Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-08-18SophosSean Gallagher
Cookie stealing: the new perimeter bypass
Cobalt Strike Meterpreter MimiKatz Phoenix Keylogger Quasar RAT
2022-02-28SophosSean Gallagher
Conti and Karma actors attack healthcare provider at same time through ProxyShell exploits
Conti Karma
2022-02-01SophosGabor Szappanos, Sean Gallagher
SolarMarker campaign used novel registry changes to establish persistence
solarmarker
2021-12-20SophosSean Gallagher
Logjam: Log4j exploit attempts continue in globally distributed scans, attacks
2021-12-17SophosHardik Shah, Sean Gallagher
Inside the code: How the Log4Shell exploit works
2021-12-12SophosSean Gallagher
Log4Shell Hell: anatomy of an exploit outbreak
2021-11-18SophosLabs UncutSean Gallagher
New ransomware actor uses password protected archives to bypass encryption protection
2021-11-18SophosElida Leite, Ferenc László Nagy, Gabor Szappanos, Harinder Bhathal, Kyle Link, Nirav Parekh, Rahul Dugar, Ratul Ghosh, Robert Weiland, Sean Gallagher, Sergio Bestuilic, Vikas Singh
New ransomware actor uses password-protected archives to bypass encryption protection
2021-10-24SophosSean Gallagher
Node poisoning: hijacked package delivers coin miner and credential-stealing backdoor
DanaBot Monero Miner
2021-10-04SophosChaitanya Ghorpade, Kajal Katiyar, Krisztián Diriczi, Rahil Shah, Sean Gallagher, Vikas Singh
Atom Silo ransomware actors use Confluence exploit, DLL side-load for stealthy attack
ATOMSILO Cobalt Strike
2021-09-23SophosSean Gallagher
Phishing and malware actors abuse Google Forms for credentials, data exfiltration
2021-09-03SophosAnand Ajjan, Andrew Ludgate, Gabor Szappanos, Peter Mackenzie, Sean Gallagher, Sergio Bestulic, Syed Zaidi
Conti affiliates use ProxyShell Exchange exploit in ransomware attacks
Cobalt Strike Conti
2021-09-01SophosAnand Ajjan, Andrew Brandt, Sean Gallagher, Yusuf Polat
Fake pirated software sites serve up malware droppers as a service
Raccoon
2021-08-03SophosSean Gallagher, Yusuf Arslan Polat
Trash Panda as a Service: Raccoon Stealer steals cookies, cryptocoins, and more
Raccoon
2021-07-22SophosAndrew Brandt, Sean Gallagher
Malware increasingly targets Discord for abuse
2021-07-04SophosAnand Ajjan, Mark Loman, Sean Gallagher
Independence Day: REvil uses supply chain exploit to attack hundreds of businesses
REvil
2021-06-02SophosSean Gallagher
AMSI bypasses remain tricks of the malware trade
Agent Tesla Cobalt Strike Meterpreter
2021-05-11SophosFerenc László Nagy, Gabor Szappanos, Mark Loman, Peter Mackenzie, Sean Gallagher, Suriya Natarajan, Szabolcs Lévai, Yusuf Arslan Polat
A defender’s view inside a DarkSide ransomware attack
DarkSide
2021-04-21SophosLabs UncutAnand Aijan, Andrew Brandt, Markel Picado, Michael Wood, Sean Gallagher, Sivagnanam Gn, Suriya Natarajan
Nearly half of malware now use TLS to conceal communications
Agent Tesla Cobalt Strike Dridex SystemBC
2020-12-16SophosLabs UncutSean Gallagher, Sivagnanam Gn
Ransomware operators use SystemBC RAT as off-the-shelf Tor backdoor
SystemBC