The U.S. President releases a statement that Russia's cyber focus may be shifting towards cyber-offensive action against Western organizations and infrastructure
The Russian war against Ukraine began on February 24, 2022. This article tracks some of the related cyberattack developments as they unfold. The article is updated regularly and the most recent update was on April 19
A collection of Sophos threat research articles and security operations reports related to new or prevalent ransomware groups from 2018 to the present. The content will be updated as new research is published
The leak of Conti ransomware's internal chat logs revealed the attackers tried to buy security software so they could figure out how to bypass it and avoid detection
This article looks back across more than 15 years of Russian conflict-related cyber activity. It is complemented by an ongoing review of cyberattack developments associated with the 2022 Russia-Ukraine war
While Squirrelwaffle leveraged Exchange to spread malspam through hijacked email threads, one thread was spirited away by attackers to trick the target into a money transfer
Squirrelwaffle is a malicious dropper or loader used to deliver other malware onto target systems. This guide shows Security Operations Centers (SOCs) and Incident Response Teams how to detect and respond to the presence of Squirrelwaffle on the network