May 28, 2021

A new ransomware enters the fray: Epsilon Red

A bare-bones ransomware offloads most of its functionality to a cache of PowerShell scripts

SophosLabs UncutThreat Research

May 07, 2021

New Lemon Duck variants exploiting Microsoft Exchange Server

SophosLabs UncutThreat Research

May 05, 2021

Intervention halts a ProxyLogon-enabled attack

A late charge by a cavalry of reinforcements prevented the attackers from causing greater harm

SophosLabs UncutThreat Research

April 13, 2021

Compromised Exchange server hosting cryptojacker targeting other Exchange servers

An ouroboros of malicious cryptominers takes advantage of the ProxyLogon exploit

SophosLabs UncutThreat Research

March 23, 2021

Black Kingdom ransomware begins appearing on Exchange servers

A novel, if not particularly well made, ransomware is spreading to Exchange servers that haven't been patched against the ProxyLogon exploit

SophosLabs UncutThreat Research

March 09, 2021

SophosLabs Offensive Security releases post-exploitation tool for Exchange

A new tool demonstrates how attackers might take advantage of a set of built-in PowerShell scripts

SophosLabs UncutThreat Research

March 09, 2021

Critical updates dominate March, 2021 Patch Tuesday releases

Fixes urgently required for DNS and Exchange servers, as well as for all desktop Windows machines

SophosLabs UncutThreat Research