Click here to download all references as Bib-File.
2023-03-09 ⋅ Sophos ⋅ A border-hopping PlugX USB worm takes its act on the road PlugX |
2023-02-06 ⋅ Sophos ⋅ Qakbot mechanizes distribution of malicious OneNote notebooks QakBot |
2022-11-30 ⋅ Sophos ⋅ LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling LockBit |
2022-11-03 ⋅ Sophos ⋅ Family Tree: DLL-Sideloading Cases May Be Related DARKDEW MISTCLOAK |
2022-10-04 ⋅ Sophos ⋅ Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse BlackByte |
2022-08-18 ⋅ Sophos ⋅ Cookie stealing: the new perimeter bypass Cobalt Strike Meterpreter MimiKatz Phoenix Keylogger Quasar RAT |
2022-07-14 ⋅ Sophos ⋅ BlackCat ransomware attacks not merely a byproduct of bad luck BlackCat BlackCat |
2022-07-14 ⋅ Sophos ⋅ Rapid Response: The Ngrok Incident Guide |
2022-06-16 ⋅ SophosLabs Uncut ⋅ Confluence exploits used to drop ransomware on vulnerable servers Cerber |
2022-06-15 ⋅ Volexity ⋅ DriftingCloud: Zero-Day Sophos Firewall Exploitation and an Insidious Breach pupy Sliver |
2022-05-04 ⋅ Sophos ⋅ Attacking Emotet’s Control Flow Flattening Emotet |
2022-04-12 ⋅ Sophos ⋅ Attackers linger on government agency computers before deploying Lockbit ransomware LockBit |
2022-03-17 ⋅ Sophos ⋅ The Ransomware Threat Intelligence Center ATOMSILO Avaddon AvosLocker BlackKingdom Ransomware BlackMatter Conti Cring DarkSide dearcry Dharma Egregor Entropy Epsilon Red Gandcrab Karma LockBit LockFile Mailto Maze Nefilim RagnarLocker Ragnarok REvil RobinHood Ryuk SamSam Snatch WannaCryptor WastedLocker |
2022-02-28 ⋅ Sophos ⋅ Conti and Karma actors attack healthcare provider at same time through ProxyShell exploits Conti Karma |
2022-02-23 ⋅ Sophos ⋅ Dridex bots deliver Entropy ransomware in recent attacks Entropy |
2022-02-23 ⋅ SophosLabs Uncut ⋅ Dridex bots deliver Entropy ransomware in recent attacks Cobalt Strike Dridex Entropy |
2022-02-22 ⋅ Sophos ⋅ Cyberthreats during Russian-Ukrainian tensions: what can we learn from history to be prepared? Conti |
2022-02-15 ⋅ Sophos ⋅ Vulnerable Exchange server hit by Squirrelwaffle and financial fraud Squirrelwaffle |
2022-02-01 ⋅ Sophos ⋅ SolarMarker campaign used novel registry changes to establish persistence solarmarker |
2022-01-25 ⋅ Sophos ⋅ Windows services lay the groundwork for a Midas ransomware attack Midas |