449650047.jpg?w=640'); " ></a>  <div class="flex flex-col justify-between flex-grow">  <div class="sm:px-8 sm:py-8 p-4 py-6">  <div class="text-sophos-blue-600 font-sansMedium mb-2 text-xs leading-tight uppercase truncate" > September 06, 2024 </div>  <h2 class="text-style-h2 line-clamp-3 sm:mb-4 sm:text-2xl sm:leading-snug text-lg leading-tight text-gray-700"><a href="https://news.sophos.com/en-us/2024/09/06/atomic-macos-stealer-leads-sensitive-data-theft-on-macos/" rel="bookmark" class="dark:text-white font-sansSemiBold font-semibold text-gray-900 no-underline cursor-pointer">Atomic macOS Stealer leads sensitive data theft on macOS</a></h2>  <div class="sm:line-clamp-3 dark:text-white hidden text-lg leading-snug" > Sophos X-Ops explores the distribution and capabilities of the Atomic macOS Stealer (AMOS) </div> </div>  <div class="sm:px-8 sm:pb-8 sm:pt-4 flex items-end justify-between p-4 pt-0">  <div class="flex -space-x-3"> <span class="author-coin"> <img alt='' src='https://news.sophos.com/wp-content/themes/sophosnews-2017/img/avatars/avatar-three.png' class='avatar avatar-96 photo' height='96' width='96' /> </span> <span class="author-coin"> <img alt='' src='https://news.sophos.com/wp-content/themes/sophosnews-2017/img/avatars/avatar-one.png' class='avatar avatar-96 photo avatar-default' height='96' width='96' /> </span> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2021/05/yusuf_photo.jpeg?w=96" class="avatar avatar-96 photo wp-post-image" alt="" /> </span> </div>  <div class="sm:flex hidden space-x-1 space-y-1 flex-wrap justify-end items-baseline space-x-1 space-y-1"> <a href="https://news.sophos.com/en-us/category/threat-research/" class="category-tag-pill">Threat Research</a> </div> </div> </div> </article>  <article id="post-957024" class="hover:shadow-lg dark:bg-sophos-gray-900 border-sophos-gray-200 flex flex-col overflow-hidden text-gray-700 transition-all bg-white border rounded-md shadow-md post-957024 post type-post status-publish format-standard has-post-thumbnail hentry category-threat-research tag-blackcat tag-burntcigar tag-cuba tag-edr tag-edr-killer tag-kernel-driver tag-leaked-certificate tag-lockbit tag-medusa tag-poortry tag-ransomhub tag-ransomware tag-signature tag-signed-driver tag-stonestop region-en-us">  <a class="aspect-w-16 aspect-h-9 flex block bg-gray-400 bg-right bg-no-repeat bg-cover" href="https://news.sophos.com/en-us/2024/08/27/burnt-cigar-2/" rel="bookmark" style=" background-image: url('https://news.sophos.com/wp-content/uploads/2024/08/poortry2.png?w=640'); " ></a>  <div class="flex flex-col justify-between flex-grow">  <div class="sm:px-8 sm:py-8 p-4 py-6">  <div class="text-sophos-blue-600 font-sansMedium mb-2 text-xs leading-tight uppercase truncate" > August 27, 2024 </div>  <h2 class="text-style-h2 line-clamp-3 sm:mb-4 sm:text-2xl sm:leading-snug text-lg leading-tight text-gray-700"><a href="https://news.sophos.com/en-us/2024/08/27/burnt-cigar-2/" rel="bookmark" class="dark:text-white font-sansSemiBold font-semibold text-gray-900 no-underline cursor-pointer">Attack tool update impairs Windows computers</a></h2>  <div class="sm:line-clamp-3 dark:text-white hidden text-lg leading-snug" > An EDR killer Sophos X-Ops has tracked for three years continues to bedevil organizations targeted by ransomware gangs. </div> </div>  <div class="sm:px-8 sm:pb-8 sm:pt-4 flex items-end justify-between p-4 pt-0">  <div class="flex -space-x-3"> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2022/04/Andreas-Klopsch.png?w=96" class="avatar avatar-96 photo wp-post-image" alt="" /> </span> </div>  <div class="sm:flex hidden space-x-1 space-y-1 flex-wrap justify-end items-baseline space-x-1 space-y-1"> <a href="https://news.sophos.com/en-us/category/threat-research/" class="category-tag-pill">Threat Research</a> </div> </div> </div> </article>  <article id="post-956911" class="hover:shadow-lg dark:bg-sophos-gray-900 border-sophos-gray-200 flex flex-col overflow-hidden text-gray-700 transition-all bg-white border rounded-md shadow-md post-956911 post type-post status-publish format-standard has-post-thumbnail hentry category-security-operations category-threat-research tag-credentials tag-featured tag-incident-response tag-privacy tag-qilin tag-ransomware region-en-us">  <a class="aspect-w-16 aspect-h-9 flex block bg-gray-400 bg-right bg-no-repeat bg-cover" href="https://news.sophos.com/en-us/2024/08/22/qilin-ransomware-caught-stealing-credentials-stored-in-google-chrome/" rel="bookmark" style=" background-image: url('https://news.sophos.com/wp-content/uploads/2024/08/shutterstock_2149483333_32a7f2.jpg?w=640'); " ></a>  <div class="flex flex-col justify-between flex-grow">  <div class="sm:px-8 sm:py-8 p-4 py-6">  <div class="text-sophos-blue-600 font-sansMedium mb-2 text-xs leading-tight uppercase truncate" > August 22, 2024 </div>  <h2 class="text-style-h2 line-clamp-3 sm:mb-4 sm:text-2xl sm:leading-snug text-lg leading-tight text-gray-700"><a href="https://news.sophos.com/en-us/2024/08/22/qilin-ransomware-caught-stealing-credentials-stored-in-google-chrome/" rel="bookmark" class="dark:text-white font-sansSemiBold font-semibold text-gray-900 no-underline cursor-pointer">Qilin ransomware caught stealing credentials stored in Google Chrome</a></h2>  <div class="sm:line-clamp-3 dark:text-white hidden text-lg leading-snug" > Familiar ransomware develops an appetite for passwords to third-party sites </div> </div>  <div class="sm:px-8 sm:pb-8 sm:pt-4 flex items-end justify-between p-4 pt-0">  <div class="flex -space-x-3"> <span class="author-coin"> <img width="91" height="96" src="https://news.sophos.com/wp-content/uploads/2024/03/lee-kirkpatrick-headshot.jpg?w=91" class="avatar avatar-96 photo wp-post-image" alt="Lee Kirkpatrick" /> </span> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2024/05/paul-jacobs-headshot.png?w=96" class="avatar avatar-96 photo wp-post-image" alt="Paul Jacobs" /> </span> <span class="author-coin"> <img width="96" height="96" src="https://news.sophos.com/wp-content/uploads/2024/08/Harshal_Gosalia-e1724143014312.jpg?w=96" class="avatar avatar-96 photo wp-post-image" alt="Harshal Gosalia" /> </span> <span class="author-coin"> <img alt='' src='https://news.sophos.com/wp-content/themes/sophosnews-2017/img/avatars/avatar-one.png' class='avatar avatar-96 photo avatar-default' height='96' width='96' /> </span> </div>  <div class="sm:flex hidden space-x-1 space-y-1 flex-wrap justify-end items-baseline space-x-1 space-y-1"> <a href="https://news.sophos.com/en-us/category/security-operations/" class="category-tag-pill">Security Operations</a><a href="https://news.sophos.com/en-us/category/threat-research/" class="category-tag-pill">Threat Research</a> </div> </div> </div> </article> </div> </div> <div class="load-more text-center md:my-16 my-8"> <a href="#" class="round-button round-button--secondary"> Load More </a> </div> </div> </main> </div> </div>  <div class="bg-sophos-gray-50 md:py-16 px-4 pb-4 pt-8"> <div class="container max-w-2xl" x-show="!subscribed"> <div class="text-style-h2-lg"> Subscribe to get the latest updates in your inbox. </div> <div id="mc_embed_shell"> <link href="//cdn-images.mailchimp.com/embedcode/classic-061523.css" rel="stylesheet" type="text/css"> <style type="text/css"> /* Add your own Mailchimp form style overrides in your site stylesheet or in this style block. We recommend moving this block and the preceding CSS link to the HEAD of your HTML file. */ #mc_embed_signup form, #mc_embed_signup #mc-embedded-subscribe-form div.mce_inline_error { margin:0; background: transparent; } #mc_embed_signup input { border-color: rgba(240, 242, 244, var(--tw-border-opacity)); } #mc_embed_signup input#mc-embedded-subscribe { border-radius: 9999px; } #mc-embedded-subscribe { margin-left:0; } #mc_embed_signup .mc-field-group.input-group input { height:1rem; width:1rem; } #mc_embed_signup #mc-embedded-subscribe-form input.mce_inline_error { border-color: rgba( 209, 213, 219, var( --tw-border-opacity ) );} #mc_embed_signup #mce-success-response { display: block; color: #fff; font-weight: normal; padding: .75rem 1rem; margin: 0; } #mc_embed_signup div#mce-responses { padding: 0; width: 100%; margin: .5rem 0; } #mc_embed_signup div.response { width:100%; padding: .75rem 1rem; font-weight: normal; } </style> <div id="mc_embed_signup"> <form action="https://sophos.us2.list-manage.com/subscribe/post?u=2a2849a8c809119f4bd4929cc&id=8d6471d831&f_id=007062e1f0" method="post" id="mc-embedded-subscribe-form" name="mc-embedded-subscribe-form" class="validate" target="_blank"> <div id="mc_embed_signup_scroll"> <div class="mc-field-group"> <input type="email" name="EMAIL" class="required email" id="mce-EMAIL" required="" value="" placeholder="name@email.com"> <div id="mce-responses" class="clear flex flex-col my-6"> <div class="response font-sansMedium px-4 py-3 mt-2 text-sm font-medium text-white bg-black border rounded-md" id="mce-error-response" style="display: none;"></div> <div class="response font-sansMedium px-4 py-3 mt-2 text-sm font-medium text-white bg-black border rounded-md" id="mce-success-response" style="display: none;"></div> </div> </div> <div class="mc-field-group input-group mb-4 text-lg"> Which categories are you interested in? <ul> <li><input type="checkbox" name="group[3][1]" id="mce-group[3]-3-0" value=""><label for="mce-group[3]-3-0" class="text-style-form-label ml-2">Products and Services</label></li> <li><input type="checkbox" name="group[3][2]" id="mce-group[3]-3-1" value=""><label for="mce-group[3]-3-1" class="text-style-form-label ml-2">Threat Research</label></li> <li><input type="checkbox" name="group[3][4]" id="mce-group[3]-3-2" value=""><label for="mce-group[3]-3-2" class="text-style-form-label ml-2">Security Operations</label></li> <li><input type="checkbox" name="group[3][8]" id="mce-group[3]-3-3" value=""><label for="mce-group[3]-3-3" class="text-style-form-label ml-2">AI Research</label></li> <li><input type="checkbox" name="group[3][16]" id="mce-group[3]-3-4" value=""><label for="mce-group[3]-3-4" class="text-style-form-label ml-2">#SophosLife</label></li> </ul> </div> <div aria-hidden="true" style="position: absolute; left: -5000px;"> <input type="text" name="b_2a2849a8c809119f4bd4929cc_8d6471d831" tabindex="-1" value=""> </div> <div class="clear"> <input type="submit" name="subscribe" id="mc-embedded-subscribe" class="round-button round-button--primary" value="Subscribe"> </div> </div> </form> </div> </div> </div> </div> <footer class="bg-white border-t border-sophos-gray-200 " x-data="{ languageMenu: false, privacyMenu: false, legalMenu: false }" > <div class="container"> <div class="md:flex-row md:items-center flex flex-col justify-between py-8"> <div class="flex items-baseline flex-grow space-x-6">  <div class="relative mr-auto"> <a href="#" class="whitespace-nowrap font-sansMedium text-sophos-gray-600 inline-block text-xs font-medium leading-tight" @click.prevent="languageMenu = !languageMenu" @click.away="languageMenu = false" > Change Region <svg xmlns="http://www.w3.org/2000/svg" width="8" height="4" class="inline-block transition-transform transform" :class="{'rotate-180': languageMenu }" > <path fill="#7F8C9D" fill-rule="evenodd" d="M4 2.178L5.915.262a.708.708 0 01.996 0 .702.702 0 010 .995L4.75 3.415A.7.7 0 014 3.94a.702.702 0 01-.751-.524l-2.16-2.158a.702.702 0 11.996-.995L4 2.178z" /> </svg> </a>  <div class="focus:outline-none border-sophos-gray-200 absolute bottom-0 left-0 w-48 px-4 py-1 py-4 mb-8 -ml-4 origin-bottom-left bg-white border rounded-md shadow-md" role="menu" aria-orientation="vertical" aria-labelledby="user-menu" x-show="languageMenu" x-cloak x-transition:enter="transition-all ease-out duration-100" x-transition:enter-start="transform opacity-0 scale-95" x-transition:enter-end="transform opacity-100 scale-100" x-transition:leave="transition ease-in duration-75" x-transition:leave-start="transform opacity-100 scale-100" x-transition:leave-end="transform opacity-0 scale-95" > <ul class="font-sansMedium text-sophos-gray-600 space-y-1 text-xs font-medium" > <li> <a href="https://news.sophos.com/es-419"> Am茅rica Latina </a> </li> <li> <a href="https://news.sophos.com/pt-br"> Brasil </a> </li> <li> <a href="https://news.sophos.com/de-de"> Deutschland </a> </li> <li> <a href="https://news.sophos.com/en-us"> English </a> </li> <li> <a href="https://news.sophos.com/fr-fr"> France </a> </li> <li> <a href="https://news.sophos.com/es-es"> Iberia </a> </li> <li> <a href="https://news.sophos.com/it-it"> Italia </a> </li> <li> <a href="https://news.sophos.com/ja-jp"> Japan </a> </li> </ul> </div> </div>  <a href="https://www.sophos.com/en-us/legal/sophos-website.aspx" class="whitespace-nowrap font-sansMedium text-sophos-gray-600 inline-block ml-auto text-xs font-medium leading-tight" >Terms</a >  <span class="relative"> <a href="#" class="whitespace-nowrap font-sansMedium text-sophos-gray-600 inline-block text-xs font-medium leading-tight" @click.prevent="privacyMenu = !privacyMenu" @click.away="privacyMenu = false" > Privacy <svg xmlns="http://www.w3.org/2000/svg" width="8" height="4" class="inline-block transition-transform transform" :class="{'rotate-180': privacyMenu }" > <path fill="#7F8C9D" fill-rule="evenodd" d="M4 2.178L5.915.262a.708.708 0 01.996 0 .702.702 0 010 .995L4.75 3.415A.7.7 0 014 3.94a.702.702 0 01-.751-.524l-2.16-2.158a.702.702 0 11.996-.995L4 2.178z" /> </svg> </a> <div class="focus:outline-none border-sophos-gray-200 absolute bottom-0 left-0 w-48 px-4 py-1 py-4 mb-8 -ml-4 origin-bottom-left bg-white border rounded-md shadow-md" role="menu" aria-orientation="vertical" aria-labelledby="user-menu" x-show="privacyMenu" x-cloak x-transition:enter="transition-all ease-out duration-100" x-transition:enter-start="transform opacity-0 scale-95" x-transition:enter-end="transform opacity-100 scale-100" x-transition:leave="transition ease-in duration-75" x-transition:leave-start="transform opacity-100 scale-100" x-transition:leave-end="transform opacity-0 scale-95" > <ul class="font-sansMedium text-sophos-gray-600 space-y-1 text-xs font-medium" > <li> <a href="https://www.sophos.com/en-us/legal/sophos-group-privacy-policy.aspx" > Privacy Notice </a> </li> <li> <a href="https://www.sophos.com/en-us/legal/cookie-information.aspx" > Cookies </a> </li> </ul> </div> </span>  <span class="relative"> <a href="#" class="whitespace-nowrap font-sansMedium text-sophos-gray-600 inline-block text-xs font-medium leading-tight" @click.prevent="legalMenu = !legalMenu" @click.away="legalMenu = false" > Legal <svg xmlns="http://www.w3.org/2000/svg" width="8" height="4" class="inline-block transition-transform transform" :class="{'rotate-180': legalMenu }" > <path fill="#7F8C9D" fill-rule="evenodd" d="M4 2.178L5.915.262a.708.708 0 01.996 0 .702.702 0 010 .995L4.75 3.415A.7.7 0 014 3.94a.702.702 0 01-.751-.524l-2.16-2.158a.702.702 0 11.996-.995L4 2.178z" /> </svg> </a> <div class="focus:outline-none border-sophos-gray-200 absolute bottom-0 left-0 w-48 px-4 py-1 py-4 mb-8 -ml-4 origin-bottom-left bg-white border rounded-md shadow-md" role="menu" aria-orientation="vertical" aria-labelledby="user-menu" x-show="legalMenu" x-cloak x-transition:enter="transition-all ease-out duration-100" x-transition:enter-start="transform opacity-0 scale-95" x-transition:enter-end="transform opacity-100 scale-100" x-transition:leave="transition ease-in duration-75" x-transition:leave-start="transform opacity-100 scale-100" x-transition:leave-end="transform opacity-0 scale-95" > <ul class="font-sansMedium text-sophos-gray-600 space-y-1 text-xs font-medium" > <li> <a href="https://www.sophos.com/en-us/legal.aspx" > General </a> </li> <li> <a href="https://www.sophos.com/en-us/legal/modern-slavery-act-transparency-statement.aspx" > Modern Slavery Statement </a> </li> <li> <a href="https://secure.ethicspoint.eu/domain/media/en/gui/104916/index.html" > Speak Out </a> </li> </ul> </div> </span>  <div class="md:ml-6 mt-2 md:mt-0"> <span class="whitespace-nowrap font-sansMedium text-sophos-gray-600 inline-block text-xs font-medium leading-tight" > © 1997 - 2024 Sophos Ltd. All rights reserved </span> </div> </div> </div> </div> </div> </footer> <script type="text/javascript" id="sophos-js-core-js-extra"> /* <![CDATA[ */ var PG8Data = {"startPage":"1","maxPages":"52","nextLink":"https:\/\/news.sophos.com\/en-us\/category\/threat-research\/page\/2\/"}; /* ]]> */ </script> <script type="text/javascript" src="https://news.sophos.com/_static/??-eJyVjFEOwiAQBS8ku0Ka1H4Yz0LIpgVlIexqPb6YXqAk72sy83CvJhRWYkXdKJOglLoVYdrFuKudMUlfl8ozkvk4cGA7gANAkgue+gilDdj01eblvH8geGt8jVfB5+rjysNh9U2Z2nC3+uHkz3r0yHc7O7dM9rZM6Qegq6BH" ></script><script type="text/javascript" src="https://unpkg.com/alpinejs@2.8.1/dist/alpine.js?ver=2.0.3" id="alpine-js-js"></script> <script type="text/javascript" src="https://news.sophos.com/wp-content/themes/sophosnews-2017/js/sophos-mc-validate.js?m=1730121999g" ></script><script type="text/javascript" src="https://stats.wp.com/e-202448.js" id="jetpack-stats-js" data-wp-strategy="defer"></script> <script type="text/javascript" id="jetpack-stats-js-after"> /* <![CDATA[ */ _stq = window._stq || []; _stq.push([ "view", JSON.parse("{\"v\":\"ext\",\"blog\":\"166161023\",\"post\":\"0\",\"tz\":\"-5\",\"srv\":\"news.sophos.com\",\"hp\":\"vip\",\"j\":\"1:13.9.1\"}") ]); _stq.push([ "clickTrackerInit", "166161023", "0" ]); /* ]]> */ </script> </body> </html>