Click here to download all references as Bib-File.
2023-03-09 ⋅ Sophos ⋅ A border-hopping PlugX USB worm takes its act on the road PlugX |
2022-11-03 ⋅ Sophos ⋅ Family Tree: DLL-Sideloading Cases May Be Related DARKDEW MISTCLOAK |
2022-07-20 ⋅ Sophos ⋅ OODA: X-Ops Takes On Burgeoning SQL Server Attacks Maoloa Remcos TargetCompany |
2022-02-01 ⋅ Sophos ⋅ SolarMarker campaign used novel registry changes to establish persistence solarmarker |
2021-11-18 ⋅ Sophos ⋅ New ransomware actor uses password-protected archives to bypass encryption protection |
2021-09-03 ⋅ Sophos ⋅ Conti affiliates use ProxyShell Exchange exploit in ransomware attacks Cobalt Strike Conti |
2021-08-12 ⋅ Sophos ⋅ Gootloader’s “mothership” controls malicious content GootLoader |
2021-05-11 ⋅ Sophos ⋅ A defender’s view inside a DarkSide ransomware attack DarkSide |
2021-05-05 ⋅ SophosLabs Uncut ⋅ Intervention halts a ProxyLogon-enabled attack Cobalt Strike |
2021-03-01 ⋅ Sophos Labs ⋅ “Gootloader” expands its payload delivery options GootKit |
2021-01-21 ⋅ Sophos Labs ⋅ MrbMiner: Cryptojacking to bypass international sanctions |
2020-12-08 ⋅ Sophos ⋅ Egregor ransomware: Maze’s heir apparent Egregor Maze |
2020-11-04 ⋅ Sophos ⋅ A new APT uses DLL side-loads to “KilllSomeOne” KilllSomeOne PlugX |
2020-10-28 ⋅ SophosLabs Uncut ⋅ Hacks for sale: inside the Buer Loader malware-as-a-service Buer Ryuk Zloader |
2020-06-09 ⋅ Sophos Labs ⋅ Kingminer escalates attack complexity for cryptomining Kingminer |
2020-06-01 ⋅ Sophos Labs ⋅ THE INCREASINGLY COMPLEX KINGMINER BOTNET Kingminer |
2020-05-27 ⋅ SophosLabs ⋅ Netwalker ransomware tools give insight into threat actor Mailto |
2019-12-18 ⋅ Sophos ⋅ MyKings: The slow but steady growth of a relentless botnet MyKings Spreader |
2016-07 ⋅ Virus Bulletin ⋅ New Keylogger on the Block KeyBase |
2014-06-27 ⋅ SophosLabs ⋅ PlugX - The Next Generation PlugX |