May 28, 2021 A new ransomware enters the fray: Epsilon Red A bare-bones ransomware offloads most of its functionality to a cache of PowerShell scripts SophosLabs UncutThreat Research
May 07, 2021 New Lemon Duck variants exploiting Microsoft Exchange Server SophosLabs UncutThreat Research
May 05, 2021 Intervention halts a ProxyLogon-enabled attack A late charge by a cavalry of reinforcements prevented the attackers from causing greater harm SophosLabs UncutThreat Research
April 13, 2021 Compromised Exchange server hosting cryptojacker targeting other Exchange servers An ouroboros of malicious cryptominers takes advantage of the ProxyLogon exploit SophosLabs UncutThreat Research
March 23, 2021 Black Kingdom ransomware begins appearing on Exchange servers A novel, if not particularly well made, ransomware is spreading to Exchange servers that haven't been patched against the ProxyLogon exploit SophosLabs UncutThreat Research
March 09, 2021 SophosLabs Offensive Security releases post-exploitation tool for Exchange A new tool demonstrates how attackers might take advantage of a set of built-in PowerShell scripts SophosLabs UncutThreat Research
March 09, 2021 Critical updates dominate March, 2021 Patch Tuesday releases Fixes urgently required for DNS and Exchange servers, as well as for all desktop Windows machines SophosLabs UncutThreat Research