Click here to download all references as Bib-File.•
| 2023-03-09
⋅
Sophos
⋅
A border-hopping PlugX USB worm takes its act on the road PlugX |
| 2022-11-03
⋅
Sophos
⋅
Family Tree: DLL-Sideloading Cases May Be Related DARKDEW MISTCLOAK |
| 2022-07-20
⋅
Sophos
⋅
OODA: X-Ops Takes On Burgeoning SQL Server Attacks Maoloa Remcos TargetCompany |
| 2022-02-01
⋅
Sophos
⋅
SolarMarker campaign used novel registry changes to establish persistence solarmarker |
| 2021-11-18
⋅
Sophos
⋅
New ransomware actor uses password-protected archives to bypass encryption protection |
| 2021-09-03
⋅
Sophos
⋅
Conti affiliates use ProxyShell Exchange exploit in ransomware attacks Cobalt Strike Conti |
| 2021-08-12
⋅
Sophos
⋅
Gootloader’s “mothership” controls malicious content GootLoader |
| 2021-05-11
⋅
Sophos
⋅
A defender’s view inside a DarkSide ransomware attack DarkSide |
| 2021-05-05
⋅
SophosLabs Uncut
⋅
Intervention halts a ProxyLogon-enabled attack Cobalt Strike |
| 2021-03-01
⋅
Sophos Labs
⋅
“Gootloader” expands its payload delivery options GootKit |
| 2021-01-21
⋅
Sophos Labs
⋅
MrbMiner: Cryptojacking to bypass international sanctions |
| 2020-12-08
⋅
Sophos
⋅
Egregor ransomware: Maze’s heir apparent Egregor Maze |
| 2020-11-04
⋅
Sophos
⋅
A new APT uses DLL side-loads to “KilllSomeOne” KilllSomeOne PlugX |
| 2020-10-28
⋅
SophosLabs Uncut
⋅
Hacks for sale: inside the Buer Loader malware-as-a-service Buer Ryuk Zloader |
| 2020-06-09
⋅
Sophos Labs
⋅
Kingminer escalates attack complexity for cryptomining Kingminer |
| 2020-06-01
⋅
Sophos Labs
⋅
THE INCREASINGLY COMPLEX KINGMINER BOTNET Kingminer |
| 2020-05-27
⋅
SophosLabs
⋅
Netwalker ransomware tools give insight into threat actor Mailto |
| 2019-12-18
⋅
Sophos
⋅
MyKings: The slow but steady growth of a relentless botnet MyKings Spreader |
| 2016-07-01
⋅
Virus Bulletin
⋅
New Keylogger on the Block KeyBase |
| 2014-06-27
⋅
SophosLabs
⋅
PlugX - The Next Generation PlugX |
| 2014-02-03
⋅
Virus Bulletin
⋅
Needle in a haystack Evasive Panda |