When cybercriminals eat their own – Sophos News
At Sophos X-Ops, we often get queries from our customers asking if they’re protected against certain malware variants. At first glance, a recent question...
INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure
Jun 11, 2025Ravie LakshmananCybercrime / Malware
INTERPOL on Wednesday announced the dismantling of more than 20,000 malicious IP addresses or domains that have been linked...
NICKEL TAPESTRY expands fraudulent worker operations – Sophos News
With this post, the X-Ops blog is thrilled to present research from our Sophos siblings newly joining us from Secureworks, of which CTU (the...
Librarian Ghouls APT carries out attacks with data theft and crypto miner deployment
Introduction
Librarian Ghouls, also known as “Rare Werewolf” and “Rezet”, is an APT group that targets entities in Russia and the CIS. Other security vendors...
Extracting With pngdump.py – SANS Internet Storm Center
Inspired by Xavier's diary entry "A PNG Image With an Embedded Gift", I updated my pngdump.py program to enable the extraction of chunks and...
Marks & Spencer’s ransomware nightmare
Over Easter, retail giant Marks & Spencer (M&S) discovered that it had suffered a highly damaging ransomware attack that left some shop shelves empty,...
