Click here to download all references as Bib-File.•
2021-02-03
⋅
Sophos Managed Threat Response (MTR)
⋅
MTR casebook: Uncovering a backdoor implant in a SolarWinds Orion server RagnarLocker |
2021-01-26
⋅
SophosLabs Uncut
⋅
Nefilim Ransomware Attack Uses “Ghost” Credentials Nefilim |
2021-01-21
⋅
Sophos Labs
⋅
MrbMiner: Cryptojacking to bypass international sanctions |
2021-01-12
⋅
Sophos
⋅
New Android spyware targets users in Pakistan PackChat |
2020-12-21
⋅
SophosLabs Uncut
⋅
How SunBurst malware does defense evasion SUNBURST UNC2452 |
2020-12-16
⋅
SophosLabs Uncut
⋅
Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor SystemBC |
2020-12-15
⋅
Github (sophos-cybersecurity)
⋅
solarwinds-threathunt Cobalt Strike SUNBURST |
2020-12-14
⋅
Sophos
⋅
Incident response playbook for responding to SolarWinds Orion compromise SUNBURST |
2020-12-14
⋅
Sophos
⋅
Sophos-ReversingLabs (SOREL) 20 Million sample malware dataset |
2020-12-08
⋅
Sophos
⋅
Egregor ransomware: Maze’s heir apparent Egregor Maze |
2020-11-18
⋅
Sophos
⋅
SOPHOS 2021 THREAT REPORT Navigating cybersecurity in an uncertain world Agent Tesla Dridex TrickBot Zloader |
2020-11-04
⋅
Sophos
⋅
A new APT uses DLL side-loads to “KilllSomeOne” KilllSomeOne PlugX |
2020-10-29
⋅
Twitter (@SophosLabs)
⋅
Tweet on similarities between BUER in-memory loader & RYUK in-memory loader Buer Ryuk |
2020-10-28
⋅
SophosLabs Uncut
⋅
Hacks for sale: inside the Buer Loader malware-as-a-service Buer Ryuk Zloader |
2020-10-27
⋅
Sophos Managed Threat Response (MTR)
⋅
MTR Casebook: An active adversary caught in the act Cobalt Strike |
2020-10-21
⋅
SophosLabs Uncut
⋅
LockBit uses automated attack tools to identify tasty targets LockBit |
2020-10-14
⋅
Sophos
⋅
They’re back: inside a new Ryuk ransomware attack Cobalt Strike Ryuk SystemBC |
2020-09-24
⋅
SophosLabs
⋅
Email-delivered MoDi RAT attack pastes PowerShell commands MoDi RAT |
2020-09-24
⋅
SophosLabs Uncut
⋅
Email-delivered MoDi RAT attack pastes PowerShell commands DBatLoader |
2020-09-22
⋅
Sophos SecOps
⋅
MTR Casebook: Blocking a $15 million Maze ransomware attack Maze |