Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-10-29Twitter (@SophosLabs)SophosLabs
Tweet on similarities between BUER in-memory loader & RYUK in-memory loader
Buer Ryuk
2020-10-28SophosLabs UncutAnand Ajjan, Bill Kearny, Brett Cove, Elida Leite, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Syed Shahram
Hacks for sale: inside the Buer Loader malware-as-a-service
Buer Ryuk Zloader
2020-10-21SophosLabs UncutSean Gallagher
LockBit uses automated attack tools to identify tasty targets
LockBit
2020-09-24SophosLabsSophosLabs
Email-delivered MoDi RAT attack pastes PowerShell commands
MoDi RAT
2020-09-24SophosLabs UncutAndrew Brandt, Andrew O'Donnell, Fraser Howard
Email-delivered MoDi RAT attack pastes PowerShell commands
DBatLoader
2020-09-17SophosLabs UncutAndrew Brandt, Peter Mackenzie
Maze attackers adopt Ragnar Locker virtual machine technique
Maze
2020-08-12SophosLabs UncutSean Gallagher
Color by numbers: inside a Dharma ransomware-as-a-service attack
Dharma
2020-08-04SophosLabs UncutAnand Ajjan, Mark Loman
WastedLocker’s techniques point to a familiar heritage
WastedLocker
2020-07-14SophosLabs UncutMarkel Picado, Sean Gallagher
RATicate upgrades “RATs as a Service” attacks with commercial “crypter”
LokiBot BetaBot CloudEyE NetWire RC
2020-05-27SophosLabsAndrew Brandt, Gabor Szappanos
Netwalker ransomware tools give insight into threat actor
Mailto
2020-05-21SophosSophosLabs Uncut
Asnarök attackers twice modified attack midstream
NOTROBIN Ragnarok
2020-05-21SophosSophosLabs Uncut
Ragnar Locker ransomware deploys virtual machine to dodge security
RagnarLocker
2020-05-14SophosLabsMarkel Picado
RATicate: an attacker’s waves of information-stealing malware
Agent Tesla BetaBot BlackRemote Formbook Loki Password Stealer (PWS) NetWire RC NjRAT Remcos
2020-05-12SophosLabs UncutSophos
Maze ransomware: extorting victims for 1 year and counting
Maze
2020-03-05SophosLabsSergei Shevchenko
Cloud Snooper Attack Bypasses AWS Security Measures
Cloud Snooper Ghost RAT
2019-12-24SophosSophosLabs Threat Research
Gozi V3: tracked by their own stealth
ISFB
2019-12-09SophosLabs UncutAndrew Brandt
Snatch ransomware reboots PCs into Safe Mode to bypass protection
Snatch
2019-09-18SophosLabs UncutPeter Mackenzie
The WannaCry hangover
WannaCryptor
2019-09-17SophosLabsPeter Mackenzie
WannaCry Aftershock
WannaCryptor
2019-08-05SophosLabsAlbert Zsigovits
Baldr vs The World: A credential thief's burst of creative energy delivers a dangerous new threat
Baldr