LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and toolingReverse-engineering reveals close similarities to BlackMatter ransomware, with some improvements#sophos#EN#2022#LockBit3.0#BlackMatter#Reverse-engineering·news.sophos.com·Nov 30, 2022LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling
Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys AbuseA fresh exploration of the malware uncovers a new tactic for bypassing security products by abusing a known driver vulnerability#sophos#EN#2022#BlackByte#Ransomware#Disables#EDR#RTCore64.sys·news.sophos.com·Oct 5, 2022Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse
Telerik UI exploitation leads to cryptominer, Cobalt Strike infectionsAttacker targets bugs in a popular web application graphical interface development tool.#sophos#2022#EN#research#POWERSHELL#TELERIK#XMRIG#CVE-2017-11357#CVE-2019-18935#CVE-2017-11317#cobaltstrike#cryptomaining·news.sophos.com·Jun 17, 2022Telerik UI exploitation leads to cryptominer, Cobalt Strike infections
Sophos patches critical remote code execution vulnerability in FirewallSophos Firewall is a network protection solution for the enterprise market.#Sophos#EN#2022#Firewall#critical#RCE#zdnet#CVE-2022-1040·zdnet.com·Mar 28, 2022Sophos patches critical remote code execution vulnerability in Firewall
LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and toolingReverse-engineering reveals close similarities to BlackMatter ransomware, with some improvements#sophos#EN#2022#LockBit3.0#BlackMatter#Reverse-engineering·news.sophos.com·Nov 30, 2022LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling
Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys AbuseA fresh exploration of the malware uncovers a new tactic for bypassing security products by abusing a known driver vulnerability#sophos#EN#2022#BlackByte#Ransomware#Disables#EDR#RTCore64.sys·news.sophos.com·Oct 5, 2022Remove All The Callbacks – BlackByte Ransomware Disables EDR Via RTCore64.sys Abuse
Telerik UI exploitation leads to cryptominer, Cobalt Strike infectionsAttacker targets bugs in a popular web application graphical interface development tool.#sophos#2022#EN#research#POWERSHELL#TELERIK#XMRIG#CVE-2017-11357#CVE-2019-18935#CVE-2017-11317#cobaltstrike#cryptomaining·news.sophos.com·Jun 17, 2022Telerik UI exploitation leads to cryptominer, Cobalt Strike infections
Sophos patches critical remote code execution vulnerability in FirewallSophos Firewall is a network protection solution for the enterprise market.#Sophos#EN#2022#Firewall#critical#RCE#zdnet#CVE-2022-1040·zdnet.com·Mar 28, 2022Sophos patches critical remote code execution vulnerability in Firewall
Telerik UI exploitation leads to cryptominer, Cobalt Strike infectionsAttacker targets bugs in a popular web application graphical interface development tool.#sophos#2022#EN#research#POWERSHELL#TELERIK#XMRIG#CVE-2017-11357#CVE-2019-18935#CVE-2017-11317#cobaltstrike#cryptomaining·news.sophos.com·Jun 17, 2022Telerik UI exploitation leads to cryptominer, Cobalt Strike infections
Sophos patches critical remote code execution vulnerability in FirewallSophos Firewall is a network protection solution for the enterprise market.#Sophos#EN#2022#Firewall#critical#RCE#zdnet#CVE-2022-1040·zdnet.com·Mar 28, 2022Sophos patches critical remote code execution vulnerability in Firewall
