Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2025-01-25SophosAnthony Bradshaw, Colin Cowie, Daniel Souter, Hunter Neal, Mark Parsons, Sean Baird, Sean Gallagher
Sophos MDR tracks two ransomware campaigns using “email bombing,” Microsoft Teams “vishing”
ReedBed STAC5143 UNC4393
2024-11-06SophosAsha Castle, Hikaru Koike, Sean Gallagher, Trang Tang
Bengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaign
GootLoader
2022-08-18SophosSean Gallagher
Cookie stealing: the new perimeter bypass
Cobalt Strike Meterpreter MimiKatz Phoenix Keylogger Quasar RAT
2022-02-28SophosSean Gallagher
Conti and Karma actors attack healthcare provider at same time through ProxyShell exploits
Conti Karma
2022-02-01SophosGabor Szappanos, Sean Gallagher
SolarMarker campaign used novel registry changes to establish persistence
solarmarker
2021-12-20SophosSean Gallagher
Logjam: Log4j exploit attempts continue in globally distributed scans, attacks
2021-12-17SophosHardik Shah, Sean Gallagher
Inside the code: How the Log4Shell exploit works
2021-12-12SophosSean Gallagher
Log4Shell Hell: anatomy of an exploit outbreak
2021-11-18SophosLabs UncutSean Gallagher
New ransomware actor uses password protected archives to bypass encryption protection
2021-11-18SophosElida Leite, Ferenc László Nagy, Gabor Szappanos, Harinder Bhathal, Kyle Link, Nirav Parekh, Rahul Dugar, Ratul Ghosh, Robert Weiland, Sean Gallagher, Sergio Bestuilic, Vikas Singh
New ransomware actor uses password-protected archives to bypass encryption protection
2021-10-24SophosSean Gallagher
Node poisoning: hijacked package delivers coin miner and credential-stealing backdoor
DanaBot Monero Miner
2021-10-04SophosChaitanya Ghorpade, Kajal Katiyar, Krisztián Diriczi, Rahil Shah, Sean Gallagher, Vikas Singh
Atom Silo ransomware actors use Confluence exploit, DLL side-load for stealthy attack
ATOMSILO Cobalt Strike
2021-09-23SophosSean Gallagher
Phishing and malware actors abuse Google Forms for credentials, data exfiltration
2021-09-03SophosAnand Ajjan, Andrew Ludgate, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Sergio Bestulic, Syed Zaidi
Conti affiliates use ProxyShell Exchange exploit in ransomware attacks
Cobalt Strike Conti
2021-09-01SophosAnand Ajjan, Andrew Brandt, Sean Gallagher, Yusuf Polat
Fake pirated software sites serve up malware droppers as a service
Raccoon
2021-08-03SophosSean Gallagher, Yusuf Arslan Polat
Trash Panda as a Service: Raccoon Stealer steals cookies, cryptocoins, and more
Raccoon
2021-07-22SophosAndrew Brandt, Sean Gallagher
Malware increasingly targets Discord for abuse
2021-07-04SophosAnand Ajjan, Mark Loman, Sean Gallagher
Independence Day: REvil uses supply chain exploit to attack hundreds of businesses
REvil
2021-06-02SophosSean Gallagher
AMSI bypasses remain tricks of the malware trade
Agent Tesla Cobalt Strike Meterpreter
2021-05-11SophosFerenc László Nagy, Gabor Szappanos, Mark Loman, Peter Mackenzie, Sean Gallagher, Suriya Natarajan, Szabolcs Lévai, Yusuf Arslan Polat
A defender’s view inside a DarkSide ransomware attack
DarkSide