Powershell

RSS

Closeup side view of a coyote hunting in grassland

Threat Research

Brazil

coyote

featured

infostealer

Powershell

selenium

worm

WhatsApp Worm Targets Brazilian Banking Customers

An aerial view of a confluence of two rivers

Security Operations

Threat Research

atlassian

Cerber

confluence

CryptoGuard

cve-2022-26134

featured

Intercept X

Powershell

Ransomware

Sophos Managed Threat Response (MTR)

Tomcat

webshell

Confluence exploits used to drop ransomware on vulnerable servers

Security Operations

Threat Research

cobalt strike

Cryptomining

cve-2017-11317

cve-2017-11357

cve-2019-18935

Featured

Powershell

Sophos X-Ops

SophosLabs Uncut

telerik

XMRig

Telerik UI exploitation leads to cryptominer, Cobalt Strike infections

Security Operations

4104

forensics

Powershell

Threat Research

Reconstructing PowerShell scripts from multiple Windows event logs

Threat Research

AnyDesk

DISM

DismCore.dll

Midas

network

Powershell

Ransomware

Rapid Response

TeamViewer

Windows services lay the groundwork for a Midas ransomware attack

Epsilon Red as he appeared in comic books

SophosLabs Uncut

Threat Research

Epsilon Red

EpsilonRed

Exchange

Powershell

ProxyLogon

Ransomware

WMI

A new ransomware enters the fray: Epsilon Red

stormtrooper_lego_egg_hatch_hatched_begin_beginning_birth-629593

SophosLabs Uncut

Attack Tools

Defense evasion

LockBit Ransomware

Malicious Google documents

Powershell

Powershell Empire

LockBit uses automated attack tools to identify tasty targets

Products & Services

Coldlock

fileless

Intercept X

Powershell

Ransomware

Stop ColdLock ransomware with Intercept X

SophosLabs Uncut

Threat Research

cobalt strike

Empire

evasion

hercules

hydra thc

kali

koadic

metasploit

nishang

Phantom

Powershell

shelter

thefatrat

veilevasion

How I learned to stop worrying and love ‘grey hat’ tools