Colin is a Threat Intelligence Analyst for the Sophos Managed Detection and Response (MDR) team, focusing on threat actor identification, incident response and working alongside detection engineers to address emerging threats. In past roles he worked in the financial sector performing internal and external penetration testing.
Another adversary picks up the email bombing / vishing Storm-1811 playbook, doing thorough reconnaissance to target specific employees with fake help desk call—this time, over the phone.
Sophos MDR identifies a new threat cluster riffing on the playbook of Storm-1811, and amped-up activity from the original connected to Black Basta ransomware.