Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-10-14SophosSean Gallagher
They’re back: inside a new Ryuk ransomware attack
Cobalt Strike Ryuk SystemBC
2020-09-24SophosLabsSophosLabs
Email-delivered MoDi RAT attack pastes PowerShell commands
MoDi RAT
2020-09-24SophosLabs UncutAndrew Brandt, Andrew O'Donnell, Fraser Howard
Email-delivered MoDi RAT attack pastes PowerShell commands
DBatLoader
2020-09-22Sophos SecOpsGreg Iddon
MTR Casebook: Blocking a $15 million Maze ransomware attack
Maze
2020-09-17SophosLabs UncutAndrew Brandt, Peter Mackenzie
Maze attackers adopt Ragnar Locker virtual machine technique
Maze
2020-08-12SophosLabs UncutSean Gallagher
Color by numbers: inside a Dharma ransomware-as-a-service attack
Dharma
2020-08-04SophosLabs UncutAnand Ajjan, Mark Loman
WastedLocker’s techniques point to a familiar heritage
WastedLocker
2020-07-29Sophos LabsAndrew Brandt
Emotet’s return is the canary in the coal mine
Emotet
2020-07-27Sophos LabsSean Gallagher
ProLock ransomware gives you the first 8 kilobytes of decryption for free
PwndLocker
2020-07-14SophosLabs UncutMarkel Picado, Sean Gallagher
RATicate upgrades “RATs as a Service” attacks with commercial “crypter”
LokiBot BetaBot CloudEyE NetWire RC
2020-06-24Sophos Naked SecurityPaul Ducklin
Glupteba - the malware that gets secret messages from the Bitcoin blockchain
Glupteba
2020-06-24Sophos LabsAndrew Brandt
Glupteba malware hides in plain sight
Glupteba
2020-06-09Sophos LabsGabor Szappanos, Vikas Singh
Kingminer escalates attack complexity for cryptomining
Kingminer
2020-06-04Sophos Naked SecurityLisa Vaas
Nuclear missile contractor hacked in Maze ransomware attack
Maze
2020-06-01Sophos LabsGabor Szappanos, Vikas Singh
THE INCREASINGLY COMPLEX KINGMINER BOTNET
Kingminer
2020-05-27SophosLabsAndrew Brandt, Gabor Szappanos
Netwalker ransomware tools give insight into threat actor
Mailto
2020-05-21SophosSophosLabs Uncut
Asnarök attackers twice modified attack midstream
NOTROBIN Ragnarok
2020-05-21SophosSophosLabs Uncut
Ragnar Locker ransomware deploys virtual machine to dodge security
RagnarLocker
2020-05-14SophosLabsMarkel Picado
RATicate: an attacker’s waves of information-stealing malware
Agent Tesla BetaBot BlackRemote Formbook Loki Password Stealer (PWS) NetWire RC NjRAT Remcos
2020-05-12SophosLabs UncutSophos
Maze ransomware: extorting victims for 1 year and counting
Maze