Click here to download all references as Bib-File.
2023-05-09 ⋅ Sophos ⋅ Akira Ransomware is “bringin’ 1988 back” Akira |
2023-04-21 ⋅ Sophos ⋅ IcedID: Defrosting a Recent Campaign Illustrating evolving tactics and shared infrastructure IcedID PhotoLoader |
2023-04-19 ⋅ Sophos ⋅ ‘AuKill’ EDR killer malware abuses Process Explorer driver AuKill |
2023-03-09 ⋅ Sophos ⋅ A border-hopping PlugX USB worm takes its act on the road PlugX |
2023-02-06 ⋅ Sophos ⋅ Qakbot mechanizes distribution of malicious OneNote notebooks QakBot |
2022-12-13 ⋅ Sophos ⋅ Signed driver malware moves up the software trust chain KillAV |
2022-11-30 ⋅ Sophos ⋅ LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling LockBit |
2022-11-03 ⋅ Sophos ⋅ Family Tree: DLL-Sideloading Cases May Be Related DARKDEW MISTCLOAK |
2022-10-04 ⋅ Sophos ⋅ Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse BlackByte |
2022-08-18 ⋅ Sophos ⋅ Cookie stealing: the new perimeter bypass Cobalt Strike Meterpreter MimiKatz Phoenix Keylogger Quasar RAT |
2022-07-20 ⋅ Sophos ⋅ OODA: X-Ops Takes On Burgeoning SQL Server Attacks Maoloa Remcos TargetCompany |
2022-07-14 ⋅ Sophos ⋅ BlackCat ransomware attacks not merely a byproduct of bad luck BlackCat BlackCat |
2022-07-14 ⋅ Sophos ⋅ Rapid Response: The Ngrok Incident Guide |
2022-06-16 ⋅ SophosLabs Uncut ⋅ Confluence exploits used to drop ransomware on vulnerable servers Cerber |
2022-06-15 ⋅ Volexity ⋅ DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach pupy Sliver |
2022-05-04 ⋅ Sophos ⋅ Attacking Emotet’s Control Flow Flattening Emotet |
2022-04-12 ⋅ Sophos ⋅ Attackers linger on government agency computers before deploying Lockbit ransomware LockBit |
2022-03-17 ⋅ Sophos ⋅ The Ransomware Threat Intelligence Center ATOMSILO Avaddon AvosLocker BlackKingdom Ransomware BlackMatter Conti Cring DarkSide dearcry Dharma Egregor Entropy Epsilon Red Gandcrab Karma LockBit LockFile Mailto Maze Nefilim RagnarLocker Ragnarok REvil RobinHood Ryuk SamSam Snatch WannaCryptor WastedLocker |
2022-02-28 ⋅ Sophos ⋅ Conti and Karma actors attack healthcare provider at same time through ProxyShell exploits Conti Karma |
2022-02-23 ⋅ SophosLabs Uncut ⋅ Dridex bots deliver Entropy ransomware in recent attacks Cobalt Strike Dridex Entropy |