Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-21SophosLabs UncutAnand Aijan, Andrew Brandt, Markel Picado, Michael Wood, Sean Gallagher, Sivagnanam Gn, Suriya Natarajan
Nearly half of malware now use TLS to conceal communications
Agent Tesla Cobalt Strike Dridex SystemBC
2021-04-15SophosLabs UncutAndrew Brandt
BazarLoader deploys a pair of novel spam vectors
BazarBackdoor
2021-04-13SophosLabs UncutAndrew Brandt
Compromised Exchange server hosting cryptojacker targeting other Exchange servers
2021-03-31SophosMichael Heller
Sophos MTR in Real Time: What is Astro Locker Team?
Mount Locker
2021-03-24SophosLabs UncutMark Loman
Black Kingdom ransomware begins appearing on Exchange servers
2021-03-23SophosMark Loman
Black Kingdom ransomware begins appearing on Exchange servers
BlackKingdom Ransomware
2021-03-15Sophos LabsMark Loman
DearCry ransomware attacks exploit Exchange server vulnerabilities
dearcry WannaCryptor
2021-03-05SophosSOPHOS MTR
HAFNIUM: Advice about the new nation-state attack
2021-03-01Sophos LabsAndrew Brandt, Gabor Szappanos
“Gootloader” expands its payload delivery options
GootKit
2021-02-16SophosLabs UncutPeter Mackenzie, Tilly Travers
What to expect when you’ve been hit with Conti ransomware
Conti
2021-02-16SophosLabs UncutAnand Ajjan, Andrew Brandt
Conti ransomware: Evasive by nature
Conti
2021-02-16SophosLabs UncutMichael Heller
A Conti ransomware attack day-by-day
Conti
2021-02-03Sophos Managed Threat Response (MTR)Greg Iddon
MTR casebook: Uncovering a backdoor implant in a SolarWinds Orion server
RagnarLocker
2021-01-26SophosLabs UncutBill Kearney, David Anderson, Michael Heller, Peter Mackenzie, Sergio Bestulic
Nefilim Ransomware Attack Uses “Ghost” Credentials
Nefilim
2021-01-21Sophos LabsAndrew Brandt, Gabor Szappanos
MrbMiner: Cryptojacking to bypass international sanctions
2021-01-12SophosAndrew Brandt, Pankaj Kohli
New Android spyware targets users in Pakistan
PackChat
2020-12-21SophosLabs UncutSophosLabs Threat Research
How SunBurst malware does defense evasion
SUNBURST UNC2452
2020-12-16SophosLabs UncutSean Gallagher, Sivagnanam Gn
Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor
SystemBC
2020-12-15Github (sophos-cybersecurity)Sophos Cyber Security Team
solarwinds-threathunt
Cobalt Strike SUNBURST
2020-12-14SophosRoss McKerchar
Incident response playbook for responding to SolarWinds Orion compromise
SUNBURST