Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-06-11SophosLabs UncutAnand Ajjan, Andrew Brandt, Hajnalka Kope, Mark Loman, Peter Mackenzie
Relentless REvil, revealed: RaaS as variable as the criminals who use it
REvil
2021-06-02SophosSean Gallagher
AMSI bypasses remain tricks of the malware trade
Agent Tesla Cobalt Strike Meterpreter
2021-05-28SophosLabs UncutAndrew Brandt
A new ransomware enters the fray: Epsilon Red
Epsilon Red
2021-05-18SophosGreg Iddon, John Shier, Mat Gangwer, Peter Mackenzie
The Active Adversary Playbook 2021
Cobalt Strike MimiKatz
2021-05-11SophosFerenc László Nagy, Gabor Szappanos, Mark Loman, Peter Mackenzie, Sean Gallagher, Suriya Natarajan, Szabolcs Lévai, Yusuf Arslan Polat
A defender’s view inside a DarkSide ransomware attack
DarkSide
2021-05-07SophosLabs UncutRajesh Nataraj
New Lemon Duck variants exploiting Microsoft Exchange Server
CHINACHOPPER Cobalt Strike Lemon Duck
2021-05-06Sophos LabsBill Kearney, Kyle Link, Matthew Sharf, Peter Mackenzie, Tilly Travers
MTR in Real Time: Pirates pave way for Ryuk ransomware
Ryuk
2021-05-05SophosLabs UncutAndrew Brandt, Gabor Szappanos, Peter Mackenzie, Vikas Singh
Intervention halts a ProxyLogon-enabled attack
Cobalt Strike
2021-04-21SophosLabs UncutAnand Aijan, Andrew Brandt, Markel Picado, Michael Wood, Sean Gallagher, Sivagnanam Gn, Suriya Natarajan
Nearly half of malware now use TLS to conceal communications
Agent Tesla Cobalt Strike Dridex SystemBC
2021-04-15SophosLabs UncutAndrew Brandt
BazarLoader deploys a pair of novel spam vectors
BazarBackdoor
2021-04-13SophosLabs UncutAndrew Brandt
Compromised Exchange server hosting cryptojacker targeting other Exchange servers
2021-03-31SophosMichael Heller
Sophos MTR in Real Time: What is Astro Locker Team?
Mount Locker
2021-03-24SophosLabs UncutMark Loman
Black Kingdom ransomware begins appearing on Exchange servers
2021-03-23SophosMark Loman
Black Kingdom ransomware begins appearing on Exchange servers
BlackKingdom Ransomware
2021-03-15Sophos LabsMark Loman
DearCry ransomware attacks exploit Exchange server vulnerabilities
dearcry WannaCryptor
2021-03-05SophosSOPHOS MTR
HAFNIUM: Advice about the new nation-state attack
2021-03-01Sophos LabsAndrew Brandt, Gabor Szappanos
“Gootloader” expands its payload delivery options
GootKit
2021-02-16SophosLabs UncutPeter Mackenzie, Tilly Travers
What to expect when you’ve been hit with Conti ransomware
Conti
2021-02-16SophosLabs UncutAnand Ajjan, Andrew Brandt
Conti ransomware: Evasive by nature
Conti
2021-02-16SophosLabs UncutMichael Heller
A Conti ransomware attack day-by-day
Conti