Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-06-11SophosLabs UncutAnand Ajjan, Andrew Brandt, Hajnalka Kope, Mark Loman, Peter Mackenzie
Relentless REvil, revealed: RaaS as variable as the criminals who use it
REvil
2021-05-28SophosLabs UncutAndrew Brandt
A new ransomware enters the fray: Epsilon Red
Epsilon Red
2021-05-05SophosLabs UncutAndrew Brandt, Gabor Szappanos, Peter Mackenzie, Vikas Singh
Intervention halts a ProxyLogon-enabled attack
Cobalt Strike
2021-04-21SophosLabs UncutAnand Aijan, Andrew Brandt, Markel Picado, Michael Wood, Sean Gallagher, Sivagnanam Gn, Suriya Natarajan
Nearly half of malware now use TLS to conceal communications
Agent Tesla Cobalt Strike Dridex SystemBC
2021-04-15SophosLabs UncutAndrew Brandt
BazarLoader deploys a pair of novel spam vectors
BazarBackdoor
2021-04-13SophosLabs UncutAndrew Brandt
Compromised Exchange server hosting cryptojacker targeting other Exchange servers
2021-03-01Sophos LabsAndrew Brandt, Gabor Szappanos
“Gootloader” expands its payload delivery options
GootKit
2021-02-16SophosLabs UncutAnand Ajjan, Andrew Brandt
Conti ransomware: Evasive by nature
Conti
2021-01-21Sophos LabsAndrew Brandt, Gabor Szappanos
MrbMiner: Cryptojacking to bypass international sanctions
2021-01-12SophosAndrew Brandt, Pankaj Kohli
New Android spyware targets users in Pakistan
PackChat
2020-09-24SophosLabs UncutAndrew Brandt, Andrew O'Donnell, Fraser Howard
Email-delivered MoDi RAT attack pastes PowerShell commands
DBatLoader
2020-09-17SophosLabs UncutAndrew Brandt, Peter Mackenzie
Maze attackers adopt Ragnar Locker virtual machine technique
Maze
2020-07-29Sophos LabsAndrew Brandt
Emotet’s return is the canary in the coal mine
Emotet
2020-06-24Sophos LabsAndrew Brandt
Glupteba malware hides in plain sight
Glupteba
2020-05-27SophosLabsAndrew Brandt, Gabor Szappanos
Netwalker ransomware tools give insight into threat actor
Mailto
2020-02-06SophosAndrew Brandt, Mark Loman
Living off another land: Ransomware borrows vulnerable driver to remove security software
RobinHood
2019-12-09SophosLabs UncutAndrew Brandt
Snatch ransomware reboots PCs into Safe Mode to bypass protection
Snatch
2019-05-24SophosLabs UncutAndrew Brandt
Directed attacks against MySQL servers deliver ransomware
Gandcrab
2019-05-10SophosLabs UncutAndrew Brandt
MegaCortex, deconstructed: mysteries mount as analysis continues
MegaCortex
2019-05-03SophosAndrew Brandt
“MegaCortex” ransomware wants to be The One
MegaCortex
2019-01-30SophosLabs UncutAndrew Brandt
Matrix: Targeted, small scale, canary in the coalmine ransomware
Matrix Ransom
2018-11-29SophosLabs UncutAndrew Brandt
How a SamSam-like attack happens, and what you can do about it
SamSam
2018-08-01SophosLabsAndrew Brandt, Claire Mackenzie, Dorka Palotay, Hajnalka Kope, Luca Nagy, Mark Stockley, Peter Mackenzie, Simon Porter
SamSam: The (Almost) Six Million Dollar Ransomware
SamSam
2018-07-31SophosLabs UncutAndrew Brandt
SamSam guide to coverage
SamSam
2018-07-31SophosLabs UncutAndrew Brandt
Sophos releases SamSam ransomware report
SamSam