Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-12-16SophosLabs UncutSean Gallagher, Sivagnanam Gn
@online{gallagher:20201216:ransomware:0b0fdf2, author = {Sean Gallagher and Sivagnanam Gn}, title = {{Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor}}, date = {2020-12-16}, organization = {SophosLabs Uncut}, url = {https://news.sophos.com/en-us/2020/12/16/systembc/}, language = {English}, urldate = {2020-12-17} } Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor
SystemBC
2020-12-08SophosSean Gallagher, Anand Aijan, Gabor Szappanos, Syed Shahram, Bill Kearney, Mark Loman, Peter Mackenzie, Sergio Bestulic
@online{gallagher:20201208:egregor:fe48cfd, author = {Sean Gallagher and Anand Aijan and Gabor Szappanos and Syed Shahram and Bill Kearney and Mark Loman and Peter Mackenzie and Sergio Bestulic}, title = {{Egregor ransomware: Maze’s heir apparent}}, date = {2020-12-08}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2020/12/08/egregor-ransomware-mazes-heir-apparent/}, language = {English}, urldate = {2020-12-08} } Egregor ransomware: Maze’s heir apparent
Egregor Maze
2020-10-28SophosLabs UncutSean Gallagher, Peter Mackenzie, Elida Leite, Syed Shahram, Bill Kearny, Anand Ajjan, Brett Cove, Gabor Szappanos
@online{gallagher:20201028:hacks:8e1d051, author = {Sean Gallagher and Peter Mackenzie and Elida Leite and Syed Shahram and Bill Kearny and Anand Ajjan and Brett Cove and Gabor Szappanos}, title = {{Hacks for sale: inside the Buer Loader malware-as-a-service}}, date = {2020-10-28}, organization = {SophosLabs Uncut}, url = {https://news.sophos.com/en-us/2020/10/28/hacks-for-sale-inside-the-buer-loader-malware-as-a-service/}, language = {English}, urldate = {2020-11-02} } Hacks for sale: inside the Buer Loader malware-as-a-service
Buer Ryuk Zloader
2020-10-21SophosLabs UncutSean Gallagher
@online{gallagher:20201021:lockbit:13c4faa, author = {Sean Gallagher}, title = {{LockBit uses automated attack tools to identify tasty targets}}, date = {2020-10-21}, organization = {SophosLabs Uncut}, url = {https://news.sophos.com/en-us/2020/10/21/lockbit-attackers-uses-automated-attack-tools-to-identify-tasty-targets}, language = {English}, urldate = {2020-10-23} } LockBit uses automated attack tools to identify tasty targets
LockBit
2020-10-14SophosSean Gallagher
@online{gallagher:20201014:theyre:99f5d1e, author = {Sean Gallagher}, title = {{They’re back: inside a new Ryuk ransomware attack}}, date = {2020-10-14}, organization = {Sophos}, url = {https://news.sophos.com/en-us/2020/10/14/inside-a-new-ryuk-ransomware-attack/}, language = {English}, urldate = {2020-10-16} } They’re back: inside a new Ryuk ransomware attack
Cobalt Strike Ryuk SystemBC
2020-07-27Sophos LabsSean Gallagher
@online{gallagher:20200727:prolock:4992cfc, author = {Sean Gallagher}, title = {{ProLock ransomware gives you the first 8 kilobytes of decryption for free}}, date = {2020-07-27}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2020/07/27/prolock-ransomware-gives-you-the-first-8-kilobytes-of-decryption-for-free/}, language = {English}, urldate = {2020-07-30} } ProLock ransomware gives you the first 8 kilobytes of decryption for free
PwndLocker
2020-07-14SophosLabs UncutMarkel Picado, Sean Gallagher
@online{picado:20200714:raticate:85d260a, author = {Markel Picado and Sean Gallagher}, title = {{RATicate upgrades “RATs as a Service” attacks with commercial “crypter”}}, date = {2020-07-14}, organization = {SophosLabs Uncut}, url = {https://news.sophos.com/en-us/2020/07/14/raticate-rats-as-service-with-commercial-crypter/?cmp=30728}, language = {English}, urldate = {2020-07-15} } RATicate upgrades “RATs as a Service” attacks with commercial “crypter”
LokiBot BetaBot CloudEyE NetWire RC
2019-05-08Ars TechnicaSean Gallagher
@online{gallagher:20190508:robbinhood:a7fdd3f, author = {Sean Gallagher}, title = {{“RobbinHood” ransomware takes down Baltimore City government networks}}, date = {2019-05-08}, organization = {Ars Technica}, url = {https://arstechnica.com/information-technology/2019/05/baltimore-city-government-hit-by-robbinhood-ransomware/}, language = {English}, urldate = {2019-12-18} } “RobbinHood” ransomware takes down Baltimore City government networks
RobinHood
2017-04-21Ars TechnicaSean Gallagher
@online{gallagher:20170421:researchers:f1ea70c, author = {Sean Gallagher}, title = {{Researchers claim China trying to hack South Korea missile defense efforts}}, date = {2017-04-21}, organization = {Ars Technica}, url = {https://arstechnica.com/information-technology/2017/04/researchers-claim-china-trying-to-hack-south-korea-missile-defense-efforts/}, language = {English}, urldate = {2020-01-08} } Researchers claim China trying to hack South Korea missile defense efforts
Tonto Team
2015-08-05Ars TechnicaSean Gallagher
@online{gallagher:20150805:newly:dc763a1, author = {Sean Gallagher}, title = {{Newly discovered Chinese hacking group hacked 100+ websites to use as “watering holes”}}, date = {2015-08-05}, organization = {Ars Technica}, url = {https://arstechnica.com/information-technology/2015/08/newly-discovered-chinese-hacking-group-hacked-100-websites-to-use-as-watering-holes/}, language = {English}, urldate = {2020-01-06} } Newly discovered Chinese hacking group hacked 100+ websites to use as “watering holes”
LuckyMouse