How PetitPotam hijacks the Windows API, and what you can do about it
The PetitPotam attack method is rapidly gaining attention from security researchers and threat actors
View ArticleLockFile ransomware’s box of tricks: intermittent encryption and evasion
A new ransomware family leveraging the ProxyShell attack uses intermittent encryption of files in an attempt to defeat detection by anti-ransomware tools.
View ArticleAtom Silo ransomware actors use Confluence exploit, DLL side-load for...
A new ransomware operator uses stealthy techniques, but borrows heavily from other players.
View ArticleThe Ransomware Threat Intelligence Center
A collection of Sophos threat research articles and security operations reports related to new or prevalent ransomware groups from 2018 to the present. The content will be updated as new research is...
View Article