Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-05-06Sophos LabsTilly Travers, Bill Kearney, Kyle Link, Peter Mackenzie, Matthew Sharf
@online{travers:20210506:mtr:1f2feb4, author = {Tilly Travers and Bill Kearney and Kyle Link and Peter Mackenzie and Matthew Sharf}, title = {{MTR in Real Time: Pirates pave way for Ryuk ransomware}}, date = {2021-05-06}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2021/05/06/mtr-in-real-time-pirates-pave-way-for-ryuk-ransomware/}, language = {English}, urldate = {2021-05-13} } MTR in Real Time: Pirates pave way for Ryuk ransomware
Ryuk
2021-03-15Sophos LabsMark Loman
@online{loman:20210315:dearcry:a7ac407, author = {Mark Loman}, title = {{DearCry ransomware attacks exploit Exchange server vulnerabilities}}, date = {2021-03-15}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2021/03/15/dearcry-ransomware-attacks-exploit-exchange-server-vulnerabilities/}, language = {English}, urldate = {2021-04-16} } DearCry ransomware attacks exploit Exchange server vulnerabilities
dearcry WannaCryptor
2021-03-01Sophos LabsGabor Szappanos, Andrew Brandt
@online{szappanos:20210301:gootloader:815834d, author = {Gabor Szappanos and Andrew Brandt}, title = {{“Gootloader” expands its payload delivery options}}, date = {2021-03-01}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2021/03/01/gootloader-expands-its-payload-delivery-options/?cmp=30728}, language = {English}, urldate = {2021-03-02} } “Gootloader” expands its payload delivery options
GootKit
2021-01-21Sophos LabsGabor Szappanos, Andrew Brandt
@online{szappanos:20210121:mrbminer:1c5f2ab, author = {Gabor Szappanos and Andrew Brandt}, title = {{MrbMiner: Cryptojacking to bypass international sanctions}}, date = {2021-01-21}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2021/01/21/mrbminer-cryptojacking-to-bypass-international-sanctions/}, language = {English}, urldate = {2021-01-25} } MrbMiner: Cryptojacking to bypass international sanctions
2020-07-29Sophos LabsAndrew Brandt
@online{brandt:20200729:emotets:cb1de9b, author = {Andrew Brandt}, title = {{Emotet’s return is the canary in the coal mine}}, date = {2020-07-29}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2020/07/28/emotets-return-is-the-canary-in-the-coal-mine/?cmp=30728}, language = {English}, urldate = {2020-07-30} } Emotet’s return is the canary in the coal mine
Emotet
2020-07-27Sophos LabsSean Gallagher
@online{gallagher:20200727:prolock:4992cfc, author = {Sean Gallagher}, title = {{ProLock ransomware gives you the first 8 kilobytes of decryption for free}}, date = {2020-07-27}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2020/07/27/prolock-ransomware-gives-you-the-first-8-kilobytes-of-decryption-for-free/}, language = {English}, urldate = {2020-07-30} } ProLock ransomware gives you the first 8 kilobytes of decryption for free
PwndLocker
2020-06-24Sophos LabsAndrew Brandt
@online{brandt:20200624:glupteba:fc4095d, author = {Andrew Brandt}, title = {{Glupteba malware hides in plain sight}}, date = {2020-06-24}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2020/06/24/glupteba-report/?cmp=30728}, language = {English}, urldate = {2020-06-24} } Glupteba malware hides in plain sight
Glupteba
2020-06-09Sophos LabsGabor Szappanos, Vikas Singh
@online{szappanos:20200609:kingminer:0efadc6, author = {Gabor Szappanos and Vikas Singh}, title = {{Kingminer escalates attack complexity for cryptomining}}, date = {2020-06-09}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2020/06/09/kingminer-report/}, language = {English}, urldate = {2020-06-10} } Kingminer escalates attack complexity for cryptomining
2020-06-01Sophos LabsGabor Szappanos, Vikas Singh
@techreport{szappanos:20200601:increasingly:2606314, author = {Gabor Szappanos and Vikas Singh}, title = {{THE INCREASINGLY COMPLEX KINGMINER BOTNET}}, date = {2020-06-01}, institution = {Sophos Labs}, url = {https://www.sophos.com/en-us/medialibrary/PDFs/technical-papers/sophos-labs-kingminer-botnet-report.pdf}, language = {English}, urldate = {2021-04-09} } THE INCREASINGLY COMPLEX KINGMINER BOTNET
Kingminer
2020-04-24Sophos LabsAlbert Zsigovits
@online{zsigovits:20200424:lockbit:8ebe6f8, author = {Albert Zsigovits}, title = {{LockBit ransomware borrows tricks to keep up with REvil and Maze}}, date = {2020-04-24}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2020/04/24/lockbit-ransomware-borrows-tricks-to-keep-up-with-revil-and-maze/}, language = {English}, urldate = {2020-05-14} } LockBit ransomware borrows tricks to keep up with REvil and Maze
LockBit
2020-02-24Sophos LabsSergei Shevchenko
@techreport{shevchenko:20200224:cloud:eea1f10, author = {Sergei Shevchenko}, title = {{Cloud Snooper attack bypasses firewall security measures}}, date = {2020-02-24}, institution = {Sophos Labs}, url = {https://news.sophos.com/wp-content/uploads/2020/02/CloudSnooper_report.pdf}, language = {English}, urldate = {2020-02-27} } Cloud Snooper attack bypasses firewall security measures
Cloud Snooper
2020-02-18Sophos LabsLuca Nagy
@online{nagy:20200218:nearly:8ff363f, author = {Luca Nagy}, title = {{Nearly a quarter of malware now communicates using TLS}}, date = {2020-02-18}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2020/02/18/nearly-a-quarter-of-malware-now-communicates-using-tls/}, language = {English}, urldate = {2020-02-27} } Nearly a quarter of malware now communicates using TLS
Dridex IcedID TrickBot
2020-02-02Sophos LabsSean Gallagher, Markel Picado
@online{gallagher:20200202:agent:81dd245, author = {Sean Gallagher and Markel Picado}, title = {{Agent Tesla amps up information stealing attacks}}, date = {2020-02-02}, organization = {Sophos Labs}, url = {https://news.sophos.com/en-us/2021/02/02/agent-tesla-amps-up-information-stealing-attacks/}, language = {English}, urldate = {2021-02-04} } Agent Tesla amps up information stealing attacks
Agent Tesla
2009-04-01Sophos LabsNiall Fitzgibbon, Mike Wood
@techreport{fitzgibbon:20090401:confickerc:bb043d2, author = {Niall Fitzgibbon and Mike Wood}, title = {{Conficker.C A Technical Analysis}}, date = {2009-04-01}, institution = {Sophos Labs}, url = {https://www.sophos.com/fr-fr/medialibrary/PDFs/marketing%20material/confickeranalysis.pdf}, language = {English}, urldate = {2019-12-17} } Conficker.C A Technical Analysis