August 23, 2022 Bitcoin ATMs leeched by attackers who created fake admin accounts The criminals didn't implant any malware. The attack was orchestrated via malevolent configuration changes. Naked Security
June 12, 2024 RD Web Access abuse: Fighting back Investigation insights and recommendations from a recent welter of incident-response cases Security OperationsThreat Research
July 18, 2021 Hindsight #2: Block public facing Remote Desktop Protocol (RDP) Hindsight security: things breach victims wish they had done Products & Services
February 23, 2024 ConnectWise ScreenConnect attacks deliver malware Multiple attacks exploit vulnerabilities in an IT remote access tool to deliver a variety of different payloads into business environments Threat Research
October 01, 2022 S3 Ep102.5: “ProxyNotShell” Exchange bugs – an expert speaks [Audio + Text] Who's affected, what you can do while waiting for Microsoft's patches, and how to plan your threat hunting... Naked Security
April 17, 2024 ‘Junk gun’ ransomware: Peashooters can still pack a punch A Sophos X-Ops investigation finds that a wave of crude, cheap ransomware could spell trouble for small businesses and individuals – but also provide insights into threat actor career development and the wider threat landscape Threat Research
June 11, 2021 Relentless REvil, revealed: RaaS as variable as the criminals who use it No two criminal groups deploy the ransomware-as-a-service, also known as Sodinokibi, in exactly the same way SophosLabs UncutThreat Research