Click here to download all references as Bib-File.•
| 2021-05-18
⋅
Sophos
⋅
The Active Adversary Playbook 2021 Cobalt Strike MimiKatz |
| 2021-05-11
⋅
Sophos
⋅
A defender’s view inside a DarkSide ransomware attack DarkSide |
| 2021-05-06
⋅
Sophos Labs
⋅
MTR in Real Time: Pirates pave way for Ryuk ransomware Ryuk |
| 2021-05-05
⋅
SophosLabs Uncut
⋅
Intervention halts a ProxyLogon-enabled attack Cobalt Strike |
| 2021-04-22
⋅
Twitter (@AltShiftPrtScn)
⋅
Twwet On TTPs seen in IR used by DOPPEL SPIDER Cobalt Strike DoppelPaymer |
| 2021-02-16
⋅
SophosLabs Uncut
⋅
What to expect when you’ve been hit with Conti ransomware Conti |
| 2021-01-26
⋅
SophosLabs Uncut
⋅
Nefilim Ransomware Attack Uses “Ghost” Credentials Nefilim |
| 2021-01-17
⋅
Twitter (@AltShiftPrtScn)
⋅
Tweet on Conti Ransomware group exploiting FortiGate VPNs to drop in CobaltStrike loaders Cobalt Strike Conti |
| 2020-12-21
⋅
IronNet
⋅
SolarWinds/SUNBURST: DGA or DNS Tunneling? SUNBURST |
| 2020-12-08
⋅
Sophos
⋅
Egregor ransomware: Maze’s heir apparent Egregor Maze |
| 2020-11-16
⋅
ESET Research
⋅
Lazarus supply‑chain attack in South Korea BookCodes RAT Lazarus Group |
| 2020-10-28
⋅
SophosLabs Uncut
⋅
Hacks for sale: inside the Buer Loader malware-as-a-service Buer Ryuk Zloader |
| 2020-09-17
⋅
SophosLabs Uncut
⋅
Maze attackers adopt Ragnar Locker virtual machine technique Maze |
| 2020-07-11
⋅
Trustwave
⋅
Injecting Magecart into Magento Global Config magecart |
| 2020-05-14
⋅
ESET Research
⋅
Mikroceen: Spying backdoor leveraged in high‑profile networks in Central Asia Microcin Vicious Panda |
| 2020-05-14
⋅
ESET Research
⋅
Mikroceen: Spying backdoor leveraged in high‑profile networks in Central Asia BYEBY Microcin |
| 2020-01-31
⋅
Virus Bulletin
⋅
Rich Headers: leveraging this mysterious artifact of the PE format Dridex Exaramel Industroyer Neutrino RCS Sathurbot |
| 2020-01-13
⋅
Gigamon
⋅
Emotet: Not your Run-of-the-mill Malware Emotet |
| 2019-12-12
⋅
Mr.Peter MrPeter |
| 2019-09-18
⋅
SophosLabs Uncut
⋅
The WannaCry hangover WannaCryptor |