Skip to Content
Get started
Open search
Focus Scroll Background

ProxyLogon

RSS
shells-snails-sepia-markings-lines-snail-1610167-pxhere.com

Threat Research

active adversary

Active Adversary Report

cve-2021-31207

cve-2021-34473

cve-2021-34523

featured

ProxyLogon

ProxyShell

Security Operations

Sophos X-Ops

Web shells

Active Adversary Playbook 2022 Insights: Web Shells

June 22, 2022

sophos-news-banner-4-may-01 (1)

Security Operations

Threat Research

active adversary

Active Adversary Report

Artifacts

Attack Tools

cobalt strike

Cryptomining

cyberattacks

cyberthreats

dwell time

Exploit

featured

initial access broker

malware delivery system

MITRE

ProxyLogon

ProxyShell

Ransomware

ransomware as a service

Sophos Rapid Response

vulnerability

The Active Adversary Playbook 2022

June 7, 2022

Squirrelwaffle-1200x628px

Security Operations

email security

Exchange vulnerability

featured

fraud

malspam

ProxyLogon

ProxyShell

Squirrelwaffle

Vulnerable Exchange server hit by Squirrelwaffle and financial fraud

February 15, 2022

Sophos-News-RR Incident Guide – banner-1200x628px

Security Operations

featured

malware

MTR

ProxyLogon

ProxyShell

Rapid Response

Sophos XDR

Squirrelwaffle

Rapid Response: The Squirrelwaffle Incident Guide

February 15, 2022

Pygmy Hippopotamus, photo by William Warby (https://www.flickr.com/photos/wwarby/19446821910)

SophosLabs Uncut

Threat Research

featured

LockFile

metasploit

NTLM

PetitPotam

ProxyLogon

Ransomware

How PetitPotam hijacks the Windows API, and what you can do about it

August 25, 2021

Epsilon Red as he appeared in comic books

SophosLabs Uncut

Threat Research

Epsilon Red

EpsilonRed

Exchange

Powershell

ProxyLogon

Ransomware

WMI

A new ransomware enters the fray: Epsilon Red

May 28, 2021

lemon-duck-exchange

SophosLabs Uncut

Threat Research

China Chopper

cobalt strike

Cryptomining

CVE-2020-14882

Exchange

Lemon Duck

Oracle WebLogic Server

ProxyLogon

Web-Shell

New Lemon Duck variants exploiting Microsoft Exchange Server

May 7, 2021

bitcoin in slot

SophosLabs Uncut

Threat Research

ADRecon

Chisel

cobalt strike

Exchange

mimikatz

MTR

ProxyLogon

Ransomware

RDP

Remote Utilities

Intervention halts a ProxyLogon-enabled attack

May 5, 2021

cryptoapi

SophosLabs Uncut

Threat Research

cryptojacking

Exchange

Monero

Outlook

OWA

ProxyLogon

QuickCPU miner

xmr-stak

Compromised Exchange server hosting cryptojacker targeting other Exchange servers

April 13, 2021