Click here to download all references as Bib-File.
2022-01-19 ⋅ Sophos ⋅ Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike Cobalt Strike Zloader |
2021-12-22 ⋅ Sophos ⋅ Avos Locker remotely accesses boxes, even running in Safe Mode AvosLocker |
2021-12-21 ⋅ Sophos ⋅ Attackers test “CAB-less 40444” exploit in a dry run |
2021-12-20 ⋅ Sophos ⋅ Logjam: Log4j exploit attempts continue in globally distributed scans, attacks |
2021-12-17 ⋅ Sophos ⋅ Inside the code: How the Log4Shell exploit works |
2021-12-12 ⋅ Sophos ⋅ Log4Shell Hell: anatomy of an exploit outbreak |
2021-11-23 ⋅ Sophos ⋅ Android APT spyware, targeting Middle East victims, enhances evasiveness |
2021-11-18 ⋅ SophosLabs Uncut ⋅ New ransomware actor uses password protected archives to bypass encryption protection |
2021-11-18 ⋅ Sophos ⋅ New ransomware actor uses password-protected archives to bypass encryption protection |
2021-11-11 ⋅ SophosLabs Uncut ⋅ BazarLoader ‘call me back’ attack abuses Windows 10 Apps mechanism BazarBackdoor |
2021-10-24 ⋅ Sophos ⋅ Node poisoning: hijacked package delivers coin miner and credential-stealing backdoor DanaBot Monero Miner |
2021-10-05 ⋅ Sophos ⋅ Python ransomware script targets ESXi server for encryption |
2021-10-04 ⋅ Sophos ⋅ Atom Silo ransomware actors use Confluence exploit, DLL side-load for stealthy attack ATOMSILO Cobalt Strike |
2021-09-23 ⋅ Sophos ⋅ Phishing and malware actors abuse Google Forms for credentials, data exfiltration |
2021-09-21 ⋅ Sophos ⋅ Cring ransomware group exploits ancient ColdFusion server Cobalt Strike Cring |
2021-09-03 ⋅ Sophos ⋅ Conti affiliates use ProxyShell Exchange exploit in ransomware attacks Cobalt Strike Conti |
2021-09-01 ⋅ Sophos ⋅ Fake pirated software sites serve up malware droppers as a service Raccoon |
2021-08-27 ⋅ Sophos ⋅ LockFile ransomware’s box of tricks: intermittent encryption and evasion LockFile |
2021-08-23 ⋅ Sophos SecOps ⋅ ProxyShell vulnerabilities in Microsoft Exchange: What to do LockFile |
2021-08-12 ⋅ Sophos ⋅ Gootloader’s “mothership” controls malicious content GootLoader |