Malpedia Library

Click here to download all references as Bib-File.•

2021-09-03 ⋅ Sophos ⋅ Anand Ajjan, Andrew Ludgate, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Sergio Bestulic, Syed Zaidi
Conti affiliates use ProxyShell Exchange exploit in ransomware attacks
Cobalt Strike Conti

2021-09-01 ⋅ Sophos ⋅ Anand Ajjan, Andrew Brandt, Sean Gallagher, Yusuf Polat
Fake pirated software sites serve up malware droppers as a service
Raccoon

2021-08-27 ⋅ Sophos ⋅ Mark Loman
LockFile ransomware’s box of tricks: intermittent encryption and evasion
LockFile

2021-08-23 ⋅ Sophos SecOps ⋅ Greg Iddon
ProxyShell vulnerabilities in Microsoft Exchange: What to do
LockFile

2021-08-12 ⋅ Sophos ⋅ Andrew Brandt, Gabor Szappanos
Gootloader’s “mothership” controls malicious content
GootLoader

2021-08-09 ⋅ Sophos ⋅ Mark Loman
BlackMatter ransomware emerges from the shadow of DarkSide
BlackMatter BlackMatter

2021-08-06 ⋅ Sophos Naked Security ⋅ Paul Ducklin
Conti ransomware affiliate goes rogue, leaks “gang data”
Conti

2021-08-03 ⋅ Sophos ⋅ Sean Gallagher, Yusuf Arslan Polat
Trash Panda as a Service: Raccoon Stealer steals cookies, cryptocoins, and more
Raccoon

2021-07-22 ⋅ Sophos ⋅ Andrew Brandt, Sean Gallagher
Malware increasingly targets Discord for abuse

2021-07-09 ⋅ Twitter (@SophosLabs) ⋅ SophosLabs
Tweet on speed at which Kaseya REvil attack was conducted
REvil

2021-07-05 ⋅ Twitter (@SophosLabs) ⋅ SophosLabs
Tweet with a REvil ransomware execution demo
REvil

2021-07-04 ⋅ Sophos ⋅ Anand Ajjan, Mark Loman, Sean Gallagher
Independence Day: REvil uses supply chain exploit to attack hundreds of businesses
REvil