An annual survey of 5,400 IT decision makers on the scope, nature, and ramifications of ransomware attacks.

This study provides new insights into the state of cybersecurity skills and resources across the globe.

A survey of over 3,500 IT managers with data and workloads in the public cloud.

A detailed technical analysis of the Kingminer botnet malware, including the C&C network, infection vectors, payload, and auxiliary components.

A survey, conducted by Vanson Bourne, of 5,000 IT managers on their experiences with ransomware. Discusses prevalence, spread, techniques, and impact. (more available)

Sophos covers changes to data security threats going into 2020. It covers Mobile Malware trends,

Most blogs or papers about crypto-ransomware typically focus on the threat’s delivery, encryption algorithms and communication, with associated indicators of compromise (IOCs). (more available)

Contrary to popular belief, every device is worth hacking when the process is automated. It doesn’t matter who or where you are, if you own a company big or small, or have technology in the home – every device can be monetized by an enterprising criminal. (more available)

From the report, “As the report that follows describes, SophosLabs has been observing a small but growing number of criminals forced to resort to a variety of manual hacking techniques – previously the purview of esoteric, targeted attackers – just to maintain their dishonorable income streams. (more available)

This paper analyzes a cleanup app that is actually malicious.

SophosLabs takes a specific look at threats being downloaded on GooglePlay that mine a mobile phone’s resources while searching for cryptocurrency. (more available)

This paper takes a look at a smaller Ransomware family that has not received as much press as the other bigger ransomware families. (more available)

This report provides an inside look at a threat being downloaded on Google Play.

In this paper, they explore the differences between legitimate mining and cryptojacking; how cryptojacking works; the costs of cryptojacking to today’s organizations; and practical steps you can take to avoid being a victim of cryptojacking. (more available)

This paper set out to study the inner workings of a bankbot because they predict we will see more bankbots in the future. (more available)

Some statistics that jump out from this report, 76% of respondents see ransomware as significant business threat, 52% rate their organizations at above average or superior when it comes to detecting or blocking ransomware before it locks or encrypts data in their systems, 57% say they are more likely to be a ransomware target in 2017. (more available)

This report takes a look at the SamSam ransomware. A ransomware that unlike most ransomware, goes after specific organizations.

Rogueware has been reborn in the Android ecosystem, particularly on Google Play. This research paper reveals that hundreds of antivirus and optimization tool apps on Google Play mislead users into believing that they have a virus or performance problems on their devices to manipulate them to install other fake tools. (more available)

This report provides a thorough analysis of Philadelphia, a a chilling example of ransomware as a service.

This is a very good guide to building a good threat detection model for machine learning.

In this report, they review malicious activity that SophosLabs analyzed and protected their clients from in 2017. They take that data and project what can be expected from 2018. (more available)