Dridex bots deliver Entropy ransomware in recent attacks
Credit to Author: Andrew Brandt| Date: Wed, 23 Feb 2022 11:30:07 +0000
Some code used in the ransomware bear a resemblance to code used in Dridex malware, hinting at a common origin
Read morethreat research
Log4Shell: How the Attackers’ Faces Have Changed Over Time
Credit to Author: Chester Wisniewski| Date: Wed, 02 Feb 2022 09:34:16 +0000
Following an article on January 24, 2022 of Log4Shell scanning and attack detections since the bug was reported, Sophos addresses reader questions about who’s behind it all
Read moreSolarMarker campaign used novel registry changes to establish persistence
Credit to Author: Gabor Szappanos| Date: Tue, 01 Feb 2022 13:00:30 +0000
Inserting custom file handling rules for a randomly-created file extension and a .LNK in Windows’ startup folder, malware installer created a stealthy persistence mechanism for backdoor.
Read moreWindows services lay the groundwork for a Midas ransomware attack
Credit to Author: Andrew Brandt| Date: Tue, 25 Jan 2022 12:30:13 +0000
Attackers took two months to craft and install PowerShell scripts as services before deploying the ransomware
Read moreLog4Shell: No Mass Abuse, But No Respite, What Happened?
Credit to Author: Chester Wisniewski| Date: Mon, 24 Jan 2022 17:52:07 +0000
Sophos reviews the scanning and attack detections for Log4Shell to see what’s really going on
Read more