Active Adversary Playbook
August 10, 2022
After gaining access via RDP, all three threat actors encrypted files, in an investigation complicated by event log clearing and backups. 3 attackers, 2 weeks – 1 entry point.
August 09, 2022
Sophos’ latest Active Adversary report explores the issue of organizations being hit multiple times by attackers
June 22, 2022
Public proofs-of-concept of web shell exploits coincide with major spikes in attacks.
June 07, 2022
Our latest report shows that the most pleasant way to learn from Rapid Response mayhem is to read about how it worked out for someone else