Skip to Content
Get started
Open search
Focus Scroll Background

Active Adversary Report

RSS
It takes two: The 2025 Sophos Active Adversary Report

Security Operations

Threat Research

active adversary

Active Adversary Report

Compromised Credentials

detection

dwell time

Featured

impact

incident response

LOLBIN

MFA

Monitoring

RDP

Remote Ransomware

root cause

It takes two: The 2025 Sophos Active Adversary Report

April 2, 2025

Active Adversary Report

Security Operations

Threat Research

active adversary

Active Adversary Report

featured

incident response

IR

LoLBINs

MDR

RDP

The Bite from Inside: The Sophos Active Adversary Report

December 12, 2024

lightbulbs in combat

Security Operations

Threat Research

active adversary

Active Adversary Report

featured

incident response

RDP

Sophos X-Ops

RD Web Access abuse: Fighting back

June 12, 2024

hourglass on laptop

Threat Research

active adversary

Active Adversary Report

Case Study

featured

incident response

RDP

Sophos X-Ops

It’s Oh So Quiet (?): The Sophos Active Adversary Report for 1H 2024

April 3, 2024

Remote Desktop Protocol: The Series

Security Operations

Threat Research

active adversary

Active Adversary Report

featured

incident response

Incident response tools

MDR

RDP

Sophos X-Ops

Remote Desktop Protocol: The Series

March 20, 2024

The song remains the same: The 2023 Active Adversary Report for Security Practitioners

Threat Research

active adversary

Active Adversary Report

dwell time

featured

incident response

LoLBINs

MDR

practitioners

tools

The song remains the same: The 2023 Active Adversary Report for Security Practitioners

November 14, 2023

Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders

Threat Research

active adversary

Active Adversary Report

Active Directory

attribution

detection

dwell time

featured

incident response

MFA

MTR

RDP

Sophos X-Ops

Time keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech Leaders

August 23, 2023

Everything Everywhere All At Once: The 2023 Active Adversary Report for Business Leaders

Threat Research

active adversary

Active Adversary Report

CoinMiner

Conti

data breach

exfiltration

extortion

featured

incident response

loader

Lockbit

Ransomware

Sophos X-Ops

Web shells

Everything Everywhere All At Once: The 2023 Active Adversary Report for Business Leaders

April 25, 2023

insect-gb507ec2e8_1920

Security Operations

Threat Research

Active Adversary Report

BlackCat

Conti

cryptominers

cybercrime forums

featured

Hive

IABs

Karakurt

Lockbit

Ransomware

Sophos X-Ops

Multiple attackers increase pressure on victims, complicate incident response

August 9, 2022