Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-01-24SophosChester Wisniewski
Log4Shell: No Mass Abuse, But No Respite, What Happened?
2022-01-19SophosColin Cowie, Mat Gangwer, Sophos MTR Team, Stan Andic
Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike
Cobalt Strike Zloader
2021-12-22SophosAnand Ajjan, Andrew Brandt, Ferenc László Nagy, Fraser Howard, Peter Mackenzie, Sergio Bestulic, Timothy Easton
Avos Locker remotely accesses boxes, even running in Safe Mode
AvosLocker
2021-12-21SophosAndrew Brandt, Stephen Ormandy
Attackers test “CAB-less 40444” exploit in a dry run
2021-12-20SophosSean Gallagher
Logjam: Log4j exploit attempts continue in globally distributed scans, attacks
2021-12-17SophosHardik Shah, Sean Gallagher
Inside the code: How the Log4Shell exploit works
2021-12-12SophosSean Gallagher
Log4Shell Hell: anatomy of an exploit outbreak
2021-11-23SophosPankaj Kohli
Android APT spyware, targeting Middle East victims, enhances evasiveness
2021-11-18SophosLabs UncutSean Gallagher
New ransomware actor uses password protected archives to bypass encryption protection
2021-11-18SophosElida Leite, Ferenc László Nagy, Gabor Szappanos, Harinder Bhathal, Kyle Link, Nirav Parekh, Rahul Dugar, Ratul Ghosh, Robert Weiland, Sean Gallagher, Sergio Bestuilic, Vikas Singh
New ransomware actor uses password-protected archives to bypass encryption protection
2021-11-11SophosLabs UncutAndrew Brandt
BazarLoader ‘call me back’ attack abuses Windows 10 Apps mechanism
BazarBackdoor
2021-10-24SophosSean Gallagher
Node poisoning: hijacked package delivers coin miner and credential-stealing backdoor
DanaBot Monero Miner
2021-10-05SophosAndrew Brandt, Andrew O’Donnell, Mauricio Valdivieso, Rajesh Nataraj
Python ransomware script targets ESXi server for encryption
2021-10-04SophosChaitanya Ghorpade, Kajal Katiyar, Krisztián Diriczi, Rahil Shah, Sean Gallagher, Vikas Singh
Atom Silo ransomware actors use Confluence exploit, DLL side-load for stealthy attack
ATOMSILO Cobalt Strike
2021-09-23SophosSean Gallagher
Phishing and malware actors abuse Google Forms for credentials, data exfiltration
2021-09-21SophosAndrew Brandt, Chaitanya Ghorpade, Krisztián Diriczi, Shefali Gupta, Vikas Singh
Cring ransomware group exploits ancient ColdFusion server
Cobalt Strike Cring
2021-09-03SophosAnand Ajjan, Andrew Ludgate, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Sergio Bestulic, Syed Zaidi
Conti affiliates use ProxyShell Exchange exploit in ransomware attacks
Cobalt Strike Conti
2021-09-01SophosAnand Ajjan, Andrew Brandt, Sean Gallagher, Yusuf Polat
Fake pirated software sites serve up malware droppers as a service
Raccoon
2021-08-27SophosMark Loman
LockFile ransomware’s box of tricks: intermittent encryption and evasion
LockFile
2021-08-23Sophos SecOpsGreg Iddon
ProxyShell vulnerabilities in Microsoft Exchange: What to do
LockFile