Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-02-03Sophos Managed Threat Response (MTR)Greg Iddon
MTR casebook: Uncovering a backdoor implant in a SolarWinds Orion server
RagnarLocker
2021-01-26SophosLabs UncutBill Kearney, David Anderson, Michael Heller, Peter Mackenzie, Sergio Bestulic
Nefilim Ransomware Attack Uses “Ghost” Credentials
Nefilim
2021-01-21Sophos LabsAndrew Brandt, Gabor Szappanos
MrbMiner: Cryptojacking to bypass international sanctions
2021-01-12SophosAndrew Brandt, Pankaj Kohli
New Android spyware targets users in Pakistan
PackChat
2020-12-21SophosLabs UncutSophosLabs Threat Research
How SunBurst malware does defense evasion
SUNBURST UNC2452
2020-12-16SophosLabs UncutSean Gallagher, Sivagnanam Gn
Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor
SystemBC
2020-12-15Github (sophos-cybersecurity)Sophos Cyber Security Team
solarwinds-threathunt
Cobalt Strike SUNBURST
2020-12-14SophosRoss McKerchar
Incident response playbook for responding to SolarWinds Orion compromise
SUNBURST
2020-12-14SophosRichard Harang
Sophos-ReversingLabs (SOREL) 20 Million sample malware dataset
2020-12-08SophosAnand Aijan, Bill Kearney, Gabor Szappanos, Mark Loman, Peter Mackenzie, Sean Gallagher, Sergio Bestulic, Syed Shahram
Egregor ransomware: Maze’s heir apparent
Egregor Maze
2020-11-18SophosSophos
SOPHOS 2021 THREAT REPORT Navigating cybersecurity in an uncertain world
Agent Tesla Dridex TrickBot Zloader
2020-11-04SophosGabor Szappanos
A new APT uses DLL side-loads to “KilllSomeOne”
KilllSomeOne PlugX
2020-10-29Twitter (@SophosLabs)SophosLabs
Tweet on similarities between BUER in-memory loader & RYUK in-memory loader
Buer Ryuk
2020-10-28SophosLabs UncutAnand Ajjan, Bill Kearny, Brett Cove, Elida Leite, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Syed Shahram
Hacks for sale: inside the Buer Loader malware-as-a-service
Buer Ryuk Zloader
2020-10-27Sophos Managed Threat Response (MTR)Greg Iddon
MTR Casebook: An active adversary caught in the act
Cobalt Strike
2020-10-21SophosLabs UncutSean Gallagher
LockBit uses automated attack tools to identify tasty targets
LockBit
2020-10-14SophosSean Gallagher
They’re back: inside a new Ryuk ransomware attack
Cobalt Strike Ryuk SystemBC
2020-09-24SophosLabsSophosLabs
Email-delivered MoDi RAT attack pastes PowerShell commands
MoDi RAT
2020-09-24SophosLabs UncutAndrew Brandt, Andrew O'Donnell, Fraser Howard
Email-delivered MoDi RAT attack pastes PowerShell commands
DBatLoader
2020-09-22Sophos SecOpsGreg Iddon
MTR Casebook: Blocking a $15 million Maze ransomware attack
Maze